urlscan.io logo urlscan.io
SecurityTrails logo

www.mittelstandsforum.de Open in urlscan Pro
143.204.98.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPg...
Effective URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwA...
Submission: On April 01 via api from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 26 HTTP transactions. The main IP is 143.204.98.104, located in United States and belongs to AMAZON-02, US. The main domain is www.mittelstandsforum.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2021. Valid for: a year.
This is the only time www.mittelstandsforum.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
12 143.204.98.104 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
4 143.204.98.51 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
26 5
2    2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
email.all-for-one.com
12    143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net
www.mittelstandsforum.de
8    2606:4700::6812:778 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
4    143.204.98.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-51.fra50.r.cloudfront.net
allforoneprod-media.e-spirit.cloud
1    2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
Apex Domain
Subdomains		 Transfer
12 mittelstandsforum.de
www.mittelstandsforum.de
422 KB
8 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7537
120 KB
4 e-spirit.cloud
allforoneprod-media.e-spirit.cloud
882 KB
2 all-for-one.com
email.all-for-one.com
4 KB
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3095
602 B
26 5
Domain Requested by
12 www.mittelstandsforum.de email.all-for-one.com
www.mittelstandsforum.de
8 cookie-cdn.cookiepro.com www.mittelstandsforum.de
cookie-cdn.cookiepro.com
4 allforoneprod-media.e-spirit.cloud www.mittelstandsforum.de
2 email.all-for-one.com 1 redirects
1 fast.fonts.net email.all-for-one.com
26 5

This site contains links to these domains. Also see Links.

Domain
www.all-for-one.com
www.cookiepro.com
Subject Issuer Validity Valid
email.all-for-one.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
mittelstandsforum.de
Sectigo RSA Domain Validation Secure Server CA		 2021-11-17 -
2022-12-18		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2021-05-20 -
2022-05-19		 a year crt.sh
*.e-spirit.cloud
DigiCert SHA2 Secure Server CA		 2020-03-02 -
2022-05-02		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Frame ID: 725CCB0058F441F52A03C8AFAA691508
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mittelstandsforum 2022 - All for One Group SE Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJ... Page URL
  2. https://email.all-for-one.com/events/public/v1/encoded/track/tc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4g... HTTP 307
    https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

1428 kB
Transfer

3707 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd7XDnpvW7jHbgC1zZ654W2C8rLN6wFCXSW71sy-w4dn0nBW5WRcKD1FXt7lW5_6ph-4L85ZkW6PtFyL8RPZSWW2bXkfl6KXPpqW3QSmtw581pW6W3ywqcr932XtdW1gYzkj6x_9MdW8k8l2J1_rbrlW2QmPy95LPRwvW3LnXhx4gYjgL31hm1 Page URL
  2. https://email.all-for-one.com/events/public/v1/encoded/track/tc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd7XDnpvW7jHbgC1zZ654W2C8rLN6wFCXSW71sy-w4dn0nBW5WRcKD1FXt7lW5_6ph-4L85ZkW6PtFyL8RPZSWW2bXkfl6KXPpqW3QSmtw581pW6W3ywqcr932XtdW1gYzkj6x_9MdW8k8l2J1_rbrlW2QmPy95LPRwvW3LnXhx4gYjgL31hm1?_ud=c4381e41-7ee1-4767-a52e-e67154628058&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd...
email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd7XDnpvW7jHbgC1zZ654W2C8rLN6wFCXSW71sy-w4dn0nBW5WRcKD1FXt7lW5_6ph-4L85ZkW6PtFyL8RPZSWW2bXkfl6KXPpqW3QSmtw581pW6W3ywqcr932XtdW1gYzkj6x_9MdW8k8l2J1_rbrlW2QmPy95LPRwvW3LnXhx4gYjgL31hm1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
6f4f75d84e719c0d-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Fri, 01 Apr 2022 07:02:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Fri, 01 Apr 2022 07:02:38 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzHy%2BOobiHZrZoTq8bnRJau%2BPtd9d0MAUjjth5SyQFrUqtzaTc9vZzjM0w6DEdW9LYDLACo6IM%2BDx94inWsnsyvlCSFavcbdmFajtCCef3Xie4O2J6NG%2FsKgFs7N4xcyqjrtG5tbUlY%2F8ASs2hcseg%2BwwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-hubspot-correlation-id
696b06d7-831a-4446-b2e0-4f99fa7ab133
x-robots-tag
none
Primary Request /
www.mittelstandsforum.de/
Redirect Chain
  • https://email.all-for-one.com/events/public/v1/encoded/track/tc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P9...
