login.haufe-lexware.com Open in urlscan Pro
213.155.64.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.haufe.de/meinkonto
Effective URL:
https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fres...
Submission: On October 30 via manual (October 30th 2023, 8:31:18 am UTC) from IE — Scanned from DE

Summary HTTP 55 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 55 HTTP transactions. The main IP is 213.155.64.15, located in Munich, Germany and belongs to NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE. The main domain is login.haufe-lexware.com. The Cisco Umbrella rank of the primary domain is 628572.
TLS certificate: Issued by R3 on September 2nd 2023. Valid for: 3 months.

This is the only time login.haufe-lexware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.220.239.54 54.220.239.54	16509 (AMAZON-02) (AMAZON-02)
1 1	52.51.77.218 52.51.77.218	16509 (AMAZON-02) (AMAZON-02)
8	18.158.29.156 18.158.29.156	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	18.194.195.91 18.194.195.91	16509 (AMAZON-02) (AMAZON-02)
2 34	213.155.64.15 213.155.64.15	12337 (NORIS-NET...) (NORIS-NETWORK IT Service Provider located in Nuernberg)
3	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
55	7

1 54.220.239.54 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-239-54.eu-west-1.compute.amazonaws.com

www.haufe.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.77.218 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-77-218.eu-west-1.compute.amazonaws.com

www.haufe.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.158.29.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-29-156.eu-central-1.compute.amazonaws.com

myaccount.haufe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.195.91 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-195-91.eu-central-1.compute.amazonaws.com

ui-mf-user.sucasa.haufe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.sucasa.haufe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 213.155.64.15 (Munich, Germany) 2 redirects

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)
PTR: hgg-prod-haufe-fs.noris.de

login.haufe-lexware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	haufe-lexware.com 2 redirects login.haufe-lexware.com — Cisco Umbrella Rank: 628572	1 MB
8	haufe.com myaccount.haufe.com	3 MB
5	haufe.io 1 redirects ui-mf-user.sucasa.haufe.io api.sucasa.haufe.io	3 MB
3	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com Failed	82 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	17 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	33 KB
2	haufe.de 2 redirects www.haufe.de — Cisco Umbrella Rank: 250265	729 B
55	7

	Domain	Requested by
34	login.haufe-lexware.com	2 redirects myaccount.haufe.com login.haufe-lexware.com
8	myaccount.haufe.com	myaccount.haufe.com
4	ui-mf-user.sucasa.haufe.io	myaccount.haufe.com ui-mf-user.sucasa.haufe.io
3	www.paypal.com	ui-mf-user.sucasa.haufe.io www.paypal.com
3	cdnjs.cloudflare.com	myaccount.haufe.com client
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	www.haufe.de	2 redirects
1	api.sucasa.haufe.io	1 redirects
0	t.paypal.com Failed
55	9

This site contains links to these domains. Also see Links.

Domain
www.haufe.de

Subject Issuer	Validity	Valid
myaccount.haufe.com RapidSSL TLS RSA CA G1	`2023-05-30` - `2024-06-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.sucasa.haufe.io RapidSSL TLS RSA CA G1	`2023-05-30` - `2024-06-06`	a year	crt.sh
login.haufe-lexware.com R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh

This page contains 2 frames:

Primary Page: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
Frame ID: AC75F1B43AFEE354A582DC71B33FF43D
Requests: 53 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: CD2DA45ED7D0AD54A004DF35C4A3B9BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://www.haufe.de/meinkonto HTTP 301
https://www.haufe.de/meinkonto HTTP 301
https://myaccount.haufe.com/ Page URL
https://api.sucasa.haufe.io/auth/atlantic/api/account-data/authorize?client_id=2437bfda2af91f7532fc3959a... HTTP 302
https://login.haufe-lexware.com/auth/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fapi.suca... HTTP 302
https://login.haufe-lexware.com/auth/UI/Login?realm=/&goto=https://login.haufe-lexware.com/auth/oauth2/autho... HTTP 302
https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foaut... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

55
Requests

95 %
HTTPS

13 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

7743 kB
Transfer

8459 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haufe.de/impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: http://www.haufe.de/dataSecurity
Title: Datenschutz

Search URL Search Domain Scan URL

URL: http://www.haufe.de/agbShow?m=Waren
Title: AGB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.haufe.de/meinkonto HTTP 301
https://www.haufe.de/meinkonto HTTP 301
https://myaccount.haufe.com/ Page URL
https://api.sucasa.haufe.io/auth/atlantic/api/account-data/authorize?client_id=2437bfda2af91f7532fc3959a700fa0a2f8a3184&response_type=token&redirect_uri=https://myaccount.haufe.com/authenticated HTTP 302
https://login.haufe-lexware.com/auth/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback&scope=openid%20profile%20email&client_id=sucasa-production HTTP 302
https://login.haufe-lexware.com/auth/UI/Login?realm=/&goto=https://login.haufe-lexware.com/auth/oauth2/authorize?response_type%3Dcode%26redirect_uri%3Dhttps://api.sucasa.haufe.io/auth/atlantic/callback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production HTTP 302
https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.haufe.de/meinkonto HTTP 301
https://www.haufe.de/meinkonto HTTP 301
https://myaccount.haufe.com/

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
myaccount.haufe.com/
Redirect Chain

http://www.haufe.de/meinkonto
https://www.haufe.de/meinkonto
https://myaccount.haufe.com/

5 KB
2 KB

97ms
26ms

Document
text/html

18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.haufe.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-29-156.eu-central-1.compute.amazonaws.com

