www.expensebrain.ch Open in urlscan Pro
2a01:4f8:c010:305::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://travexis.ch/
Effective URL:
https://www.expensebrain.ch/
Submission: On November 08 via api (November 8th 2023, 3:16:21 am UTC) from NL — Scanned from CH

Summary HTTP 50 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 50 HTTP transactions. The main IP is 2a01:4f8:c010:305::1, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.expensebrain.ch.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time www.expensebrain.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:4f8:c2c:... 2a01:4f8:c2c:abf5::1	24940 (HETZNER-AS) (HETZNER-AS)
29	2a01:4f8:c010... 2a01:4f8:c010:305::1	24940 (HETZNER-AS) (HETZNER-AS)
7	2a01:4f8:241:... 2a01:4f8:241:422b::2	24940 (HETZNER-AS) (HETZNER-AS)
2	172.65.255.172 172.65.255.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:29af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	8

1 2a01:4f8:c2c:abf5::1 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

travexis.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a01:4f8:c010:305::1 (Germany)

ASN24940 (HETZNER-AS, DE)

www.expensebrain.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a01:4f8:241:422b::2 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)

www.byteanalytics.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29af (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	expensebrain.ch www.expensebrain.ch	311 KB
7	byteanalytics.de www.byteanalytics.de	26 KB
5	gstatic.com fonts.gstatic.com	234 KB
3	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 30105 forms.hsforms.com — Cisco Umbrella Rank: 4294	7 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	hsforms.net js-eu1.hsforms.net — Cisco Umbrella Rank: 59896	357 KB
1	calendly.com assets.calendly.com — Cisco Umbrella Rank: 12522	19 KB
1	travexis.ch 1 redirects travexis.ch	217 B
50	8

	Domain	Requested by
29	www.expensebrain.ch	www.expensebrain.ch
7	www.byteanalytics.de	www.expensebrain.ch www.byteanalytics.de
5	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.expensebrain.ch js-eu1.hsforms.net
2	forms-eu1.hsforms.com	js-eu1.hsforms.net
2	js-eu1.hsforms.net	www.expensebrain.ch js-eu1.hsforms.net
1	forms.hsforms.com
1	assets.calendly.com	www.expensebrain.ch
1	travexis.ch	1 redirects
50	9

This site contains links to these domains. Also see Links.

Domain
www.expensebrain.de
www.expensebrain.at
fr.expensebrain.com
www.facebook.com
www.linkedin.com
www.travelbrain.ch
www.exensebrain.de
www.google.com
www.priobyte.de

Subject Issuer	Validity	Valid
expensebrain.ch R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
byteanalytics.de R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.expensebrain.ch/
Frame ID: 38C426E9C11891639A24624740766448
Requests: 42 HTTP requests in this frame

Frame: https://js-eu1.hsforms.net/forms/shell.js
Frame ID: A0FCE0016B6B6784E097BA7E3593834B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Management Consulting | Reisekosten vereinfachen

Page URL History Show full URLs

http://travexis.ch/ HTTP 301
https://www.expensebrain.ch/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

957 kB
Transfer

2552 kB
Size

3
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.expensebrain.de/hallo
Title: Kontakt aufnehmen

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.expensebrain.at/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://fr.expensebrain.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/termine
Title: Jetzt kostenloses Erstgespräch Buchen!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/expenseBrain/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/expensebrain

Search URL Search Domain Scan URL

URL: https://www.travelbrain.ch/

Search URL Search Domain Scan URL

URL: https://www.exensebrain.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.exensebrain.de//impressum
Title: Kontakt/ Impressum

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/travel-management/consulting
Title: Beratung für Geschäftsreisen in der Schweiz

Search URL Search Domain Scan URL

URL: https://www.expensebrain.de/travel-management/projekte-leiten
Title: Projektleitung

