aufeingespraech.de Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.co.uk/amp/s/permits.ae%2fwp-admin%2fbin%2f279401010-1010%2f1010%2fdG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ==
Effective URL:
https://aufeingespraech.de/Mtony.soldi@barings.com
Submission: On October 06 via api (October 6th 2023, 7:54:03 pm UTC) from IE — Scanned from DE

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is aufeingespraech.de.
TLS certificate: Issued by E1 on August 24th 2023. Valid for: 3 months.

This is the only time aufeingespraech.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	192.185.56.218 192.185.56.218	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.185.56.218 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-56-218.unifiedlayer.com

permits.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

aufeingespraech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	aufeingespraech.de aufeingespraech.de	166 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6285	23 KB
1	permits.ae permits.ae	111 B
1	google.co.uk 1 redirects www.google.co.uk — Cisco Umbrella Rank: 3286	1 KB
19	4

	Domain	Requested by
12	aufeingespraech.de	aufeingespraech.de
4	challenges.cloudflare.com	aufeingespraech.de challenges.cloudflare.com
1	permits.ae
1	www.google.co.uk	1 redirects
19	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
permits.ae R3	`2023-09-17` - `2023-12-16`	3 months	crt.sh
aufeingespraech.de E1	`2023-08-24` - `2023-11-22`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://aufeingespraech.de/Mtony.soldi@barings.com
Frame ID: EFF73AC7039AFA6D7A9ABEA5CE849E03
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3atbs/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: CD0AC64FA2C0CA33380CD3241C7FB135
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ok9lt/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 84C2A7B0392CA0ED4E48FEA6B1474AC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://aufeingespraech.de/Mtony.soldi@barings.com Page URL
https://aufeingespraech.de/Mtony.soldi@barings.com Page URL

Page Statistics

19
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

188 kB
Transfer

471 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aufeingespraech.de/Mtony.soldi@barings.com Page URL
https://aufeingespraech.de/Mtony.soldi@barings.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.google.co.uk/amp/s/permits.ae%2fwp-admin%2fbin%2f279401010-1010%2f1010%2fdG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ== HTTP 302
https://permits.ae/wp-admin/bin/279401010-1010/1010/dG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ==

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

dG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ== Show response
permits.ae/wp-admin/bin/279401010-1010/1010/
Redirect Chain

https://www.google.co.uk/amp/s/permits.ae%2fwp-admin%2fbin%2f279401010-1010%2f1010%2fdG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ==
https://permits.ae/wp-admin/bin/279401010-1010/1010/dG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ==

0
111 B

485ms
139ms

Document
text/html

192.185.56.218
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://permits.ae/wp-admin/bin/279401010-1010/1010/dG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.56.218 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-56-218.unifiedlayer.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 19:53:58 GMT
refresh: 0;url=https://aufeingespraech.de/Mtony.soldi@barings.com
server: Apache

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 281
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-aDIG3pcvVXz8ZRleBu2ZYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Fri, 06 Oct 2023 19:53:58 GMT
location: https://permits.ae/wp-admin/bin/279401010-1010/1010/dG9ueS5zb2xkaUBiYXJpbmdzLmNvbQ==
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
x-xss-protection: 0

GET
H2 403 Mtony.soldi@barings.com Show response
aufeingespraech.de/ 6 KB
5 KB 46ms
13ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aufeingespraech.de/Mtony.soldi@barings.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e7243b16b6ef9260a96b6721f070c629438294c867d9d564a95ca618b45c00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://permits.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 812074200e854dc1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 06 Oct 2023 19:53:59 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3ssj9C%2FDlFo6BPGAmRK73eof1%2BnhZv5yQ6TQlgwBorlsb2Vc8sfAclni6CyBhcwJAOlJeguZLnbbCnhklMjRfMpfZ8aVAfcMjd755UKNYuePgpQmF%2BParHdqgQo0boYEP6UrGj8HyC6khTTdZE82EI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
aufeingespraech.de/cdn-cgi/styles/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aufeingespraech.de/cdn-cgi/styles/challenges.css

Requested by

Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 12:54:04 GMT
server: cloudflare
etag: W/"651eb1ec-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 812074203ebe4dc1-FRA
expires: Fri, 06 Oct 2023 21:53:59 GMT