Software

nginx/1.25.0 /

Resource Hash

bd6591c05f03ae885f8adb2232bd6439666575f64d5733cb3a4ce93ab36f6713

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 30 Oct 2023 08:31:07 GMT
etag: W/"64818d77-12dd"
last-modified: Thu, 08 Jun 2023 08:12:39 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

access-control-allow-credentials: false
age: 0
cache-control: private
content-language: de
content-length: 0
date: Mon, 30 Oct 2023 08:31:07 GMT
location: https://myaccount.haufe.com/
server: Apache
strict-transport-security: max-age=31536000
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2.a1524b5d.chunk.css
myaccount.haufe.com/static/css/ 211 KB
27 KB 80ms
78ms Stylesheet
text/css 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.haufe.com/static/css/2.a1524b5d.chunk.css
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-29-156.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.0 /
Resource Hash: c27b99e981c088c60370485760264215f4fd8d478a6c7c45d4db9f23c2a6956a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Jun 2023 08:12:39 GMT
server: nginx/1.25.0
etag: W/"64818d77-34d16"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Mon, 30 Oct 2023 09:31:07 GMT

GET
H2 200 main.9d6d5f16.chunk.css
myaccount.haufe.com/static/css/ 30 KB
5 KB 79ms
77ms Stylesheet
text/css 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.haufe.com/static/css/main.9d6d5f16.chunk.css
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-29-156.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.0 /
Resource Hash: 6959caa34a41033c569d343b56b8609c8db53ecb2e81876d9a7d582610ecf50b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:07 GMT
content-encoding: gzip
last-modified: Thu, 08 Jun 2023 08:12:39 GMT
server: nginx/1.25.0
etag: W/"64818d77-7801"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Mon, 30 Oct 2023 09:31:07 GMT

GET
H2 200 purify.js Show response
cdnjs.cloudflare.com/ajax/libs/dompurify/1.0.10/ 43 KB
12 KB 85ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dompurify/1.0.10/purify.js

Requested by

Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30afbfa33407ae4db24f430f64011260d7c0ac83ef20cc6fb7179faa5278ad02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13625674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11128
last-modified: Mon, 04 May 2020 16:09:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3c-acee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUKiKVEgNDukgGCLtg2CUVELcm37yf3fM6v%2B%2FR7cTAE9ZK8Rgp1qQ58q9Mrsyy4Ka1rnZKOyx4ZyarcmPmbZMF1K8rQ174tlxJb0jeagYOgE1ugQnvu8QjOTAEZVLOFgRUa7a55uCdk7nshzSjG3rNnC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81e24cdb2da491ea-FRA
expires: Sat, 19 Oct 2024 08:31:08 GMT

GET
H2 200 config.js Show response
myaccount.haufe.com/ 2 KB
2 KB 26ms
25ms Script
application/javascript 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.haufe.com/config.js
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-29-156.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.0 /
Resource Hash: ceea6ab88e032812b6dce9708cb0bfabedde8125a6735eca2683ebe5518ae8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:07 GMT
last-modified: Tue, 03 Oct 2023 22:34:53 GMT
server: nginx/1.25.0
etag: "651c970d-76e"
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 1902
expires: Mon, 30 Oct 2023 09:31:07 GMT

GET
H2 200 2.ff17d4fb.chunk.js Show response
myaccount.haufe.com/static/js/ 3 MB
3 MB 51ms
50ms Script
application/javascript 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.haufe.com/static/js/2.ff17d4fb.chunk.js
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-29-156.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.0 /
Resource Hash: 648f520771df640bdd4accd1683f7d92a5376d9b0d6969d0707a764d82bee9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:07 GMT
last-modified: Thu, 08 Jun 2023 08:12:39 GMT
server: nginx/1.25.0
etag: "64818d77-2ca9ee"
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 2927086
expires: Mon, 30 Oct 2023 09:31:07 GMT

GET
H2 200 main.11f5a3a3.chunk.js Show response
myaccount.haufe.com/static/js/ 147 KB
147 KB 78ms
78ms Script
application/javascript 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.haufe.com/static/js/main.11f5a3a3.chunk.js
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-29-156.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.0 /
Resource Hash: f2b3ab59366b9aea69af6165f7dd620ab71492fab4e5b4c5a44add2af06efef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:07 GMT
last-modified: Thu, 08 Jun 2023 08:12:39 GMT
server: nginx/1.25.0
etag: "64818d77-24af3"
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 150259
expires: Mon, 30 Oct 2023 09:31:07 GMT

GET
H2 200 simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 13 KB
3 KB 30ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8756661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2195
last-modified: Thu, 22 Jun 2023 11:18:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942e1a-893"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3PS7igV6i%2F3hWF13e3FsZyBMPxmgeWV8HADSEDFXw%2Fym61aDbDQYQ4Ej9I5OfVs8LlMweznsOKHMnSdek6xI2184bK9MU%2FazN6vw1BezTJJaZq3NIWz9tb90l%2BZuGdpsUa%2FMn3pAV%2B3n5mlALg7eHDv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81e24cdd4fcc91ea-FRA
expires: Sat, 19 Oct 2024 08:31:08 GMT

GET
H2 200 asset-manifest.json Show response
ui-mf-user.sucasa.haufe.io/ 1 KB
543 B 109ms
30ms XHR
application/json 18.194.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui-mf-user.sucasa.haufe.io/asset-manifest.json
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/static/js/2.ff17d4fb.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.195.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-195-91.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.2 /
Resource Hash: 1bddebf9b5239a38e835c7f47c5d7f88f32323b4c218617f8e9eb9be6f75feb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://myaccount.haufe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 06:30:05 GMT
server: nginx/1.25.2
etag: W/"652e29ed-4f9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *

GET
H2 200 locale-date Show response
myaccount.haufe.com/ 34 B
256 B 30ms
29ms XHR
application/json 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.haufe.com/locale-date

Requested by

Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/static/js/2.ff17d4fb.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-29-156.eu-central-1.compute.amazonaws.com

Software

nginx/1.25.0 / Express

Resource Hash

7d49d28d1242aef3877b905ab04f7eb216e3d694f186223e108622eb8d87ec7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://myaccount.haufe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
content-encoding: gzip
server: nginx/1.25.0
x-powered-by: Express
etag: W/"22-1JDC8Wxqil2aD0eyFs6fadoWVpY"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8