  • https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFW...
29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Requested by
Host: email.all-for-one.com
URL: https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd7XDnpvW7jHbgC1zZ654W2C8rLN6wFCXSW71sy-w4dn0nBW5WRcKD1FXt7lW5_6ph-4L85ZkW6PtFyL8RPZSWW2bXkfl6KXPpqW3QSmtw581pW6W3ywqcr932XtdW1gYzkj6x_9MdW8k8l2J1_rbrlW2QmPy95LPRwvW3LnXhx4gYjgL31hm1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57cb93f32f5eff45123f75934d8f05678f011f84db759a1094cf1ef26f97526b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd7XDnpvW7jHbgC1zZ654W2C8rLN6wFCXSW71sy-w4dn0nBW5WRcKD1FXt7lW5_6ph-4L85ZkW6PtFyL8RPZSWW2bXkfl6KXPpqW3QSmtw581pW6W3ywqcr932XtdW1gYzkj6x_9MdW8k8l2J1_rbrlW2QmPy95LPRwvW3LnXhx4gYjgL31hm1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 07:02:39 GMT
etag
W/"65a5266b6f07303dd2356988f571aedf"
last-modified
Fri, 01 Apr 2022 06:13:32 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-id
J6e82DQQ8RehlUqhFTn8981UrRt5-Yxd2i-Eluzwtt6AywFg1Emybw==
x-amz-cf-pop
FRA50-C1
x-amz-id-2
nhJL79Yo1I61Q8fVfae3QA3Nc8FDJlPYG3aLCgffIbL73pd7pAZIfKYMsxlJIcbM1j0rjamEF6E=
x-amz-request-id
N0MR0GYADTMJEZ6G
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
6f4f75d958329c0d-FRA
date
Fri, 01 Apr 2022 07:02:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email>; rel="canonical"
location
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoPAUfzMmglbHQcIOs4od5JcTUzl4d4HlvCmDQQhouJiadWoU%2BQev5jZ1ZFJ7Z%2BM88NoYBsC5SVDr8MeKJW0yN8svht4xNYvsUC5RSp7%2FczsJZARCpac7aj6pMwL%2FppgJkfiq%2FQj3cd7lNDDOJfyez2QRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-hubspot-correlation-id
f5f7c81a-0da8-422f-9737-e0b4b890fd7c
x-robots-tag
none
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:38 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
dVKVlVU+J+RB4CMcqf9NTw==
age
11536
x-ms-lease-status
unlocked
last-modified
Thu, 24 Mar 2022 01:44:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f1e5bb6d-801e-007e-7432-3fa80a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dc9cbd91ed-FRA
expires
Fri, 01 Apr 2022 11:02:38 GMT
maincss.css
www.mittelstandsforum.de/layout/css/ 		1 MB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8763f880ab7a6a620eada707e203c93f0a71d9319cd8de674a92c0a876780943
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333059
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
XQJWRT0KFZTR3QAF
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Mar 2022 10:31:23 GMT
server
AmazonS3
etag
W/"fb83f0f9d91a5c03d81dcd60b14ac254"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
t55fa4wECrQPJla4xOreeaOOrjH2owV_WeJe_PZ2XdC1X0BMdEQ5lw==
x-amz-id-2
mmZPVvw45/KQKfekYV4pBflfNU7G5uUvrOGt+YQ21ONKKcDiT0aKj9X1Gp9Ym2R6OS2NR5ze7yU=
shivjs.js
www.mittelstandsforum.de/layout/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/js/shivjs.js?r=54436
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b124ef76a8c350372e8c71bcdde6bece98cddd8c7fb201cbd1ac21522be3d38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333059
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
XQJGCR65M3WFW6MH
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Mar 2022 10:31:23 GMT
server
AmazonS3
etag
W/"9b110f88cc2294c5914c9cf8b49616f6"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tgjZ0KtuXQb2uaYALTceRteXuuFtObUaCpWeRcaIV3l6sq_0YpdaIA==
x-amz-id-2
2tazsu8vg1GBLSAWtyZSlcym4lCyvx+NRFzL8Sn6o8k9ErKZ5Mx/+yIR+iAkUPtp395x7svayqg=
libjs.js
www.mittelstandsforum.de/layout/js/ 		254 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/js/libjs.js?r=54434
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
