Submitted URL: http://share.dea-atf.de/
Effective URL: https://share.dea-atf.de/login
Submission: On March 13 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 29 HTTP transactions. The main IP is 79.133.48.200, located in Germany and belongs to DE-FIRSTCOLO firstcolo.net, DE. The main domain is share.dea-atf.de.
TLS certificate: Issued by R3 on February 11th 2024. Valid for: 3 months.
This is the only time share.dea-atf.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 21 79.133.48.200 44066 (DE-FIRSTC...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
29 4
Apex Domain
Subdomains
Transfer
21 dea-atf.de
share.dea-atf.de
470 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
450 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
47 KB
29 3
Domain Requested by
21 share.dea-atf.de 3 redirects share.dea-atf.de
5 www.google.com share.dea-atf.de
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
2 fonts.gstatic.com www.google.com
29 4

This site contains links to these domains. Also see Links.

Domain
sergix44.github.io
Subject Issuer Validity Valid
share.dea-atf.de
R3
2024-02-11 -
2024-05-11
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://share.dea-atf.de/login
Frame ID: 2122234873186301577055858B0B634E
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Frame ID: 64A328E2FFA917C7F52EF8B10E392E68
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Anmelden | XBackBone

Page URL History Show full URLs

  1. http://share.dea-atf.de/ HTTP 301
    https://share.dea-atf.de/ HTTP 302
    https://share.dea-atf.de/home HTTP 302
    https://share.dea-atf.de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

29
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

966 kB
Transfer

2642 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://share.dea-atf.de/ HTTP 301
    https://share.dea-atf.de/ HTTP 302
    https://share.dea-atf.de/home HTTP 302
    https://share.dea-atf.de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
share.dea-atf.de/
Redirect Chain
  • http://share.dea-atf.de/
  • https://share.dea-atf.de/
  • https://share.dea-atf.de/home
  • https://share.dea-atf.de/login
7 KB
2 KB
Document
General
Full URL
https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
eaa812eb3e20468527fbaf196eda0f26a7370d6543a63987b57f98cdff9dfb1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 15:15:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PleskLin

