Submitted URL: https://auth.pelhq.eu/
Effective URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Submission: On May 25 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 21 HTTP transactions. The main IP is 51.116.145.32, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.lpehq.eu.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 25th 2023. Valid for: 6 months.
This is the only time auth.lpehq.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 51.116.145.32 8075 (MICROSOFT...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42::729 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
21 7
Apex Domain
Subdomains
Transfer
9 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1352
ka-p.fontawesome.com — Cisco Umbrella Rank: 3288
340 KB
6 lpehq.eu
auth.lpehq.eu
840 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 5175
browser.sentry-cdn.com — Cisco Umbrella Rank: 4086
70 KB
1 sentry.io
o4504814459617280.ingest.sentry.io
341 B
1 googleapis.com
chart.googleapis.com — Cisco Umbrella Rank: 22283
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
28 KB
1 pelhq.eu
auth.pelhq.eu
1 KB
21 7
Domain Requested by
8 ka-p.fontawesome.com kit.fontawesome.com
auth.lpehq.eu
6 auth.lpehq.eu auth.lpehq.eu
cdnjs.cloudflare.com
1 o4504814459617280.ingest.sentry.io browser.sentry-cdn.com
1 browser.sentry-cdn.com js.sentry-cdn.com
1 chart.googleapis.com auth.lpehq.eu
1 js.sentry-cdn.com auth.lpehq.eu
1 cdnjs.cloudflare.com auth.lpehq.eu
1 kit.fontawesome.com auth.lpehq.eu
1 auth.pelhq.eu 1 redirects
21 9

This site contains links to these domains. Also see Links.

Domain
lpehq.eu
www.facebook.com
www.youtube.com
twitter.com
www.instagram.com
Subject Issuer Validity Valid
auth.lpehq.eu
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-05-25 -
2023-11-25
6 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
ingest.sentry.io
DigiCert TLS RSA SHA256 2020 CA1
2022-07-28 -
2023-08-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Frame ID: 7C5B08D15F91DE1BB52A492E8DA2F741
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

LPE Auth

Page URL History Show full URLs

  1. https://auth.pelhq.eu/ HTTP 302
    https://auth.lpehq.eu/?platform-id=PEL-0A5C Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

1280 kB
Transfer

2323 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.pelhq.eu/ HTTP 302
    https://auth.lpehq.eu/?platform-id=PEL-0A5C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auth.lpehq.eu/
Redirect Chain
  • https://auth.pelhq.eu/
  • https://auth.lpehq.eu/?platform-id=PEL-0A5C
16 KB
5 KB
Document
General
Full URL
https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.145.32 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.22.1 / PHP/8.1.18
Resource Hash
ccec392960e7059a6cad93389399a9328378382adb4e1cda752173e2cd136766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 25 May 2023 09:21:00 GMT
Server
nginx/1.22.1
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/8.1.18