111fcacc450de8c8283ef33dc5738c30cc3e6aa7be8512fbde5f93ceecd9226c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333059
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
XQJYQVX42E4P7HN7
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Mar 2022 10:31:23 GMT
server
AmazonS3
etag
W/"b8c37ba5eaea5a0412f875a17cdd6bb3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fi1qTdKWlubmGrAWwOt4cTRAsA8nhMcJINHRN9DxTugEl7Cq_emkxw==
x-amz-id-2
DewEegljYsP9tBZbT4uIqhAIQt+3PFOUr/pKCT5drM30D7mT8fksh/zM4/HdEbIGnNoTWPVNFSQ=
appjs.js
www.mittelstandsforum.de/layout/js/ 		427 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/js/appjs.js?r=54431
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b5c49c1e6e613a2bf0bd44f8a8bcc10c00756a94c1d106357e17cab1b207197
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333058
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
YE90VFKMEQXA894B
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Mar 2022 10:31:23 GMT
server
AmazonS3
etag
W/"bd9ad955f9816dc6e67ba59f3b33536b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
bZg-8iwRqRVCHQBgeuwglmrqyVcopNvrZ-p-M4JYSp4IOE95a0FUnA==
x-amz-id-2
nY+O8XPV6IZg0q1hUTj9AcFnrH/DFkUaucpPCFuS2C5eo/cnsdhU0idm4VyeOZbsnAFj+/vlyDo=
fonttrackingjs.js
www.mittelstandsforum.de/layout/js/ 		1009 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/js/fonttrackingjs.js?r=54432
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45ed79c22f756eababc55f9736967626a11a091d756d043d1d71f907a0ae0830
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333059
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
YE91NY4S330537G9
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Mar 2022 10:31:23 GMT
server
AmazonS3
etag
W/"746f61e66a6897ee0207f71fc5304972"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LOdKKMQFsWkCYIjmWbI17-JzikiHL5ZwnahAJ5wxfyWmyaA_b7Pbbg==
x-amz-id-2
3sl2I5hCMdS8E5k4mQpyEj0xxT4kZEFPLgeONIVPFazZJeXSxo/UtL390YPPqVmE/dAkA5F/E8c=
all_for_one_group_rgb.svg
allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/logos/all-for-one-group/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/logos/all-for-one-group/all_for_one_group_rgb.svg
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
877ed5b9cf10071f7ab621e169b9375908fca173ea73987649df1e50168dffb5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 03:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358977
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
F64S38Y8HVF4PVHS
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 11 Mar 2021 12:40:03 GMT
server
AmazonS3
etag
W/"29d044a684f716290912b934f7b09bac"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GXlBVWlouaqEPo1_qOsfng1ZjY5oK--MEh9kpos-UisAU_8aXAVTRA==
x-amz-id-2
V8DY+gefa/dZvB+omD+DOmnSSRACLRvNOylRL67Ob3T90R5ltMCRPhza+wXVt1KKUtOP1FiCcn8=
all_for_one_group.svg
allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/logos/all-for-one-group/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/logos/all-for-one-group/all_for_one_group.svg
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64cdd66f110a72e7e82d08bf076f1e8f408c4e2d1544f24efb05a083d97af476
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
9817
x-cache
Hit from cloudfront
x-amz-request-id
7AVH9G9H6SNNF0Y1
x-amz-id-2
moWFwMOpLMSA/7V/xylNCcShmAs3fl/w51xs6pPYVMbUDOkkjRuutUrMret+WAHXjz36jJZpe0M=
referrer-policy
same-origin
last-modified
Thu, 11 Mar 2021 12:40:03 GMT
server
AmazonS3
date
Fri, 01 Apr 2022 04:19:03 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=2592000
etag