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 15:15:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://share.dea-atf.de/login
pragma
no-cache
server
nginx
x-powered-by
PleskLin
bootstrap.min.css
share.dea-atf.de/static/bootstrap/css/
158 KB
21 KB
Stylesheet
General
Full URL
https://share.dea-atf.de/static/bootstrap/css/bootstrap.min.css?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-278e1"
x-powered-by
PleskLin
content-type
text/css
all.min.css
share.dea-atf.de/static/fontawesome/css/
58 KB
12 KB
Stylesheet
General
Full URL
https://share.dea-atf.de/static/fontawesome/css/all.min.css?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-e7a9"
x-powered-by
PleskLin
content-type
text/css
app.css
share.dea-atf.de/static/app/
3 KB
1 KB
Stylesheet
General
Full URL
https://share.dea-atf.de/static/app/app.css?1655734406
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
17e4b94309ab4afa7498020b772be32bd8005e641396e333812c1dd871e926d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Mon, 20 Jun 2022 14:13:26 GMT
server
nginx
etag
W/"62b08086-ae9"
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
share.dea-atf.de/static/jquery/
87 KB
30 KB
Script
General
Full URL
https://share.dea-atf.de/static/jquery/jquery.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-15d9d"
x-powered-by
PleskLin
content-type
application/javascript
bootstrap.bundle.min.js
share.dea-atf.de/static/bootstrap/js/
81 KB
21 KB
Script
General
Full URL
https://share.dea-atf.de/static/bootstrap/js/bootstrap.bundle.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-14535"
x-powered-by
PleskLin
content-type
application/javascript
app.js
share.dea-atf.de/static/app/
5 KB
2 KB
Script
General
Full URL
https://share.dea-atf.de/static/app/app.js?1655734408
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
f1f5fb9fb7408b13af61ce35c13d3739c9b27d4bd11dd00d106577d233a103c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Mon, 20 Jun 2022 14:13:28 GMT
server
nginx
etag
W/"62b08088-1462"
x-powered-by
PleskLin
content-type
application/javascript
monokai.css
share.dea-atf.de/static/highlightjs/styles/
938 B
532 B
Stylesheet
General
Full URL
https://share.dea-atf.de/static/highlightjs/styles/monokai.css?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
3bfd56db8ae1e731dc87acf841929c059a04355ddff19b23d1fbdf69feb58078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
x-accel-version
0.01
server
nginx
etag
W/"3aa-1c5fb7cebc500"
x-powered-by
PleskLin
content-type
text/css
plyr.css
share.dea-atf.de/static/plyr/
33 KB
5 KB
Stylesheet
General
Full URL
https://share.dea-atf.de/static/plyr/plyr.css?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
1a23c8d0c14fe0948da65590660347731a693bf98effec89a240c2b6d56b780d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-8317"
x-powered-by
PleskLin
content-type
text/css
dropzone.min.css
share.dea-atf.de/static/dropzone/
10 KB
1 KB
Stylesheet
General
Full URL
https://share.dea-atf.de/static/dropzone/dropzone.min.css?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-2666"
x-powered-by
PleskLin
content-type
text/css
bootstrap4-toggle.min.css
share.dea-atf.de/static/bootstrap/css/
3 KB
842 B
Stylesheet
General
Full URL
https://share.dea-atf.de/static/bootstrap/css/bootstrap4-toggle.min.css?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
3b6bccef2618dcabdc24197d2a55a07162038b61b0fa85b7f7e59c787a5931e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-aeb"
x-powered-by
PleskLin
content-type
text/css
highlight.pack.min.js
share.dea-atf.de/static/highlightjs/
732 KB
226 KB
Script
General
Full URL
https://share.dea-atf.de/static/highlightjs/highlight.pack.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
c9e3265251db9374367ee482c4a4c938070ef8a4989f3687bffa614aacf834ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-b6f11"
x-powered-by
PleskLin
content-type
application/javascript
highlightjs-line-numbers.min.js
share.dea-atf.de/static/highlightjs/
3 KB
1 KB
Script
General
Full URL
https://share.dea-atf.de/static/highlightjs/highlightjs-line-numbers.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
e7be69b9a969b88d88d227f03c711f0b956d603753eeb45a001d7d5868db3443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-c7d"
x-powered-by
PleskLin
content-type
application/javascript
clipboard.min.js
share.dea-atf.de/static/clipboardjs/
9 KB
3 KB
Script
General
Full URL
https://share.dea-atf.de/static/clipboardjs/clipboard.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-234a"
x-powered-by
PleskLin
content-type
application/javascript
plyr.min.js
share.dea-atf.de/static/plyr/
107 KB
30 KB
Script
General
Full URL
https://share.dea-atf.de/static/plyr/plyr.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
ac22d182273b43dafc5e4c9e05ffd476aeeabcae4be2e8384dad985fe593a987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-1aac6"
x-powered-by
PleskLin
content-type
application/javascript
dropzone.min.js
share.dea-atf.de/static/dropzone/
112 KB
35 KB
Script
General
Full URL
https://share.dea-atf.de/static/dropzone/dropzone.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-1c00e"
x-powered-by
PleskLin
content-type
application/javascript
bootstrap4-toggle.min.js
share.dea-atf.de/static/bootstrap/js/
4 KB
1 KB
Script
General
Full URL
https://share.dea-atf.de/static/bootstrap/js/bootstrap4-toggle.min.js?499158900
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
a7a23eb6e02aa4a4217bb95d90fd72a3f0eed104588e6d4edeb792288892e003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
br
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
W/"1dc08f74-114f"
x-powered-by
PleskLin
content-type
application/javascript
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b5ef55da60956e5323f5860b7157a706df0b3675e1c91138cfb966e3d0610c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.dea-atf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 15:15:37 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/
494 KB
197 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://share.dea-atf.de/
Origin
https://share.dea-atf.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Mar 2025 12:23:37 GMT
fa-solid-900.woff2
share.dea-atf.de/static/fontawesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://share.dea-atf.de/static/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: share.dea-atf.de
URL: https://share.dea-atf.de/static/fontawesome/css/all.min.css?499158900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.133.48.200 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
p2.qloc.de
Software
nginx / PleskLin
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://share.dea-atf.de/static/fontawesome/css/all.min.css?499158900
Origin
https://share.dea-atf.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
last-modified
Sat, 26 Oct 1985 07:15:00 GMT
server
nginx
etag
"1dc08f74-131bc"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
78268
anchor
www.google.com/recaptcha/api2/ Frame 64A3
46 KB
29 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20096677d09ab14d7cdc4e40d676c1ee774f5d9c2df7e94ee065665909d012c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NJuzomHxFehYH1gRnVENJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://share.dea-atf.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NJuzomHxFehYH1gRnVENJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 15:15:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 64A3
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 13:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Mar 2025 13:55:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 64A3
494 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Mar 2025 12:23:37 GMT
Jeg7kAr-4pwBaYwYYQcOgo_iB5tAOGlBo34CkooCo7A.js
www.google.com/js/bg/ Frame 64A3
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/Jeg7kAr-4pwBaYwYYQcOgo_iB5tAOGlBo34CkooCo7A.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25e83b900afee29c01698c1861070e828fe2079b40386941a37e02928a02a3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 10:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
16177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7355
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Mar 2025 10:46:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 64A3
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 03:45:28 GMT
x-content-type-options
nosniff
age
127809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 19 Mar 2024 03:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64A3
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:26:23 GMT
x-content-type-options
nosniff
age
150554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 21:26:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64A3
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:11:37 GMT
x-content-type-options
nosniff
age
108240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 09:11:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 64A3
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 15:15:37 GMT
reload
www.google.com/recaptcha/api2/ Frame 64A3
13 KB
10 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
39eebf18757a61fe4e9bc3ae2bf7cf36ac078249f91812973ea8804072d2b349
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektyMcAAAAABFYzOiSvs751CVlUVRnDJZX-olO&co=aHR0cHM6Ly9zaGFyZS5kZWEtYXRmLmRlOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=b8q8qtmq10da
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 13 Mar 2024 15:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 15:15:37 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| AppConfig function| $ function| jQuery object| bootstrap object| hljs function| ClipboardJS function| Plyr function| Dropzone function| default object| app object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_832457