GET
H2 200 v1 Show response
aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 171 KB
58 KB 18ms
18ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074200e854dc1
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972a117e811b0082f6480aad1cb3d665a329b5f6831a7045912886407b02cd56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com?__cf_chl_rt_tk=G2R88.2eQRHaOHESM1XPvTs4EOWbHMoieM.26aFO3C0-1696622039-0-gaNycGzNC_s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:53:59 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xn5ZyUhDZk5KXcMGB9oHkllry8VrBn%2BY%2B1JvMSuzEoCXPVhADV881QtMInyyzIbwNGmPMJ1ehLzAghclHTZBxO4D9nKIxER3Z7EiWGuEx4nwzo6mdo%2BqflhCcdZTZKrJZaIT%2FJH4qlUCrY6WiACfsQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 812074205edc4dc1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/ 33 KB
11 KB 90ms
50ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074200e854dc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da

Request headers

Referer
Origin: https://aufeingespraech.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:53:59 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81207420dfd73619-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
aufeingespraech.de/ 6 KB
6 KB 12ms
12ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aufeingespraech.de/favicon.ico

Requested by

Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f271c5c3515870ded36d727c229d49c7f8135f115e5b4314f7ac343d0c6fbe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:53:59 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US%2FAmsyi6BHXN4UqH2FVOXKQfG233dHyFVb1LTFWcD6Yr%2BCxVOX%2Blt2rHHu1ZsTpf5Y3M5dUS3lDb9Jk8bwNLWgibEulE1qlEYtk1NWbVO4mLA92nWqycmBA3OhznTPA2IQc2REX2vhsOzdNEZIMGyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8120742099879043-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK c9f32ff7-ddd4-45f1-a887-ebb81aa055d8
https://aufeingespraech.de/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aufeingespraech.de/c9f32ff7-ddd4-45f1-a887-ebb81aa055d8
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 3bc6ad6d4f94f55 Show response
aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1519820348:1696619568:QUgJXmtf788T2oQorpZrVZswEmL7QUSqz0uVXaNeWVI/812074200e854dc1/ 11 KB
9 KB 24ms
24ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1519820348:1696619568:QUgJXmtf788T2oQorpZrVZswEmL7QUSqz0uVXaNeWVI/812074200e854dc1/3bc6ad6d4f94f55
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074200e854dc1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a026c9c991c98e607b1253de97b467d3ab8e41ba77144f26fcb64d160acae18

Request headers

Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
CF-Challenge: 3bc6ad6d4f94f55
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Oct 2023 19:53:59 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2nr6pk4313zWvygHHq3YKMBn2hIQ%2FM5h65Yn9SKGEvd46glHF0IIfM2r3SQtA6AheOXBh6XNrVdDCzJDrRc544qLwyy0Ovd0hbQ%2BG%2BnIqvcqC%2BX1unApx5yCtXrvLLUEeMjMKazvAiRMMsQoZh4FoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 812074214a2d9043-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: OyscCi/Jd8e7lObAT3ube4LFZsGrFxlfkjzR0x/PnTwX16xlk5k9eo0hCj9j47ri$QQxTTKNrKMipfiDl87zEIg==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3atbs/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame CD0A 0
0 35ms
25ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3atbs/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 812074219c553639-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 19:53:59 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 3bc6ad6d4f94f55 Show response
aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1519820348:1696619568:QUgJXmtf788T2oQorpZrVZswEmL7QUSqz0uVXaNeWVI/812074200e854dc1/ 2 KB
2 KB 25ms
25ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1519820348:1696619568:QUgJXmtf788T2oQorpZrVZswEmL7QUSqz0uVXaNeWVI/812074200e854dc1/3bc6ad6d4f94f55
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074200e854dc1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58994707439719b43a1f41d8a651f8afe7c5ec9ede755134ac60770f9dca52a7

Request headers

Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
CF-Challenge: 3bc6ad6d4f94f55
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: 4h4lZFMaxz+ShBIirVbFVW4+iB0EJ9oygkciKS+HIOkjqxI+c17UYf4jdpmpR62+Jm183HNBcZrVoyDxxiPmy6VTGpMMUcUGKPqSaZilb0o=$Fc93ZlRScHRTHoIg4LT/LQ==
cf-chl-out-s: mLEQxfoUGWACTj0exqxZfq/d6vNG3YT5lNYTb7qGiXAsNhUEg7GkhuzRccu8hc0zhqzpKY67VFEptocpiGWGZA==$y610V9TyIdDT7sc/Kwv/CQ==
date: Fri, 06 Oct 2023 19:53:59 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FKb5aKgp4%2Bbqb56UZ7NDnxg%2BsivGh%2FeJKhIFjm0jrxY5IkxgSpbr1pidlayoHzCUDtTYHc0frRnQOZ90ZXmNVEE0UBCM9%2BNKUe5pDWR%2B0jXEVN5GD%2FAjtp2%2BqNwOfqovUsgQ9qTzVLvHI%2FI7NiK04I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 812074231bee9043-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request Mtony.soldi@barings.com Show response
aufeingespraech.de/ 6 KB
5 KB 14ms
13ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aufeingespraech.de/Mtony.soldi@barings.com