Redirect headers

Cache-Control
no-cache, private
Content-Type
text/html; charset=utf-8
Date
Thu, 25 May 2023 09:21:00 GMT
Location
https://auth.lpehq.eu/?platform-id=PEL-0A5C
Server
nginx/1.22.1
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/8.1.18
LPEAuth.css
auth.lpehq.eu/css/
7 KB
7 KB
Stylesheet
General
Full URL
https://auth.lpehq.eu/css/LPEAuth.css
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.145.32 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
d284b975aa629b3e0df6379a1ee8a3324c40fce41eb7e94725113f99f388c36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/?platform-id=PEL-0A5C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 09:21:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 May 2023 13:55:22 GMT
Server
nginx/1.22.1
ETag
"645cf3ca-1cb6"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7350
a82261f1b5.js
kit.fontawesome.com/
11 KB
4 KB
Script
General
Full URL
https://kit.fontawesome.com/a82261f1b5.js
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee62b271d1f6df9abd89098c7f55d9a0bb3da4ff04ea47e1f96a8c1848800b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7cccb4abaeaf1c26-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F1ycYBHdKI47uPwKClth
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9785474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZP2CBxOcoUucsN9zOA48w9Pof6IZ8Gi3JCJrt7gcl4R9v5hRwVipRklsUAM%2Fq48sLKfNHq1uytUJk%2FPV7qpc8lhXtfisDR0uuDRDHP5vVfK8HUgFZFne%2BT0kO2eg5a7WvQWaEz5lv%2B7C8qGU3%2Fir%2FkC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cccb4ab8aad3814-FRA
expires
Tue, 14 May 2024 09:21:00 GMT
a132b93957394f229c4e9c4ddec2ae43.min.js
js.sentry-cdn.com/
2 KB
2 KB
Script
General
Full URL
https://js.sentry-cdn.com/a132b93957394f229c4e9c4ddec2ae43.min.js
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65741931b2a81792230a95edce7355534f636439def41c39c221fead89cf203a
Security Headers
Name Value
Content-Security-Policy img-src * blob: data:; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; frame-ancestors 'self'; object-src 'self'; connect-src *; base-uri 'none'; style-src * 'unsafe-inline'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=6c9a99581baf33c22e2fe63da5971a013167ac6b
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
img-src * blob: data:; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; frame-ancestors 'self'; object-src 'self'; connect-src *; base-uri 'none'; style-src * 'unsafe-inline'; default-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=6c9a99581baf33c22e2fe63da5971a013167ac6b
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 May 2023 09:21:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
36
x-envoy-upstream-service-time
14
content-length
1252
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-5c6f4f9d8-8nhdw, cache-chi-klot8100174-CHI, cache-fra-etou8220026-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
LPEAuth.js
auth.lpehq.eu/js/
17 KB
17 KB
Script
General
Full URL
https://auth.lpehq.eu/js/LPEAuth.js
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.145.32 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e699a1cb789965199b07b685aa4b4eb973e1a7c7352949dc089c368d699cfbc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/?platform-id=PEL-0A5C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 09:21:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 May 2023 13:55:22 GMT
Server
nginx/1.22.1
ETag
"645cf3ca-42ec"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
17132
logo@2x.png
auth.lpehq.eu/assets/
40 KB
40 KB
Image
General
Full URL
https://auth.lpehq.eu/assets/logo@2x.png
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.145.32 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2ea1ad218a693fa4d9333e2a0b1c52217b94f6a158a558c178131d9b1057acf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/?platform-id=PEL-0A5C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 09:21:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 May 2023 13:55:22 GMT
Server
nginx/1.22.1
ETag
"645cf3ca-9e24"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
40484
chart
chart.googleapis.com/
1015 B
1 KB
Image
General
Full URL
https://chart.googleapis.com/chart?cht=qr&chl=top%3A%2F%2Fdrg%3Fsecret%3D0r45489758934783788%26issuer%3DLPE&chs=180x180&choe=UTF-8&chld=L|2
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GoogleChartAPI/1.0 /
Resource Hash
62932d4d00e9470790ec2a734a938009fdd9471dcd7ce0ea30811142040b2331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:07:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2018 18:35:04 GMT
server
GoogleChartAPI/1.0
age
806
x-frame-options
ALLOWALL
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1015
x-xss-protection
1; mode=block
expires
Fri, 26 May 2023 09:07:34 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/
867 KB
196 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=a82261f1b5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a82261f1b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 21:29:22 GMT
server
cloudflare
etag
"641cc4b2-31000"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4ac4fbd1c26-FRA
content-length
200704
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/
27 KB
4 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-shims.min.css?token=a82261f1b5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a82261f1b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
"641cc4b0-10e7"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4ac4fc11c26-FRA
content-length
4327
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/
85 KB
12 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v5-font-face.min.css?token=a82261f1b5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a82261f1b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 21:29:21 GMT
server
cloudflare
etag
"641cc4b1-30f2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4ac4fc01c26-FRA
content-length
12530
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/
12 KB
2 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-font-face.min.css?token=a82261f1b5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a82261f1b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
"641cc4b0-917"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4ac4fbc1c26-FRA
content-length
2327
locale-en.json
auth.lpehq.eu/lang/
2 KB
2 KB
XHR
General
Full URL
https://auth.lpehq.eu/lang/locale-en.json?tagmode=any&format=json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.145.32 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
eb0f23aaeba4584dbbe67bda584d00fe6855819125896322510b0429cb3efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://auth.lpehq.eu/?platform-id=PEL-0A5C
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 09:21:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 May 2023 13:55:22 GMT
Server
nginx/1.22.1
ETag
"645cf3ca-60a"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
1546
bundle.tracing.replay.min.js
browser.sentry-cdn.com/7.53.1/
214 KB
68 KB
Script
General
Full URL
https://browser.sentry-cdn.com/7.53.1/bundle.tracing.replay.min.js
Requested by
Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/a132b93957394f229c4e9c4ddec2ae43.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2d177c10e8c1979b66861ba6a0cd5cc79655a4e5c183f8ddc834f6ce19ecd183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 24 May 2023 16:18:09 GMT
server
Fastly
age
58566
etag
"caff579d775778c0024c96a3da0743c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
68957
expires
Thu, 23 May 2024 17:04:55 GMT
background.jpg
auth.lpehq.eu/css/
769 KB
769 KB
Image
General
Full URL
https://auth.lpehq.eu/css/background.jpg
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/css/LPEAuth.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.145.32 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
6d87a3eed238ca3cfa2ac15a93488f1fad12d7edf069bf95a5b14564fbc850f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.lpehq.eu/css/LPEAuth.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 25 May 2023 09:21:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 May 2023 13:55:22 GMT
Server
nginx/1.22.1
ETag
"645cf3ca-c0417"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
787479
2c3a6bf5-3f84-4b75-b9ba-ad87cd1037be
https://auth.lpehq.eu/
46 KB
0
Other
General
Full URL
blob:https://auth.lpehq.eu/2c3a6bf5-3f84-4b75-b9ba-ad87cd1037be
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
46922
Content-Type
pro-fa-brands-400-f6b769.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/
18 KB
18 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-brands-400-f6b769.woff2
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe7a10434610e8494ce09ac2d4bc3d76621e425a6c448ac6001a1e1cd5c1d46