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Robert-Bosch-Stra%C3%9Fe+29A,+88131+Lindau+(Bodensee)/@47.5502318,9.7268764,18.75z/data=!4m5!3m4!1s0x479b0c536e6c67df:0xd67815088731a97c!8m2!3d47.5502039!4d9.7274304
Title: Robert-Bosch-Str. 29a, DE-88131 Lindau

Search URL Search Domain Scan URL

URL: https://www.priobyte.de/
Title: Priobyte

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://travexis.ch/ HTTP 301
https://www.expensebrain.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.expensebrain.ch/
Redirect Chain

http://travexis.ch/
https://www.expensebrain.ch/

25 KB
6 KB

236ms
69ms

Document
text/html

2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.30 PleskLin
Resource Hash: 6973b595a6029a9cbf9c08771097193d654374aff0ae2330cacf3a184c1e2e91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 6293
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 03:16:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Host,Accept-Encoding
x-powered-by: PHP/7.4.30 PleskLin

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 03:14:40 GMT
location: https://www.expensebrain.ch
server: nginx
transfer-encoding: chunked
x-redirect-server: cs2

GET
H2 200 bootstrap.min.css
www.expensebrain.ch/assets/vendor/bootstrap/css/ 157 KB
24 KB 78ms
77ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "27288-5b96780233418-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 23916

GET
H2 200 style.css
www.expensebrain.ch/assets/vendor/icomoon/ 1 KB
760 B 69ms
68ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/icomoon/style.css
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6163e44f0af49c4f99c972085abc1dcfdd9b2a40090ebe2d1e37c516bcb01c27

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "5a0-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 536

GET
H2 200 style.css
www.expensebrain.ch/assets/css/ 134 KB
22 KB 127ms
126ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/css/style.css
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 530f8d6eea5bc88e42d1432bee189181772fc31410fb0a08d5ce304362b53763

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 11:56:39 GMT
server: nginx
etag: "217f3-5f8a999edb152-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 21958

GET
H2 200 responsive.css
www.expensebrain.ch/assets/css/ 12 KB
3 KB 74ms
73ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/css/responsive.css
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ff3333500ce0691b3b568fd66583c3929f49f245f0221e16452d5bdacd188700

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 10:48:08 GMT
server: nginx
etag: "31c5-5f92157ef0883-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2772

GET
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel/ 84 KB
25 KB 216ms
90ms Script
application/javascript 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: 2401f7f8a169f6e296be2a872382b9bee0e9a4dbeb6915ca7a40f0c22fa304fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 08 Nov 2023 03:16:15 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 25517
Expires: Wed, 08 Nov 2023 03:21:15 GMT

GET
H2 200 logo.png
www.expensebrain.ch/assets/images/ 12 KB
12 KB 124ms
124ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/logo.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7714662e7fa92b789924348e30318ad552f55305497a168e5dd3b6ebb2c9802a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2fd2-5b9678021fb98"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12242

GET
H2 200 expenseBrain-logo-white-sm.png
www.expensebrain.ch/assets/images/ 2 KB
2 KB 124ms
123ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/expenseBrain-logo-white-sm.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8082c93c2ab7d89fd1120d8b42bb7473810571cb9542e871adf09aefdb3f2d53

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "6f5-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1781

GET
H2 200 CH.png
www.expensebrain.ch/assets/images/flags/ 979 B
1 KB 110ms
107ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/flags/CH.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d11d792c13eb6cca65439e18747c2a8359a458e5eb6794d5828cb05ec9eb7bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "3d3-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 979

GET
H2 200 DE.png
www.expensebrain.ch/assets/images/flags/ 1 KB
1 KB 111ms
107ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/flags/DE.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e2b2d2dd82707474a827676a7366b734096986be26106868e89d719aaddaee55

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "46c-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1132

GET
H2 200 AT.png
www.expensebrain.ch/assets/images/flags/ 924 B
1 KB 111ms
108ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/flags/AT.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8827e719947791707a9dc8c0e79017454e3f0359e665082c2bb532a2332f673e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "39c-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 924