Requested by

Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074200e854dc1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99ca89a6956d1e60ce0b11fe23a91b16471e3bdf71efbbd577ab9473cde27a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 812074335bad9043-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 06 Oct 2023 19:54:02 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeHTOpR6TiXwEINxCnWqlxudYyGUhn5XdXH6Xjh9w41KXHRtXlj2TVfw8up8XUlqfB%2Fvi3jf54DrY44AL4HsHOo49PO4hCCGg4xKuITmKBWYfgaUePmuQwU0WOxWUdLiKkAsWfwOGa3bZqOmNjrjkv4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 challenges.css
aufeingespraech.de/cdn-cgi/styles/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aufeingespraech.de/cdn-cgi/styles/challenges.css

Requested by

Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 12:54:04 GMT
server: cloudflare
etag: W/"651eb1ec-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 812074337bc09043-FRA
expires: Fri, 06 Oct 2023 21:54:02 GMT

GET
H3 200 v1 Show response
aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 170 KB
59 KB 16ms
16ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074335bad9043
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2845e42ce9a444920e338ba10b2083dfe2b3fed15c02abfa32d1f6187632ef3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com?__cf_chl_rt_tk=H3g26ISJpsT2BWmBkH1yFBfmezbHVEsnGdT3Kq.PO5k-1696622042-0-gaNycGzNClA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:54:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEdUDjCta0%2Bc9dgc88Kjt3iinPVXgYTCDskqMF%2FPJRYv4TshT0ypxjccrtN7g1e5ZwjsSxp5Hl78a%2FEHqY5myzthfLPcZLaZCv4TOPoG4hOzhvyUXMwnXpKvGpUsYHKWOx1VuxfbbnUrYd%2FvLzrJNGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 812074338bca9043-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/ 33 KB
11 KB 42ms
41ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074335bad9043
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da

Request headers

Referer
Origin: https://aufeingespraech.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:54:02 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81207433c90a3619-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
aufeingespraech.de/ 6 KB
6 KB 13ms
13ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aufeingespraech.de/favicon.ico

Requested by

Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f794ee531327fadf7a55b9ed230b68bb6b523ef8cac01f5d1abbaee1c1f22f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:54:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQTIevXaKhgfRLa3kytQSKb1991SlOTGnhjEH7GRaNG8V5kisSKOmPzwd3ajz%2FTpUzkfNZm0BRFw7qyljtZnq%2FypBPtLBf5MJz3OPwTNtNaTx9W4mPR2KHYrKBLIVJYGDOetoCtyVbnWjEfIglRdtwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 81207433cc069043-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 1a32dbdf-1ca5-4f09-8b46-656934e318e8
https://aufeingespraech.de/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aufeingespraech.de/1a32dbdf-1ca5-4f09-8b46-656934e318e8
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/Mtony.soldi@barings.com
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 bbecd9d7aded155 Show response
aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1124002170:1696619440:jHXICp1YyBp9uPXANGBEkaNRlGiOsNGW6BSf5JkRAYw/812074335bad9043/ 11 KB
9 KB 27ms
27ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1124002170:1696619440:jHXICp1YyBp9uPXANGBEkaNRlGiOsNGW6BSf5JkRAYw/812074335bad9043/bbecd9d7aded155
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074335bad9043
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db47353d0909807dca00c82436e43a169da8a948b027e3ab7142efabd8808c68

Request headers

Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
CF-Challenge: bbecd9d7aded155
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 06 Oct 2023 19:54:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYeKCP%2FUYt0dnyvMFDwNULAh3IzezGkiLW%2BJIGS4QMjWML6nI4wMv0niIpgISPr9vVIE5TEdzGUX8cDGESEOt%2FwZy9FVFl9ckPb8Ip1JgrCzd5116c%2B0Xc%2F4ZLuuYy5EGbxeyh%2BayBUDesv2BYV8WFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 812074347cc79043-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: 09Zm3Llywi4ZSHBzFGQIi9K26GHCiAaCwQvC42FH3HwcoKN+Bv8Q3LIfsymHMfY9$6bmGbnob6ugU16MZyynkAw==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ok9lt/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 84C2 0
0 19ms
18ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ok9lt/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=AsGt1&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 81207434cf753639-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 19:54:02 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 bbecd9d7aded155 Show response
aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1124002170:1696619440:jHXICp1YyBp9uPXANGBEkaNRlGiOsNGW6BSf5JkRAYw/812074335bad9043/ 2 KB
2 KB 22ms
21ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1124002170:1696619440:jHXICp1YyBp9uPXANGBEkaNRlGiOsNGW6BSf5JkRAYw/812074335bad9043/bbecd9d7aded155
Requested by: Host: aufeingespraech.de
URL: https://aufeingespraech.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=812074335bad9043
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f40b6d4223624a19d7a193fc7a1a82e890bb2acf6d8cf81aabf91a4d1d48c14