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:01 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Mar 2023 05:23:19 GMT
server
cloudflare
etag
"641d33c7-4884"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4adca131c26-FRA
content-length
18564
pro-fa-brands-400-90d968.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/
42 KB
43 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-brands-400-90d968.woff2
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273852bf83443951fbf261e811c4b72fbc1c377a6b9dd1ed1629780e29d1e28e

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:01 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Mar 2023 05:23:19 GMT
server
cloudflare
etag
"641d33c7-a994"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4adca151c26-FRA
content-length
43412
pro-fa-solid-900-a39b8b.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/
27 KB
27 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-solid-900-a39b8b.woff2
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ba1dd097c10594ed74cc7e47e40faca02fee84fdf0b39bfe60a60e1ccafad8

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:01 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Mar 2023 05:31:28 GMT
server
cloudflare
etag
"641d35b0-6b20"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4adca161c26-FRA
content-length
27424
pro-fa-regular-400-4ef6fa.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/
33 KB
33 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-regular-400-4ef6fa.woff2
Requested by
Host: auth.lpehq.eu
URL: https://auth.lpehq.eu/?platform-id=PEL-0A5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773a9a65a53ce073e98c065f4df20e92019fb0de9617d7125084104f6f24af4b

Request headers

Referer
https://auth.lpehq.eu/
Origin
https://auth.lpehq.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:21:01 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Mar 2023 05:23:22 GMT
server
cloudflare
etag
"641d33ca-82d0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7cccb4adca191c26-FRA
content-length
33488
/
o4504814459617280.ingest.sentry.io/api/4505165434847232/envelope/
41 B
341 B
Fetch
General
Full URL
https://o4504814459617280.ingest.sentry.io/api/4505165434847232/envelope/?sentry_key=a132b93957394f229c4e9c4ddec2ae43&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.53.1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.53.1/bundle.tracing.replay.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e27925f3d3122c4546b6c5cf4b6705ed1984115d7ae9cddee6332cc073079d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://auth.lpehq.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 May 2023 09:21:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| FontAwesomeKitConfig function| $ function| jQuery object| Sentry string| lang string| platform string| clientVersion string| email object| locale function| setLocaleText function| changeLang function| setMessage function| emailControl function| IsEmail function| passwordControl function| otpControl function| lastStepAuth function| openPlatform function| forgotPassword function| openSettings function| openSetting function| SettingAuthMethodControl function| SettingPasswordControl object| __SENTRY__ string| SENTRY_SDK_SOURCE