GET
H2 200 feature-flags Show response
myaccount.haufe.com/ 435 B
418 B 85ms
84ms XHR
application/json 18.158.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.haufe.com/feature-flags

Requested by

Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/static/js/2.ff17d4fb.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.29.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-29-156.eu-central-1.compute.amazonaws.com

Software

nginx/1.25.0 / Express

Resource Hash

e25118543b0e73b89778f319c84ac24d4d47bf0be05d0609e142110099bb5160

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://myaccount.haufe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
content-encoding: gzip
server: nginx/1.25.0
x-powered-by: Express
etag: W/"1b3-o2GMBjJUWS6XWmB2ZBNnBDReuWk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04b15df99e8ad041c382ec3a76a9bda814f08fd9f2c94dbb1ec13637dc51912c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 main.08e6bb06.js Show response
ui-mf-user.sucasa.haufe.io/static/js/ 3 MB
3 MB 50ms
48ms Script
application/javascript 18.194.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui-mf-user.sucasa.haufe.io/static/js/main.08e6bb06.js
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/static/js/2.ff17d4fb.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.195.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-195-91.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.2 /
Resource Hash: 892bad8f9dabc29fd05e05089f236b4853c7df10859edfa6fffa9cb23a42aaea

Request headers

Referer: https://myaccount.haufe.com/
Origin: https://myaccount.haufe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
last-modified: Tue, 17 Oct 2023 06:30:05 GMT
server: nginx/1.25.2
etag: "652e29ed-3370c5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 3371205
expires: Mon, 30 Oct 2023 09:31:08 GMT

GET
H2 200 main.6a97a88c.css
ui-mf-user.sucasa.haufe.io/static/css/ 14 KB
3 KB 80ms
26ms Stylesheet
text/css 18.194.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui-mf-user.sucasa.haufe.io/static/css/main.6a97a88c.css
Requested by: Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/static/js/2.ff17d4fb.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.195.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-195-91.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.2 /
Resource Hash: 9132f3fef01189e60b0252acf1216c0cc0f1229885e48f80d13a206a16ad835f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:08 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 06:30:05 GMT
server: nginx/1.25.2
etag: W/"652e29ed-37d1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600, public
expires: Mon, 30 Oct 2023 09:31:08 GMT

GET
H3 200 simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 13 KB
3 KB 33ms
33ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1515687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2217
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrfbXw%2BCSU2fo90RYDmcmitMWvV2BsE8%2FtoeiDndF0ieOSynjRb3TpnGoa4b14ryRLCnXb27WVkh%2B%2BWp9zGtL3Z4%2BhK89QW2HSdaqRHF2u2nteE9cuRQtmBccPfyu%2BVLg1Y%2BUbxWn%2BiexVjgiorJIXD6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81e24ce13faa1e1c-FRA
expires: Sat, 19 Oct 2024 08:31:09 GMT

GET
H2 200 config.js
ui-mf-user.sucasa.haufe.io/ 1 KB
1 KB 29ms
29ms Script
application/javascript 18.194.195.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ui-mf-user.sucasa.haufe.io/config.js
Requested by: Host: ui-mf-user.sucasa.haufe.io
URL: https://ui-mf-user.sucasa.haufe.io/static/js/main.08e6bb06.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.195.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-195-91.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:09 GMT
last-modified: Tue, 17 Oct 2023 12:25:54 GMT
server: nginx/1.25.2
etag: "652e7d52-478"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 1144
expires: Mon, 30 Oct 2023 09:31:09 GMT

GET
H/1.1

200
OK

Primary Request / Show response
login.haufe-lexware.com/auth/XUI/
Redirect Chain

https://api.sucasa.haufe.io/auth/atlantic/api/account-data/authorize?client_id=2437bfda2af91f7532fc3959a700fa0a2f8a3184&response_type=token&redirect_uri=https://myaccount.haufe.com/authenticated
https://login.haufe-lexware.com/auth/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback&scope=openid%20profile%20email&client_id=sucasa-...
https://login.haufe-lexware.com/auth/UI/Login?realm=/&goto=https://login.haufe-lexware.com/auth/oauth2/authorize?response_type%3Dcode%26redirect_uri%3Dhttps://api.sucasa.haufe.io/auth/atlantic/call...
https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%...

1 KB
1 KB

74ms
73ms

Document
text/html

213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production

Requested by

Host: myaccount.haufe.com
URL: https://myaccount.haufe.com/static/js/main.11f5a3a3.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

81386e0368e7cf3feba66083b05e240e42cda1adde62eef01fd03003ff39acdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://myaccount.haufe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 30 Oct 2023 08:31:09 GMT
etag: W/"64469b07-5ca"
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
transfer-encoding: chunked
x-forgerock-transactionid: de3ec3b25c23d94315222966536d6d4b de3ec3b25c23d94315222966536d6d4b

Redirect headers

content-length: 656
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 08:31:09 GMT
location: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production#login
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept
x-forgerock-transactionid: 2c9fb404930c745e3f2b326f7bc9dd37
x-powered-by: Express

GET
H2 200 js
www.paypal.com/sdk/ 273 KB
77 KB 92ms
25ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AU7LwlrVK6K-cXfrX1s-vG07YclsS5az9hcpgSegb7Fd5UOpIr2Wt-2kZz5z4Fe1kfHARoptTpSbi38H&components=buttons&currency=EUR&commit=true&disable-funding=credit,card,bancontact,blik,eps,giropay,ideal,mybank,p24,sepa,sofort,venmo