GET
H2 200 FR.png
www.expensebrain.ch/assets/images/flags/ 1 KB
1 KB 156ms
155ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/flags/FR.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 024747f20c8dd0556fd3b607e88fb90fd1f358b33a905fdd2b39244cf9706c5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "40e-5b9678021ebf8"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1038

GET
H2 200 Facebook-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
www.expensebrain.ch/assets/images/resource/ 3 KB
3 KB 205ms
203ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/resource/Facebook-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2edb5899671718181fa4ed5a89cb7f9673413be9d4914c7501914e545681248b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "b3b-5b96780227898"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2875

GET
H2 200 LinkedIn-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
www.expensebrain.ch/assets/images/resource/ 767 B
959 B 157ms
156ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/resource/LinkedIn-Mitglied-expenseBrain-Travel-Management-Consulting-80px.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4e63b80b66524f1d238387b942c423b57ba64265649a683726a2bd1da0f060cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2ff-5b96780227898"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 767

GET
H2 200 shell.js Show response
js-eu1.hsforms.net/forms/ 559 KB
179 KB 102ms
28ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/shell.js

Requested by

Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923507893dc19bd682559e0527ec3cbcfc43ee3f35d477a5245d28b968b15a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
age: 274
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4105/bundles/project-v2.js&cfRay=822aa14b0fe10e3f-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"f489985dc025c6c71a5ff4abfa3b9572"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4105/bundles/project-v2.js
date: Wed, 08 Nov 2023 03:16:15 GMT
x-amz-version-id: 9Xf7quUckBOIB6lSBNzdB47T3uG9K7AA
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
x-hubspot-correlation-id: 27818ba0-8ed9-4654-b06e-2d1afdc60f00
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 27818ba0-8ed9-4654-b06e-2d1afdc60f00
last-modified: Tue, 07 Nov 2023 10:35:11 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNq7gnlY%2Byjuz8QHCb7prphuc0EoYHRXYHmCLEkDf%2BNtjizAwTwM4jzDmkVKCODdkTnBy3QI8RG2loVlDSbaDbkZ5bnPk2XddC6yR%2B9u47qwXnuh%2Bk2R4DBC5ASvgXCAN%2BL3sg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: EXPIRED
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-6bf864b4cf-hj5kb
cf-ray: 822aa7fc08ab3745-MXP
x-amz-cf-id: _7NKZWB6kqN02987otbmYvDigVcfR9YGQt-1OHiQSjt2QKDt0FZU2w==

GET
H2 200 travelBrain-logo.png
www.expensebrain.ch/assets/images/resource/ 25 KB
25 KB 156ms
155ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/resource/travelBrain-logo.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ab345c7be9a65d104579f133aba138c529e458dd3553c59bb9919657f564496f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "62bc-5b9678022f598"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 25276

GET
H2 200 cookie.png
www.expensebrain.ch/assets/images/ 11 KB
11 KB 158ms
157ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/cookie.png
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d052108f2596eb754bb9d86cea0b24d9bb0ac75ead4aaa82fdaa03f005f6aef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2a59-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10841

GET
H2 200 jquery-3.5.1.min.js Show response
www.expensebrain.ch/assets/vendor/jquery/ 87 KB
30 KB 207ms
204ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/jquery/jquery-3.5.1.min.js
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "15d84-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 30910

GET
H2 200 popper.min.js Show response
www.expensebrain.ch/assets/vendor/popper/ 35 KB
8 KB 157ms
154ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/popper/popper.min.js
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 10ea15b472f21ff5adae126bbdb582df5eb76e06cd603780b8b0810599b93e4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "8cb0-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 8406

GET
H2 200 bootstrap.min.js Show response
www.expensebrain.ch/assets/vendor/bootstrap/js/ 62 KB
15 KB 158ms
156ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "f708-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 14924