Request headers

Referer: https://aufeingespraech.de/Mtony.soldi@barings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
CF-Challenge: bbecd9d7aded155
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: XMQoAMJCffJ4wBZwOcrQNvrmmZL6t373+YLCu3nFYshsMk5u1Q7eJtR/Og46yp3Gx635E6vNEacIQBLcQFQYydoh+m3UQ7+sFrSl0SV+1IY=$hKIV1SXXj2awLYvs6XPdAQ==
cf-chl-out-s: W5C/5elle2QvPAimTrlPrzaufEnSc9e/j5UeEYD2541kLwpvcOb+GNwMztJ5IZSB59ZhN2Ojj6r2xVha3oLgJTqwZeXtH8JwFMSmuwDppwMDNPZto1likaGmTaHyvTr3qj4K5exEphY32658OslyugoLfFREMn4Jf2/ndjaVnSxPjSt7ftmPxNRvukzz448X$WxPcjUAsLstHJYiKld7Cfg==
date: Fri, 06 Oct 2023 19:54:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7PJQpq5Y0Hng%2FZzxFXL9w%2FeaAWShQak7yTvXJvh23v8glptEl%2B%2FnBr6rNAlvv8FRukzdmpF9qc4K2tyymOs2%2B%2FCHKd8cJFMd47z7Yu0Uy0C8LRzcYN92LA%2F%2FRIAiCTeHtKhWniE%2BgVLh0O6TxWgUGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 812074362e8f9043-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.co.uk/	1970-01-21 00:46:48	Name: __Secure-ENID Value: 15.SE=SSd9fD15jM_R1TRfy8THhiTnUR3C6dFLF19JnKn8ZlRp6lvejr2rccCClCFg0t-jwxytJy7r0fXq5tHFFq66zvIoxHEp0t2YtyL8sCQrp-UzlBhIq-VK00_vDCY--kXZdom3PEXW_3D1WL79lPm4NGaKuMZFfpoRKHVzMksjmaw
.google.co.uk/	1970-01-21 00:53:02	Name: CONSENT Value: PENDING+136
aufeingespraech.de/	1970-01-20 15:17:05	Name: cf_chl_rc_m Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://aufeingespraech.de/Mtony.soldi@barings.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://aufeingespraech.de/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://aufeingespraech.de/Mtony.soldi@barings.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://aufeingespraech.de/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aufeingespraech.de
challenges.cloudflare.com
permits.ae
www.google.co.uk
192.185.56.218
2606:4700::6811:3b8
2a00:1450:4001:808::2003
2a06:98c1:3121::3
06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da
14f271c5c3515870ded36d727c229d49c7f8135f115e5b4314f7ac343d0c6fbe
1f794ee531327fadf7a55b9ed230b68bb6b523ef8cac01f5d1abbaee1c1f22f3
21e7243b16b6ef9260a96b6721f070c629438294c867d9d564a95ca618b45c00
2845e42ce9a444920e338ba10b2083dfe2b3fed15c02abfa32d1f6187632ef3d
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
58994707439719b43a1f41d8a651f8afe7c5ec9ede755134ac60770f9dca52a7
5f40b6d4223624a19d7a193fc7a1a82e890bb2acf6d8cf81aabf91a4d1d48c14
6a026c9c991c98e607b1253de97b467d3ab8e41ba77144f26fcb64d160acae18
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
972a117e811b0082f6480aad1cb3d665a329b5f6831a7045912886407b02cd56
a99ca89a6956d1e60ce0b11fe23a91b16471e3bdf71efbbd577ab9473cde27a6
db47353d0909807dca00c82436e43a169da8a948b027e3ab7142efabd8808c68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

aufeingespraech.de Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

89 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

188 kBTransfer

471 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

8 Console Messages

Indicators

aufeingespraech.de Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

188 kB
Transfer

471 kB
Size

3
Cookies

19 HTTP transactions
2 data transactions