Requested by

Host: ui-mf-user.sucasa.haufe.io
URL: https://ui-mf-user.sucasa.haufe.io/static/js/main.08e6bb06.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-FTNrF65BYTBPNrx2Yb5mah/JWgND1uAsuWvvXeViE30/xXwp' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-FTNrF65BYTBPNrx2Yb5mah/JWgND1uAsuWvvXeViE30/xXwp' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-FTNrF65BYTBPNrx2Yb5mah/JWgND1uAsuWvvXeViE30/xXwp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-FTNrF65BYTBPNrx2Yb5mah/JWgND1uAsuWvvXeViE30/xXwp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Oct 2023 08:31:09 GMT
age: 5740
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f492343049b47
server-timing: "traceparent;desc="00-0000000000000000000f492343049b47-37ad55329417b6f8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76668
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230048-FRA, cache-fra-eddf8230048-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f492343049b47-a7835285dae1a238-01
x-timer: S1698654669.276292,VS0,VE4
etag: W/"12b7c-1Ldevb1Shqudg/pmu3ii2i7LXLM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 pptm.js
www.paypal.com/tagmanager/ 14 KB
5 KB 26ms
26ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=myaccount.haufe.com&t=xo&v=5.0.406&source=payments_sdk&client_id=AU7LwlrVK6K-cXfrX1s-vG07YclsS5az9hcpgSegb7Fd5UOpIr2Wt-2kZz5z4Fe1kfHARoptTpSbi38H&comp=buttons&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU7LwlrVK6K-cXfrX1s-vG07YclsS5az9hcpgSegb7Fd5UOpIr2Wt-2kZz5z4Fe1kfHARoptTpSbi38H&components=buttons&currency=EUR&commit=true&disable-funding=credit,card,bancontact,blik,eps,giropay,ideal,mybank,p24,sepa,sofort,venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nJD13xfxb/LGNLXG4eqqM9ARnND3Rbphft6U5CiH3u1xBLoy' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nJD13xfxb/LGNLXG4eqqM9ARnND3Rbphft6U5CiH3u1xBLoy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 08:31:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 46933
x-cache: HIT, MISS
paypal-debug-id: f4852260f7eb7
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4792
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230048-FRA, cache-fra-eddf8230048-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f4852260f7eb7-e2d8d5a8c197bcb6-01
x-timer: S1698654669.346535,VS0,VE5
etag: W/"368d-dVYLep5irUxrAq9Ub+03CmyqQtE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 muse.js
www.paypalobjects.com/muse/ 55 KB
17 KB 130ms
52ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=myaccount.haufe.com&t=xo&v=5.0.406&source=payments_sdk&client_id=AU7LwlrVK6K-cXfrX1s-vG07YclsS5az9hcpgSegb7Fd5UOpIr2Wt-2kZz5z4Fe1kfHARoptTpSbi38H&comp=buttons&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.haufe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: d2dbb468780ca
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-0000000000000000000d2dbb468780ca-4e449d148110827f-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 09:31:09 GMT

GET ts
t.paypal.com/ 0
0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 235ms
190ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myaccount.haufe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://myaccount.haufe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 30 Oct 2023 08:31:09 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f3473836a9ae6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3473836a9ae6-5da6d10974e5788d-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230139-FRA, cache-fra-eddf8230139-FRA
x-timer: S1698654669.437246,VS0,VE168

POST logger
www.paypal.com/xoplatform/logger/api/ 0
0

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame CD2D 55 KB
17 KB 25ms
24ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.haufe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Mon, 30 Oct 2023 08:31:09 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Mon, 30 Oct 2023 09:31:09 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 8df61794d0d09
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000008df61794d0d09-04632a4660860706-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET noop.js
www.paypalobjects.com/muse/ Frame CD2D 0
0

GET
H/1.1 200
OK main.be18489634.js Show response
login.haufe-lexware.com/auth/XUI/ 832 KB
832 KB 72ms
72ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

2f4db696d860456299713f3332f4429dd291be99766b25df28f73af7276fd440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-cfec1"
content-type: application/javascript
x-forgerock-transactionid: 9b6b8a222c2b5ea18a167cb49bc3bf90, 9b6b8a222c2b5ea18a167cb49bc3bf90
accept-ranges: bytes
content-length: 851649

GET
H/1.1 200 * Show response
login.haufe-lexware.com/auth/json/realms/root/serverinfo/ 507 B
929 B 76ms
75ms XHR
application/json 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/json/realms/root/serverinfo/*

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

913543bd10315681d545781951c5456e993cd1abe7ab3e62777d9cf79e1b8a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-API-Version: protocol=1.0,resource=1.1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
correlation-id: ab02aab5-c1de-4926-aeb7-379453c33c42
x-content-type-options: nosniff, nosniff
content-encoding: gzip
server: nginx
etag: W/"529775819"
transfer-encoding: chunked
x-frame-options: ALLOWALL
content-type: application/json;charset=UTF-8
x-forgerock-transactionid: 58098131f6dae3e581516e960f983e42, 58098131f6dae3e581516e960f983e42
content-api-version: resource=1.1
cache-control: no-store
expires: 0

GET
H/1.1 200
OK ThemeConfiguration.9dfd7569d6.js Show response
login.haufe-lexware.com/auth/XUI/config/ 9 KB
9 KB 73ms
72ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/config/ThemeConfiguration.9dfd7569d6.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

a5d8b9e209dd030f6a480168f59223d576b90e6588a2673d534cae37eee3d47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-22e7"
content-type: application/javascript
x-forgerock-transactionid: cb781d632a11c18d7187c698c28bef62, cb781d632a11c18d7187c698c28bef62
accept-ranges: bytes
content-length: 8935

GET
H/1.1 200
OK 99.2c82d638a7.js Show response
login.haufe-lexware.com/auth/XUI/ 118 KB
118 KB 74ms
74ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/99.2c82d638a7.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

444dc4588dee6e092887191b2423c17e9c046720869cdaa48dd607cd4799efb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-1d7f1"
content-type: application/javascript
x-forgerock-transactionid: 27fbd16d5fe82523497985bb418f7ebe, 27fbd16d5fe82523497985bb418f7ebe
accept-ranges: bytes
content-length: 120817

GET
H/1.1 200
OK 120.65413bce85.js Show response
login.haufe-lexware.com/auth/XUI/ 765 B
1 KB 145ms
74ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/120.65413bce85.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