GET
H2 200 tarteaucitron.js Show response
www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/ 87 KB
16 KB 159ms
157ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2e0b2244bb15d3a235592844ea1e5853cc59942bb84717025416fd852fbf382c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "15ccf-5b967802362f8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 16422

GET
H2 200 tarteaucitron.services.js Show response
www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/ 113 KB
19 KB 205ms
203ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.services.js
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d4bbdc5a237f828520b7cc7d79f6264ba3e61a104ec69453313b30233a72aca9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "1c237-5b967802362f8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 18734

GET
H2 200 script.js Show response
www.expensebrain.ch/assets/js/ 17 KB
4 KB 205ms
204ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/js/script.js
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c4faa3761d2d361248c313ee4220f11f3367c34ab9214aa4b47c0e06cf725d39

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "4468-5b967802314d8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3657

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 53 KB
19 KB 139ms
99ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 22:34:55 GMT
cf-bgj: minify
server: cloudflare
age: 102
etag: W/"3be18f0a18cf9980a421cf1577f639f4"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 822aa7fbc94a01f4-ZRH
expires: Thu, 09 Nov 2023 03:16:15 GMT

GET
H2 200 tarteaucitron.css
www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/ 22 KB
4 KB 73ms
73ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/tarteaucitron.css
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4c77a09f661ac100152c1547f5570da8ff2686be64da784b517b7f6d17bc8ba1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "58a8-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3855

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 84ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Requested by

Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb14959b30b76820df27eddae54d89807523ad15627db1677cfc3918a5e554c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 01:42:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 03:16:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
750 B 84ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800

Requested by

Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

793b46a7598a1cee594981b0ac78248b375fa8daf069007ba84231874a1368fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 03:02:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 03:16:15 GMT

GET
H2 200 preloader.gif
www.expensebrain.ch/assets/images/icons/ 15 KB
15 KB 60ms
60ms Image
image/gif 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/icons/preloader.gif
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5ae50e2ee27e6923e8e17de6ffad3c8d5c6e349ae37450fce236d1110ca5bfa2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "3c69-5b9678021fb98"
x-powered-by: PleskLin
vary: Host
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 15465

GET
H2 200 travel-2025.jpg
www.expensebrain.ch/assets/images/2025/ 47 KB
47 KB 59ms
59ms Image
image/jpeg 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/2025/travel-2025.jpg
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d75923aa67e89afd596d187840a5a1fcf0d3588cde15d266a9b1ba5f1219da0d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "bbab-5b96780218e37"
x-powered-by: PleskLin
vary: Host
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 48043

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 95ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expensebrain.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:14 GMT
x-content-type-options: nosniff
age: 464281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:14 GMT

GET
H2 200 icomoon.ttf
www.expensebrain.ch/assets/vendor/icomoon/fonts/ 3 KB
3 KB 65ms
65ms Font
application/font-sfnt 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/icomoon/fonts/icomoon.ttf?t5861u
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/vendor/icomoon/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4f7abe85480ae5c96b56b38f85bdebedc9ce5ddc23b2075c3a3d291a383eaaae

Request headers

Referer: https://www.expensebrain.ch/assets/vendor/icomoon/style.css
Origin: https://www.expensebrain.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "b50-5b96780235358"
x-powered-by: PleskLin
vary: Host
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 2896

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 72ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expensebrain.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:06:34 GMT
x-content-type-options: nosniff
age: 464981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:06:34 GMT

GET
H/1.1 200
OK json Show response
forms-eu1.hsforms.com/embed/v3/form/25277577/144c13b4-3899-428f-9249-6297b3ef6e5a/ 17 KB
5 KB 152ms
68ms XHR
application/json 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hsforms.com/embed/v3/form/25277577/144c13b4-3899-428f-9249-6297b3ef6e5a/json?hs_static_app=forms-embed&hs_static_app_version=1.4105&X-HubSpot-Static-App-Info=forms-embed-1.4105