W/"9e3e659f8f98cc8e532223df3b2408fd"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MBpvsH971O7fEHw57rTWClqRum8F7odGtN4PhsCuY-lF50A7ACbzzA==
mifo2021_0a_mifo_2021_gesamt_1920x1080_hub_stage_desktop.jpg
allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/mittelstandsforum/ 		757 KB
759 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/mittelstandsforum/mifo2021_0a_mifo_2021_gesamt_1920x1080_hub_stage_desktop.jpg?r=592918
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f086724bc77186e04cd8b34784f3693a3dd7f829cd448892a88b1f9c524b2da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:07:40 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3300
x-cache
Hit from cloudfront
x-amz-request-id
NZDW111GQDMX1GN4
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Mon, 16 Aug 2021 23:10:38 GMT
server
AmazonS3
etag
"31effbc4c16ded4f4e0525555a01d9d9"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-length
775597
x-amz-cf-id
94dvSvM51_iKHYnDDJ2qYPLP302LJMvuZIH0yjhaVvIK8QRmuGwxUA==
x-amz-id-2
cIpxYc0TGW52s3KqPlomaUMoSM1C/lVDTp5zP3+4nJ1vG/eiN5fJ8H5Vj7iDBHAaZhZpAGQPAgw=
4ec7d153-58d9-4e4d-bae0-8c1bca14b8e1.json
cookie-cdn.cookiepro.com/consent/4ec7d153-58d9-4e4d-bae0-8c1bca14b8e1/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/4ec7d153-58d9-4e4d-bae0-8c1bca14b8e1/4ec7d153-58d9-4e4d-bae0-8c1bca14b8e1.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeca92a65e9a424905126b76bb2954f4f7588b38a077b0f0c48ac9fb4e0bb77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:38 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
8PNYBsWpejTkVZuriejSRg==
age
2135
x-ms-lease-status
unlocked
last-modified
Mon, 07 Mar 2022 12:18:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7550e071-401e-002c-3cb7-3dd4e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dcfd2192ab-FRA
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/6.31.0/ 		334 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:38 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
11392
x-ms-lease-status
unlocked
last-modified
Thu, 10 Feb 2022 02:30:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76ae3b38-801e-0033-305a-1e67e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dd6e5391ed-FRA
expires
Fri, 01 Apr 2022 11:02:38 GMT
avenirmediumwoff2.woff2
www.mittelstandsforum.de/layout/fnt/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/fnt/avenirmediumwoff2.woff2?timestamp=1648213219785
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f75130597e9fba045653f364091f28720c8410a0c61d14e9a803c2a1b1e2b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Origin
https://www.mittelstandsforum.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
73582
x-cache
Hit from cloudfront
x-amz-request-id
YE9BJ1T67B8D576M
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Fri, 19 Jul 2019 05:46:52 GMT
server
AmazonS3
date
Thu, 31 Mar 2022 10:36:18 GMT
content-type
application/octet-stream
etag
"d8519ef53c3ab2298c910b759606aa84"
x-amz-cf-pop
FRA50-C1
content-length
26636
x-amz-cf-id
MB0bvYeAb5AEnAAWRCDXXO8yqfGGns-Xh1wNvduLhhl5w9LpLhRlsw==
x-amz-id-2
FNQxDMK8APabnlPg97uvrhgHqLI4vt0RBOIdmpf6RQ/gNOlcSLJMH0uQtJWDxCfvsJH+YA1qX0s=
all41iconfontwoff2.woff2
www.mittelstandsforum.de/layout/fnt/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/fnt/all41iconfontwoff2.woff2?timestamp=1648213219811
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4f769f17c0765451eed0d2deffc643cb297285459db985e3c0917589b9dbdb4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Origin
https://www.mittelstandsforum.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:31:41 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