58b8c832b1f62556ffd0af349c636bf5d7647241d0a726689fa91fb68de53c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-2fd"
content-type: application/javascript
x-forgerock-transactionid: d317ab74027ded17c4c93cc57def999d, d317ab74027ded17c4c93cc57def999d
accept-ranges: bytes
content-length: 765

GET
H/1.1 200
OK bootstrap-3.4.1-custom.2f32e06d46.css
login.haufe-lexware.com/auth/XUI/css/ 120 KB
22 KB 74ms
73ms Stylesheet
text/css 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/css/bootstrap-3.4.1-custom.2f32e06d46.css

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

e1979a779f5d201c24c46da948e1cb282123f60827031453fce1bce0678238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: W/"64469b07-1dee2"
transfer-encoding: chunked
x-forgerock-transactionid: 30e125b0ed144a9f24abbdc9a0dd5c73, 30e125b0ed144a9f24abbdc9a0dd5c73
content-type: text/css

GET
H/1.1 200
OK structure.06bd325f4d.css
login.haufe-lexware.com/auth/XUI/css/ 70 KB
16 KB 74ms
72ms Stylesheet
text/css 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/css/structure.06bd325f4d.css

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

5f4ebb6150311ccd6573f5ff126ea1e74b7634416dd21c17515248592372ada0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: W/"64469b07-1186f"
transfer-encoding: chunked
x-forgerock-transactionid: 77cd28ec2cc49d68bf92606481c127a6, 77cd28ec2cc49d68bf92606481c127a6
content-type: text/css

GET
H/1.1 200
OK theme.c0b9d36671.css
login.haufe-lexware.com/auth/XUI/css/ 12 KB
3 KB 138ms
77ms Stylesheet
text/css 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/css/theme.c0b9d36671.css

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

2aa8764fb8a9cfcb1d2efc2989395d7d149027d5b8b81cb201bbe3a7558c4072

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: W/"64469b07-3191"
transfer-encoding: chunked
x-forgerock-transactionid: 10b2f0a78117d32737a3252857c43d8f, 10b2f0a78117d32737a3252857c43d8f
content-type: text/css

GET
H/1.1 200
OK haufeStyle.css
login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/css/ 23 KB
5 KB 135ms
71ms Stylesheet
text/css 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/css/haufeStyle.css

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

dce6c76d579f510c2e4ecced4564956fdc1c6c3cda511fad8358119b5d31cf62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: W/"64469b07-5a4c"
transfer-encoding: chunked
x-forgerock-transactionid: 4cfd15efea35dbb6de9aa7c4d0e36304, 4cfd15efea35dbb6de9aa7c4d0e36304
content-type: text/css

GET
H/1.1 200
OK haufeAm7.css
login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/css/ 673 B
752 B 138ms
74ms Stylesheet
text/css 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/css/haufeAm7.css

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

e8b61b0e3b3f980aec1fdff61e87ec9cedf56dbe9b6aa030160fbff5e7c8f062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: W/"64469b07-2a1"
transfer-encoding: chunked
x-forgerock-transactionid: f7528b04cbc07476a051c9407419d9ea, f7528b04cbc07476a051c9407419d9ea
content-type: text/css

GET
H/1.1 200
OK 138.eb6d6dc3ab.js Show response
login.haufe-lexware.com/auth/XUI/ 2 KB
3 KB 150ms
74ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/138.eb6d6dc3ab.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

6563161a3f5f9c36bf5d34c7b214b4ea28bb40b75ccf154696c48ca274b26222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-959"
content-type: application/javascript
x-forgerock-transactionid: 7147867aff137ec08f3f7b93431cd51b, 7147867aff137ec08f3f7b93431cd51b
accept-ranges: bytes
content-length: 2393

GET
H/1.1 200
OK 139.b3562924ae.js Show response
login.haufe-lexware.com/auth/XUI/ 5 KB
5 KB 75ms
75ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/139.b3562924ae.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

fa80acb773cf6c0b47439c9932ae58c843e68dfe70ab5d4494096ee482b5757e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-13c5"
content-type: application/javascript
x-forgerock-transactionid: a2c03099e540114d1238d1918075dec3, a2c03099e540114d1238d1918075dec3
accept-ranges: bytes
content-length: 5061

GET
H/1.1 200
OK 140.8aba58d14b.js Show response
login.haufe-lexware.com/auth/XUI/ 2 KB
3 KB 77ms
77ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/140.8aba58d14b.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

ffe476ee0d39bd6384f6d6f73ed0abbee4914bcf8ce40e61029e49a62c9d5084

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-93d"
content-type: application/javascript
x-forgerock-transactionid: a05237802f8082363b081fa21433db02, a05237802f8082363b081fa21433db02
accept-ranges: bytes
content-length: 2365

GET
H/1.1 200
OK 141.2e65dc121f.js Show response
login.haufe-lexware.com/auth/XUI/ 2 KB
2 KB 73ms
72ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/141.2e65dc121f.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

dce950cd0bebade8ae78427a7d9e4c2c280c41f847cb08a6a19af3d21f7cefa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-7b4"
content-type: application/javascript
x-forgerock-transactionid: b4b4fcb83d4f4db80d04858c870e598d, b4b4fcb83d4f4db80d04858c870e598d
accept-ranges: bytes
content-length: 1972

GET
H/1.1 200
OK 142.0d66021651.js Show response
login.haufe-lexware.com/auth/XUI/ 2 KB
2 KB 74ms
74ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/142.0d66021651.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

a2d484dadb434067a0421deb44080c5213b3b867a7591536c29724e399383eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-72d"
content-type: application/javascript
x-forgerock-transactionid: 683c720d538bbddf899caa3f856b97ea, 683c720d538bbddf899caa3f856b97ea
accept-ranges: bytes
content-length: 1837

GET
H/1.1 200
OK 143.f73a2a0160.js Show response
login.haufe-lexware.com/auth/XUI/ 3 KB
3 KB 74ms
73ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/143.f73a2a0160.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

aff4b8f674301f70f9e456c1094aca6456348a0687b97e34df97d4157a4edbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-c1f"
content-type: application/javascript
x-forgerock-transactionid: 00d3ab6df29536dd11c19d63541c34ea, 00d3ab6df29536dd11c19d63541c34ea
accept-ranges: bytes
content-length: 3103