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/shell.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994082a2957e9cf14501b9ecc5c534292800f522064134db3b10e0223df64f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.expensebrain.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Origin-Hublet: eu1
Date: Wed, 08 Nov 2023 03:16:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: ca9a0452-6494-4608-b5a0-876c9d686ee6
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 17
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca9a0452-6494-4608-b5a0-876c9d686ee6
Server: cloudflare
X-Trace: 2BB4EF67E04EC169857C719853E919EADD87F9827F000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.expensebrain.ch
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 822aa7fdfd1fbaac-MXP
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-66c656f4c9-dcslg

POST
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel-track/ 0
325 B 92ms
92ms Fetch
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Requested by: Host: www.byteanalytics.de
URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.expensebrain.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 08 Nov 2023 03:16:15 GMT
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

OPTIONS
H/1.1 200
OK vQvQRz8UVHKHpuZU
www.byteanalytics.de/pixel-track/ Frame 0
0 161ms
65ms Preflight
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.expensebrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Nov 2023 03:16:15 GMT
Server: nginx
X-Powered-By: PHP/7.4.33 PleskLin

GET
H2 200 tarteaucitron.css
www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/ 22 KB
4 KB 69ms
68ms Stylesheet
text/css 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/css/tarteaucitron.css?v=20201017
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4c77a09f661ac100152c1547f5570da8ff2686be64da784b517b7f6d17bc8ba1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "58a8-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3855

GET
H2 200 tarteaucitron.en.js Show response
www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/lang/ 3 KB
1 KB 68ms
68ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/lang/tarteaucitron.en.js?v=20201017
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 990f5bd07f324ccc9f35de789055d0820ed45d43e02007814b4fd7bcf35ffedf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "c6f-5b96780235358-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
content-language: en
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1245

GET
H2 200 shell.js Show response
js-eu1.hsforms.net/forms/ Frame A0FC 559 KB
178 KB 26ms
25ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/shell.js

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923507893dc19bd682559e0527ec3cbcfc43ee3f35d477a5245d28b968b15a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
age: 274
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4105/bundles/project-v2.js&cfRay=822aa14b0fe10e3f-MXP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"f489985dc025c6c71a5ff4abfa3b9572"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4105/bundles/project-v2.js
date: Wed, 08 Nov 2023 03:16:15 GMT
x-amz-version-id: 9Xf7quUckBOIB6lSBNzdB47T3uG9K7AA
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
x-hubspot-correlation-id: 27818ba0-8ed9-4654-b06e-2d1afdc60f00
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 27818ba0-8ed9-4654-b06e-2d1afdc60f00
last-modified: Tue, 07 Nov 2023 10:35:11 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK1q3wrFBwmWc7s4%2BF6LTk5OC32QJAawZcYTS1P6MnLVV1%2FP4zGhBi0LEmJg%2F%2F1peAG8xPgXz9HXayJ1aar8mjww3fcHY5ZxXjMWH4mEd3ikQC09IGLh42c2%2BOwG4VDw0h1PPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: EXPIRED
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-6bf864b4cf-hj5kb
cf-ray: 822aa7fe898a3745-MXP
x-amz-cf-id: _7NKZWB6kqN02987otbmYvDigVcfR9YGQt-1OHiQSjt2QKDt0FZU2w==

GET
H2 200 tarteaucitron.services.js Show response
www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/ 113 KB
19 KB 68ms
68ms Script
application/javascript 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.services.js?v=20201017
Requested by: Host: www.expensebrain.ch
URL: https://www.expensebrain.ch/assets/vendor/tarteaucitron.js-1.8.3/tarteaucitron.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d4bbdc5a237f828520b7cc7d79f6264ba3e61a104ec69453313b30233a72aca9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "1c237-5b967802362f8-gzip"
x-powered-by: PleskLin
vary: Host,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 18734