4 Cookies

Domain/Path Name / Value
.pelhq.eu/ Name: XSRF-TOKEN
Value: eyJpdiI6IlAxcFJwYjN4MUVUUUZjcm1CSTB1OHc9PSIsInZhbHVlIjoiQ2hPU1VMLzFiM1B5MUkxODFXYVVWeVlzUTBsVjFPV2xYZzBYOS8zVklXUTY5anhPTDJVQmFlZXViRjFSTnBPWjdsSjJrWkcwSW1PamZhcXN5c21iQ0R6ckxyb2N6a3B5VzZqL3RLbEI3cXJrUzhWZ3pONnAySVoxL3Q2U1l0NkEiLCJtYWMiOiJjYTIxZmJiNzVhZTI2Yjk1ZDlmYTA2MDNhMGRjYjMzMDI0YzA5ZDBiOWFhNTNkOTY0OWQyYmE5MzY0MzA3YzZhIiwidGFnIjoiIn0%3D
.pelhq.eu/ Name: pelhq_session
Value: eyJpdiI6IjJxSWJJa1EwajNlY3U3NmkyM2FIZFE9PSIsInZhbHVlIjoicERGR1pqc09BWGlIKzZrY0tOcFNJMW8zNXlJcEdWWVQzc2JlRGxFSXd2TUd1RytTQVVPSFF3bjZxVktYcmdJUHFEYkFrSkNETjkyU1NDUXVNMGRQS2ZyTnlmRmoxWDR2cXFOb0gxUWs1SmxrZGdacUJCRTFIbmpIckVmVFlybmkiLCJtYWMiOiJjODkyYmNjYzQ2NTg1NjI2MDg1NmNhNDQ1NTVhNGM4M2Q3NjExYzRmOTlkOGJlZTRkZDdjYzlhNjU3ZmQwNzhkIiwidGFnIjoiIn0%3D
.lpehq.eu/ Name: XSRF-TOKEN
Value: eyJpdiI6IndzNVh1Q2E2SUpvZlRxcXFSWGlHT1E9PSIsInZhbHVlIjoieDlrZjFrcmJ4UjlXdldQRVJNSzhFMVU4eTNjUURGMklVN0liWWhDaG9VZ1FBbjV5YVZGeGNzS1M5VzJkdzRCRTFRM3FHYmFoRzVUckNBelhpTGxod0lwRENhVFltN3RxWVNBM3YyVGZCUlA3ejJVc2E1dXlZOS9ETHgyVWo5QXgiLCJtYWMiOiJjNzRhN2ZkNjIyNjkxM2ViNjEzZGUyZDE5ZGFhNjAzMzc5MmQ3NzlkMGQwMTdlY2U0NDM3MjJjMTE3ZWZlODdmIiwidGFnIjoiIn0%3D
.lpehq.eu/ Name: lpeauth_session
Value: eyJpdiI6IjM5QWNyZ2JnTmtPTmtvREt5bGpRUXc9PSIsInZhbHVlIjoiZ3lSc0lHVXJseHBqczJlQSt2aFIyakdFWnIrbVB4dVJZMVZBODBIT2x6RTZqSG5VendBUHp5RXovWFpCNzM1Z3lMZytsVU15SmdpcngrSVMwbEIvK3lGSk54cmlEVkNCTFFLMmpUK2U3RzhyYWI5TmdsY2d0VHFGV1V2WUNDQmEiLCJtYWMiOiIzNzliZGQxMTFjODJlODdkZjQwNzkxYmRmYWI0MGVjZmVjNDc0Nzk3NGM2ZmQ3ZjU4N2I3MThlNTE1N2ZmOTI1IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.lpehq.eu
auth.pelhq.eu
browser.sentry-cdn.com
cdnjs.cloudflare.com
chart.googleapis.com
js.sentry-cdn.com
ka-p.fontawesome.com
kit.fontawesome.com
o4504814459617280.ingest.sentry.io
2606:4700::6811:180e
2606:4700::6812:1734
2a00:1450:4001:80b::200a
2a04:4e42::729
34.120.195.249
51.116.145.32
273852bf83443951fbf261e811c4b72fbc1c377a6b9dd1ed1629780e29d1e28e
2d177c10e8c1979b66861ba6a0cd5cc79655a4e5c183f8ddc834f6ce19ecd183
2ea1ad218a693fa4d9333e2a0b1c52217b94f6a158a558c178131d9b1057acf3
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a
5fe7a10434610e8494ce09ac2d4bc3d76621e425a6c448ac6001a1e1cd5c1d46
62932d4d00e9470790ec2a734a938009fdd9471dcd7ce0ea30811142040b2331
65741931b2a81792230a95edce7355534f636439def41c39c221fead89cf203a
681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a
6d87a3eed238ca3cfa2ac15a93488f1fad12d7edf069bf95a5b14564fbc850f9
773a9a65a53ce073e98c065f4df20e92019fb0de9617d7125084104f6f24af4b
85ba1dd097c10594ed74cc7e47e40faca02fee84fdf0b39bfe60a60e1ccafad8
ccec392960e7059a6cad93389399a9328378382adb4e1cda752173e2cd136766
d284b975aa629b3e0df6379a1ee8a3324c40fce41eb7e94725113f99f388c36c
e27925f3d3122c4546b6c5cf4b6705ed1984115d7ae9cddee6332cc073079d7a
e699a1cb789965199b07b685aa4b4eb973e1a7c7352949dc089c368d699cfbc2
eb0f23aaeba4584dbbe67bda584d00fe6855819125896322510b0429cb3efdb8
eee62b271d1f6df9abd89098c7f55d9a0bb3da4ff04ea47e1f96a8c1848800b3
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e