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANeNL0Qs86Rfj9BfnSLIwVI7uBeJx4GQM4mVAtMIYS-kv76ntjpPbRIUjy2DUq7nYxpG9j4WdEl3AfrBn-JtrTg
share.dea-atf.de/ Name: xbackbone_session
Value: imfkuj3d3ntdo04q15bbs0rrcf

1 Console Messages

Source Level URL
Text
other warning URL: https://share.dea-atf.de/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
share.dea-atf.de
www.google.com
www.gstatic.com
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::2003
79.133.48.200
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
17e4b94309ab4afa7498020b772be32bd8005e641396e333812c1dd871e926d5
1a23c8d0c14fe0948da65590660347731a693bf98effec89a240c2b6d56b780d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20096677d09ab14d7cdc4e40d676c1ee774f5d9c2df7e94ee065665909d012c8
25e83b900afee29c01698c1861070e828fe2079b40386941a37e02928a02a3b0
39eebf18757a61fe4e9bc3ae2bf7cf36ac078249f91812973ea8804072d2b349
3b6bccef2618dcabdc24197d2a55a07162038b61b0fa85b7f7e59c787a5931e0
3bfd56db8ae1e731dc87acf841929c059a04355ddff19b23d1fbdf69feb58078
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4b5ef55da60956e5323f5860b7157a706df0b3675e1c91138cfb966e3d0610c5
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe
a7a23eb6e02aa4a4217bb95d90fd72a3f0eed104588e6d4edeb792288892e003
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
ac22d182273b43dafc5e4c9e05ffd476aeeabcae4be2e8384dad985fe593a987
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1
c9e3265251db9374367ee482c4a4c938070ef8a4989f3687bffa614aacf834ba
e7be69b9a969b88d88d227f03c711f0b956d603753eeb45a001d7d5868db3443
eaa812eb3e20468527fbaf196eda0f26a7370d6543a63987b57f98cdff9dfb1d
f1f5fb9fb7408b13af61ce35c13d3739c9b27d4bd11dd00d106577d233a103c9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e