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1015 B 196ms
154ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 03:16:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 15d4b491-340a-4ba7-8cfe-8042f05228ae
x-envoy-upstream-service-time: 9
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 15d4b491-340a-4ba7-8cfe-8042f05228ae
Server: cloudflare
X-Trace: 2BE4B90EEBE9507300E770FA43F40FD2D6F6EC1143000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-dm5dh
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 822aa7ff6b9624c0-ZRH

GET
H2 200 css2
fonts.googleapis.com/ Frame A0FC 9 KB
835 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11e6fae06d0217c05d734fc3d4d19ec026ec79acf434c759262ed4ceb5ae7814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 03:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 01:57:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 03:16:15 GMT

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1016 B 91ms
48ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 03:16:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 80bc0e60-2851-4915-a610-68ea3e901bcd
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 80bc0e60-2851-4915-a610-68ea3e901bcd
Server: cloudflare
X-Trace: 2BE3EB0FD5EB6F474623C3E88F029DAA31ACFE4EAE000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-66c656f4c9-vxsbm
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 822aa7ffacd7baa3-MXP

GET
H2 200 cookie.png
www.expensebrain.ch/assets/images/ 11 KB
11 KB 62ms
61ms Image
image/png 2a01:4f8:c010:305::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.expensebrain.ch/assets/images/cookie.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c010:305::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d052108f2596eb754bb9d86cea0b24d9bb0ac75ead4aaa82fdaa03f005f6aef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.expensebrain.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:16:15 GMT
last-modified: Thu, 21 Jan 2021 11:37:46 GMT
server: nginx
etag: "2a59-5b9678021dc58"
x-powered-by: PleskLin
vary: Host
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10841

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame A0FC 47 KB
47 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expensebrain.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 464396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:16:19 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame A0FC 47 KB
47 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expensebrain.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 464396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:16:19 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame A0FC 47 KB
47 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.expensebrain.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 464396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:16:19 GMT

POST
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel-track/ 0
325 B 85ms
85ms Fetch
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Requested by: Host: www.byteanalytics.de
URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.expensebrain.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 08 Nov 2023 03:16:16 GMT
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

OPTIONS
H/1.1 200
OK vQvQRz8UVHKHpuZU
www.byteanalytics.de/pixel-track/ Frame 0
0 65ms
65ms Preflight
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.expensebrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Nov 2023 03:16:15 GMT
Server: nginx
X-Powered-By: PHP/7.4.33 PleskLin

OPTIONS
H/1.1 200
OK vQvQRz8UVHKHpuZU
www.byteanalytics.de/pixel-track/ Frame 0
0 65ms
65ms Preflight
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.expensebrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Nov 2023 03:16:17 GMT
Server: nginx
X-Powered-By: PHP/7.4.33 PleskLin

POST
H/1.1 200
OK vQvQRz8UVHKHpuZU Show response
www.byteanalytics.de/pixel-track/ 0
325 B 350ms
148ms Fetch
text/html 2a01:4f8:241:422b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.byteanalytics.de/pixel-track/vQvQRz8UVHKHpuZU
Requested by: Host: www.byteanalytics.de
URL: https://www.byteanalytics.de/pixel/vQvQRz8UVHKHpuZU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:241:422b::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.expensebrain.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 08 Nov 2023 03:16:17 GMT
Server: nginx
X-Powered-By: PHP/7.4.33, PleskLin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.expensebrain.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: i8ak1v0qv05d5meutvidqtbu76
.calendly.com/	1970-01-20 16:03:35	Name: __cf_bm Value: lRMCwdsapMM.4GMDoS..SVYgk1GcVX0hG4yXfnAs1pQ-1699413375-0-AaCcczuV45MBDtrORucrMUHhhVWC6wmq6HXmfOUzKmV1F4uIf1723fwEbkPm0r6QpyjOQvGQXe3niuDIXULttho=
www.expensebrain.ch/	1970-01-21 00:49:09	Name: expenseBrain Value: !gtag=wait!youtube=wait