GET
H/1.1 200
OK 111.c05e3948c9.js Show response
login.haufe-lexware.com/auth/XUI/ 903 B
1 KB 80ms
80ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/111.c05e3948c9.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

3449e7714a517936eee412dc6bae8958cfdc3da54d9ef8163664f5e63d7a8714

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-387"
content-type: application/javascript
x-forgerock-transactionid: cec6bf781a578ffc1ee58a4cf039ebe2, cec6bf781a578ffc1ee58a4cf039ebe2
accept-ranges: bytes
content-length: 903

POST
H/1.1 401
Unauthorized sessions Show response
login.haufe-lexware.com/auth/json/ 62 B
588 B 95ms
95ms XHR
application/json 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/json/sessions?_action=getSessionInfo

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx / Express

Resource Hash

2ca7f747e3dfd4857bad2366dff71a8ace949f36d3e3dd2d0ca72faf531b5c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-API-Version: protocol=1.0,resource=2.0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
correlation-id: 2b423240-4d04-4c77-9161-e1c03a3107b2
x-content-type-options: nosniff, nosniff
server: nginx
x-powered-by: Express
etag: W/"3e-MoGs1ULGey+ObS0ocpoYKw3nZjg"
x-frame-options: ALLOWALL
content-api-version: resource=2.2
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
content-length: 62
expires: 0

GET
H/1.1 200
OK 8.08d7fe779c.js Show response
login.haufe-lexware.com/auth/XUI/ 82 KB
82 KB 73ms
71ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/8.08d7fe779c.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

8031f6418e7c7c886fc6db6f24973e27fbf7df5e776ff9ea6030e5d74f10be96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-146dd"
content-type: application/javascript
x-forgerock-transactionid: 10b677602e9ea350c4aac12910f6a537, 10b677602e9ea350c4aac12910f6a537
accept-ranges: bytes
content-length: 83677

GET
H/1.1 200
OK 7.c05da0d15d.js Show response
login.haufe-lexware.com/auth/XUI/ 15 KB
16 KB 75ms
74ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/7.c05da0d15d.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

bafe05504654fde260ed8d56422db70711984ab972fb8a03a07e60353c20615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-3d9e"
content-type: application/javascript
x-forgerock-transactionid: ca71c87af606df27c5d527d4e13967b8, ca71c87af606df27c5d527d4e13967b8
accept-ranges: bytes
content-length: 15774

GET
H/1.1 200
OK 119.a577382079.js Show response
login.haufe-lexware.com/auth/XUI/ 1 KB
2 KB 78ms
77ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/119.a577382079.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

034d3b54a0e5a07a67c0d928a0aebcf127ee3f66a6f00f26a5bb260d12ad1fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-47a"
content-type: application/javascript
x-forgerock-transactionid: 2536647dc47e811de615cb07d3abed4c, 2536647dc47e811de615cb07d3abed4c
accept-ranges: bytes
content-length: 1146

GET
H/1.1 200
OK 113.19ff0b1a36.js Show response
login.haufe-lexware.com/auth/XUI/ 4 KB
4 KB 72ms
71ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/113.19ff0b1a36.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

2f20e52d936765e34bf7bf1862c0330484108a66b321e2be8f2b1cefb77fef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-f7a"
content-type: application/javascript
x-forgerock-transactionid: 7164f7fc0ffa771f49a44fc3e80c6099, 7164f7fc0ffa771f49a44fc3e80c6099
accept-ranges: bytes
content-length: 3962

POST
H/1.1 200
OK authenticate Show response
login.haufe-lexware.com/auth/json/realms/root/ 646 B
1 KB 81ms
81ms XHR
application/json 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/json/realms/root/authenticate?goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx / Express

Resource Hash

afeaa4468e03b0bce3eb1e97524496eb1b60c893df1235c11cd78d5a4fb575d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-API-Version: protocol=1.0,resource=2.1
X-Password: anonymous
Accept-Language: de-DE,de;q=0.9
X-Username: anonymous
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
X-Requested-With: XMLHttpRequest
X-NoSession: true

Response headers

date: Mon, 30 Oct 2023 08:31:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
transfer-encoding: chunked
pragma: no-cache
correlation-id: 77ea124f-151c-4aae-82b4-c6c2c34a40ee
server: nginx
etag: W/"286-GEoBm91czXt3jxMXeMVUCPPGjfg"
x-frame-options: ALLOWALL
content-api-version: resource=2.1
content-type: application/json; charset=utf-8
x-forgerock-transactionid: 18a7d1a2fe044fd4a44375e2d3892d90
cache-control: private, no-cache, no-store, must-revalidate
expires: 0

GET
H/1.1 200
OK 144.2a6947f7f1.js Show response
login.haufe-lexware.com/auth/XUI/ 355 B
761 B 71ms
71ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/144.2a6947f7f1.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

dc2a9964e716fc519385675d7a6f5207a9f69d8fb6a760b7ba0b50a233a17cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-163"
content-type: application/javascript
x-forgerock-transactionid: 94358a57f38cd92d7dc6794ddd938282, 94358a57f38cd92d7dc6794ddd938282
accept-ranges: bytes
content-length: 355

GET
H/1.1 200
OK 145.92773462c8.js Show response
login.haufe-lexware.com/auth/XUI/ 3 KB
4 KB 74ms
73ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/145.92773462c8.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

3736d416fe419e30eb2fb36abefea1e1ae21f9335229cafac830eca8a011743d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-cff"
content-type: application/javascript
x-forgerock-transactionid: 365f1a507669107efe3bfae9ba94ef03, 365f1a507669107efe3bfae9ba94ef03
accept-ranges: bytes
content-length: 3327