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.calendly.com
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hsforms.com
forms.hsforms.com
js-eu1.hsforms.net
travexis.ch
www.byteanalytics.de
www.expensebrain.ch
172.65.232.43
172.65.255.172
2606:4700:4400::6812:29af
2606:4700::6812:c07d
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a01:4f8:241:422b::2
2a01:4f8:c010:305::1
2a01:4f8:c2c:abf5::1
024747f20c8dd0556fd3b607e88fb90fd1f358b33a905fdd2b39244cf9706c5b
10ea15b472f21ff5adae126bbdb582df5eb76e06cd603780b8b0810599b93e4d
11e6fae06d0217c05d734fc3d4d19ec026ec79acf434c759262ed4ceb5ae7814
2401f7f8a169f6e296be2a872382b9bee0e9a4dbeb6915ca7a40f0c22fa304fd
2e0b2244bb15d3a235592844ea1e5853cc59942bb84717025416fd852fbf382c
2edb5899671718181fa4ed5a89cb7f9673413be9d4914c7501914e545681248b
3eb14959b30b76820df27eddae54d89807523ad15627db1677cfc3918a5e554c
3eb9b294b344cf47c2af14fafe8528fccc545cb25b9325802a3bd1b0696171b6
4c77a09f661ac100152c1547f5570da8ff2686be64da784b517b7f6d17bc8ba1
4d052108f2596eb754bb9d86cea0b24d9bb0ac75ead4aaa82fdaa03f005f6aef
4d11d792c13eb6cca65439e18747c2a8359a458e5eb6794d5828cb05ec9eb7bf
4e63b80b66524f1d238387b942c423b57ba64265649a683726a2bd1da0f060cc
4f7abe85480ae5c96b56b38f85bdebedc9ce5ddc23b2075c3a3d291a383eaaae
530f8d6eea5bc88e42d1432bee189181772fc31410fb0a08d5ce304362b53763
5ae50e2ee27e6923e8e17de6ffad3c8d5c6e349ae37450fce236d1110ca5bfa2
6163e44f0af49c4f99c972085abc1dcfdd9b2a40090ebe2d1e37c516bcb01c27
6973b595a6029a9cbf9c08771097193d654374aff0ae2330cacf3a184c1e2e91
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7714662e7fa92b789924348e30318ad552f55305497a168e5dd3b6ebb2c9802a
793b46a7598a1cee594981b0ac78248b375fa8daf069007ba84231874a1368fd
8082c93c2ab7d89fd1120d8b42bb7473810571cb9542e871adf09aefdb3f2d53
8827e719947791707a9dc8c0e79017454e3f0359e665082c2bb532a2332f673e
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
923507893dc19bd682559e0527ec3cbcfc43ee3f35d477a5245d28b968b15a5b
990f5bd07f324ccc9f35de789055d0820ed45d43e02007814b4fd7bcf35ffedf
994082a2957e9cf14501b9ecc5c534292800f522064134db3b10e0223df64f29
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
ab345c7be9a65d104579f133aba138c529e458dd3553c59bb9919657f564496f
c4faa3761d2d361248c313ee4220f11f3367c34ab9214aa4b47c0e06cf725d39
d4bbdc5a237f828520b7cc7d79f6264ba3e61a104ec69453313b30233a72aca9
d75923aa67e89afd596d187840a5a1fcf0d3588cde15d266a9b1ba5f1219da0d
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2b2d2dd82707474a827676a7366b734096986be26106868e89d719aaddaee55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff3333500ce0691b3b568fd66583c3929f49f245f0221e16452d5bdacd188700

www.expensebrain.ch Open in urlscan Pro 2a01:4f8:c010:305::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

78 %IPv6

8 Domains

9 Subdomains

8 IPs

2 Countries

957 kBTransfer

2552 kBSize

3 Cookies

14 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.expensebrain.ch Open in urlscan Pro
2a01:4f8:c010:305::1 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

957 kB
Transfer

2552 kB
Size

3
Cookies

50 HTTP transactions
0 data transactions