GET
H/1.1 200
OK logo-haufe.56959b9197.svg
login.haufe-lexware.com/auth/XUI/css/ 5 KB
5 KB 72ms
72ms Image
image/svg+xml 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.haufe-lexware.com/auth/XUI/css/logo-haufe.56959b9197.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

82117a18c9f9013d1653bf82e27c69652279aa137dc0f7393cd11088575542cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-1369"
content-type: image/svg+xml
x-forgerock-transactionid: 99082c3b1159b485a8618ecdb6bfcc03, 99082c3b1159b485a8618ecdb6bfcc03
accept-ranges: bytes
content-length: 4969

GET
H/1.1 200
OK logo-sp.ed9a7c4111.svg
login.haufe-lexware.com/auth/XUI/css/ 19 KB
19 KB 77ms
76ms Image
image/svg+xml 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.haufe-lexware.com/auth/XUI/css/logo-sp.ed9a7c4111.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

71ee044b4b7391369e0e3040372dba08da6609317710d24cb58e723757dec78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-4c1c"
content-type: image/svg+xml
x-forgerock-transactionid: cc0ed70ceb658895458dd0b6000a7923, cc0ed70ceb658895458dd0b6000a7923
accept-ranges: bytes
content-length: 19484

GET
H/1.1 200
OK logo-lexware.539cd36af3.svg
login.haufe-lexware.com/auth/XUI/css/ 6 KB
7 KB 73ms
72ms Image
image/svg+xml 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.haufe-lexware.com/auth/XUI/css/logo-lexware.539cd36af3.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

71b2f3eb29c5344804c4f0cbf5ae105114d033296ad70bd6fc48fd5f5e0c70ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-1945"
content-type: image/svg+xml
x-forgerock-transactionid: 912841f298fa9cf41a793e18121f617a, 912841f298fa9cf41a793e18121f617a
accept-ranges: bytes
content-length: 6469

GET
H/1.1 200
OK 23.ac4d60cb4e.js Show response
login.haufe-lexware.com/auth/XUI/ 14 KB
14 KB 76ms
75ms Script
application/javascript 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/23.ac4d60cb4e.js

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/main.be18489634.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

9601680ac3110f8eb9942994e697316c3dfb5becd6ed9d225424fe0e6bdfe867

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-36a3"
content-type: application/javascript
x-forgerock-transactionid: d299b0e42e1cd9febc880810d26ce790, d299b0e42e1cd9febc880810d26ce790
accept-ranges: bytes
content-length: 13987

GET
H/1.1 200
OK password-hidden.svg
login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/images/ 2 KB
2 KB 71ms
71ms Image
image/svg+xml 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/images/password-hidden.svg

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/css/haufeStyle.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

2748aa1d963b79ae42438a38d30be22fc65487f83d980d7791603f006c9cbbdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.haufe-lexware.com/auth/XUI/themes/theme_haufe-theme/css/haufeStyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-616"
content-type: image/svg+xml
x-forgerock-transactionid: 20b954e97153c8d0bcd0ea8112b68e44, 20b954e97153c8d0bcd0ea8112b68e44
accept-ranges: bytes
content-length: 1558

GET
H/1.1 200
OK fontawesome-webfont.af7ae505a9.woff2
login.haufe-lexware.com/auth/XUI/css/ 75 KB
76 KB 71ms
71ms Font
font/woff2 213.155.64.15
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.haufe-lexware.com/auth/XUI/css/fontawesome-webfont.af7ae505a9.woff2

Requested by

Host: login.haufe-lexware.com
URL: https://login.haufe-lexware.com/auth/XUI/css/structure.06bd325f4d.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.155.64.15 Munich, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

hgg-prod-haufe-fs.noris.de

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://login.haufe-lexware.com/auth/XUI/css/structure.06bd325f4d.css
Origin: https://login.haufe-lexware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:31:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 24 Apr 2023 15:06:47 GMT
server: nginx
etag: "64469b07-12d68"
content-type: font/woff2
x-forgerock-transactionid: 98ebd755ffb6e7dfbc8bcac94a558c0a, 98ebd755ffb6e7dfbc8bcac94a558c0a
accept-ranges: bytes
content-length: 77160

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.paypal.com
URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3APR63LTDBERGES-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3APR63LTDBERGES-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=179166bf-1617-4ff5-a579-2009717d2483&fltp=analytics&mrid=PR63LTDBERGES&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Mein%20Konto&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1698654669367&g=-60&completeurl=https%3A%2F%2Fmyaccount.haufe.com%2Flogin&disableSetCookie=true

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/noop.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.haufe-lexware.com/auth	1969-12-31 23:59:59	Name: route Value: 1698654670.443.516.743816\|d309159e9208d00feb579423c7e1bb6b
www.haufe.de/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9006E2C2A95F518F5BC7172518480BCE.liveWorker
www.haufe.de/	1969-12-31 23:59:59	Name: AWSELB Value: F7B55B990E2453659D5BF3A77A2E7C32EAFC7F33E5353E7EE6EEB6BE23678341F39C5A19AED92927ED3D55E33BE17669B89B04439CAFEAC2EA81FFB4AC256459506C494DE32252008F410582F66E34D476667DC868
api.sucasa.haufe.io/	1970-01-20 15:50:58	Name: portal-auth.cookie.sid Value: s%3ATWAfuu2xG6BGYBxELp_ShINOOqYJVwlU.xYeZAWr4I23qNejNuAVMm33M5DpL5n9l%2BfgQ6N7BNQ0
login.haufe-lexware.com/	1970-01-20 15:50:54	Name: OAUTH_REQUEST_ATTRIBUTES Value: eyJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2FwaS5zdWNhc2EuaGF1ZmUuaW8vYXV0aC9hdGxhbnRpYy9jYWxsYmFjayIsImNsaWVudF9pZCI6InN1Y2FzYS1wcm9kdWN0aW9uIn0=
login.haufe-lexware.com/	1969-12-31 23:59:59	Name: fb7283274f264f073f898ac08450b35c Value: 2ccf53380540c809fa69ddab1930ffac
login.haufe-lexware.com/	1969-12-31 23:59:59	Name: amlbcookie Value: 01

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.haufe-lexware.com/auth/json/sessions?_action=getSessionInfo Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
rendering	info	URL: https://login.haufe-lexware.com/auth/XUI/?realm=%2F&goto=https%3A%2F%2Flogin.haufe-lexware.com%2Fauth%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fapi.sucasa.haufe.io%2Fauth%2Fatlantic%2Fcallback%26scope%3Dopenid%2520profile%2520email%26client_id%3Dsucasa-production#login Message: Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sucasa.haufe.io
cdnjs.cloudflare.com
login.haufe-lexware.com
myaccount.haufe.com
t.paypal.com
ui-mf-user.sucasa.haufe.io
www.haufe.de
www.paypal.com
www.paypalobjects.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
151.101.129.21
18.158.29.156
18.194.195.91
192.229.221.25
213.155.64.15
2606:4700::6811:190e
52.51.77.218
54.220.239.54
034d3b54a0e5a07a67c0d928a0aebcf127ee3f66a6f00f26a5bb260d12ad1fd9
04b15df99e8ad041c382ec3a76a9bda814f08fd9f2c94dbb1ec13637dc51912c
1bddebf9b5239a38e835c7f47c5d7f88f32323b4c218617f8e9eb9be6f75feb7
2748aa1d963b79ae42438a38d30be22fc65487f83d980d7791603f006c9cbbdd
2aa8764fb8a9cfcb1d2efc2989395d7d149027d5b8b81cb201bbe3a7558c4072
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ca7f747e3dfd4857bad2366dff71a8ace949f36d3e3dd2d0ca72faf531b5c79
2f20e52d936765e34bf7bf1862c0330484108a66b321e2be8f2b1cefb77fef0e
2f4db696d860456299713f3332f4429dd291be99766b25df28f73af7276fd440
30afbfa33407ae4db24f430f64011260d7c0ac83ef20cc6fb7179faa5278ad02
3449e7714a517936eee412dc6bae8958cfdc3da54d9ef8163664f5e63d7a8714
3736d416fe419e30eb2fb36abefea1e1ae21f9335229cafac830eca8a011743d
444dc4588dee6e092887191b2423c17e9c046720869cdaa48dd607cd4799efb5
58b8c832b1f62556ffd0af349c636bf5d7647241d0a726689fa91fb68de53c15
5f4ebb6150311ccd6573f5ff126ea1e74b7634416dd21c17515248592372ada0
648f520771df640bdd4accd1683f7d92a5376d9b0d6969d0707a764d82bee9e0
6563161a3f5f9c36bf5d34c7b214b4ea28bb40b75ccf154696c48ca274b26222
6959caa34a41033c569d343b56b8609c8db53ecb2e81876d9a7d582610ecf50b
71b2f3eb29c5344804c4f0cbf5ae105114d033296ad70bd6fc48fd5f5e0c70ab
71ee044b4b7391369e0e3040372dba08da6609317710d24cb58e723757dec78e
7d49d28d1242aef3877b905ab04f7eb216e3d694f186223e108622eb8d87ec7d
8031f6418e7c7c886fc6db6f24973e27fbf7df5e776ff9ea6030e5d74f10be96
81386e0368e7cf3feba66083b05e240e42cda1adde62eef01fd03003ff39acdb
82117a18c9f9013d1653bf82e27c69652279aa137dc0f7393cd11088575542cd
892bad8f9dabc29fd05e05089f236b4853c7df10859edfa6fffa9cb23a42aaea
9132f3fef01189e60b0252acf1216c0cc0f1229885e48f80d13a206a16ad835f
913543bd10315681d545781951c5456e993cd1abe7ab3e62777d9cf79e1b8a1c
9601680ac3110f8eb9942994e697316c3dfb5becd6ed9d225424fe0e6bdfe867
a2d484dadb434067a0421deb44080c5213b3b867a7591536c29724e399383eeb
a5d8b9e209dd030f6a480168f59223d576b90e6588a2673d534cae37eee3d47a
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
afeaa4468e03b0bce3eb1e97524496eb1b60c893df1235c11cd78d5a4fb575d6
aff4b8f674301f70f9e456c1094aca6456348a0687b97e34df97d4157a4edbce
bafe05504654fde260ed8d56422db70711984ab972fb8a03a07e60353c20615a
bd6591c05f03ae885f8adb2232bd6439666575f64d5733cb3a4ce93ab36f6713
c27b99e981c088c60370485760264215f4fd8d478a6c7c45d4db9f23c2a6956a
ceea6ab88e032812b6dce9708cb0bfabedde8125a6735eca2683ebe5518ae8ac
dc2a9964e716fc519385675d7a6f5207a9f69d8fb6a760b7ba0b50a233a17cda
dce6c76d579f510c2e4ecced4564956fdc1c6c3cda511fad8358119b5d31cf62
dce950cd0bebade8ae78427a7d9e4c2c280c41f847cb08a6a19af3d21f7cefa5
e1979a779f5d201c24c46da948e1cb282123f60827031453fce1bce0678238cf
e25118543b0e73b89778f319c84ac24d4d47bf0be05d0609e142110099bb5160
e8b61b0e3b3f980aec1fdff61e87ec9cedf56dbe9b6aa030160fbff5e7c8f062
f2b3ab59366b9aea69af6165f7dd620ab71492fab4e5b4c5a44add2af06efef7
fa80acb773cf6c0b47439c9932ae58c843e68dfe70ab5d4494096ee482b5757e
ffe476ee0d39bd6384f6d6f73ed0abbee4914bcf8ce40e61029e49a62c9d5084

login.haufe-lexware.com Open in urlscan Pro 213.155.64.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

95 %HTTPS

13 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

7743 kBTransfer

8459 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.haufe-lexware.com Open in urlscan Pro
213.155.64.15 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

95 %
HTTPS

13 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

7743 kB
Transfer

8459 kB
Size

7
Cookies

55 HTTP transactions
1 data transactions