333059
x-cache
Hit from cloudfront
x-amz-request-id
YE9AJN48E8195ENP
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Mon, 13 Dec 2021 11:30:06 GMT
server
AmazonS3
etag
"c82da9dc9635b24d575fadea5ba8acb9"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
font/woff
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-length
4364
x-amz-cf-id
6Ec6PWjgs23cVHIMQ22XZNywVPFOwlnILpy96-v_OJ4ermh3Ge-4rA==
x-amz-id-2
+BKlSDHekV7O/78+TMEbD+aP0M2SncXNCENrLh/gNO+Sr/Hp3N1IPzNe3kyqZgUe4I3ZeUoQM7M=
avenirlightwoff2.woff2
www.mittelstandsforum.de/layout/fnt/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/fnt/avenirlightwoff2.woff2?timestamp=1648213219778
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f0df435bfdc31c4ae406019c9d872754028b5ecb2125dc9322890f42af1a308
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Origin
https://www.mittelstandsforum.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9817
x-cache
Hit from cloudfront
x-amz-request-id
4KVGBT4HVP030G5N
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Fri, 19 Jul 2019 05:46:52 GMT
server
AmazonS3
date
Fri, 01 Apr 2022 04:19:03 GMT
content-type
application/octet-stream
etag
"73b063eff2271c7bccf0b9f7b1d6c584"
x-amz-cf-pop
FRA50-C1
content-length
24560
x-amz-cf-id
AmiiPuv0ZGszUS3jGsmGfX0fIGJgpY5HCPkrZbvS-0Z-LDJ0oZLXMw==
x-amz-id-2
7qwOw1eZ4+5YzT4qtoXA9jipw4fbPxD7SlXxlGfSnCih6s4NXwMbL6WO6Su2ptBoTm89f0EVsoo=
prismafivewoff2.woff2
www.mittelstandsforum.de/layout/fnt/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/fnt/prismafivewoff2.woff2?timestamp=1648213219804
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cccd0168b8045f702a0466d1371fd19ba19f669fb3b8c387d34691e7acfa9838
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Origin
https://www.mittelstandsforum.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
73581
x-cache
Hit from cloudfront
x-amz-request-id
YE9FGQ2QT5M8V55W
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Fri, 19 Jul 2019 05:46:52 GMT
server
AmazonS3
date
Thu, 31 Mar 2022 10:36:19 GMT
content-type
application/octet-stream
etag
"132c404b9b75cc44560ff1f1612d23a0"
x-amz-cf-pop
FRA50-C1
content-length
29611
x-amz-cf-id
RefnhvBlf830LkYShq6QyGERncc0H9j2ByI-0jqzGg5EV_yv2wMLxQ==
x-amz-id-2
0PvupiXftzguyBTw0iRQR4nuasXXu3ZJT7NbSgxppnRW0o4SpJYFNV/LQ4zMn9zABLwO0FcMYcQ=
avenirblackwoff2.woff2
www.mittelstandsforum.de/layout/fnt/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/fnt/avenirblackwoff2.woff2?timestamp=1648213219792
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13e9c0d07bc2464b8f2dbb2b723b2a6e7e6a769491e3c68dca766b61e3cb972b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Origin
https://www.mittelstandsforum.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9817
x-cache
Hit from cloudfront
x-amz-request-id
X3MD2P1VQH2CNXCZ
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Fri, 19 Jul 2019 05:46:52 GMT
server
AmazonS3
date
Fri, 01 Apr 2022 04:19:03 GMT
content-type
application/octet-stream
etag
"9d601baa0eba092b43ed97567a7f2562"
x-amz-cf-pop
FRA50-C1
content-length
24232
x-amz-cf-id
CQtWenwSGxKXK_IH9SXMxu7CJ3IgpErPMgwaNfFZTD-MiVnp84Mdfg==
x-amz-id-2
r8S0vTcIYPkEnLf6voZS37XWUgytQUi5Nw5xcexRE18+xEY7byJ6I6NYSsDmWIXR3mGSIX+Ffl8=
mifo2012_trailer_899x506_media_poster_desktop.jpg
allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/unsortiert/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allforoneprod-media.e-spirit.cloud/media_group_website/allgemein/unsortiert/mifo2012_trailer_899x506_media_poster_desktop.jpg?r=592920
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/?utm_campaign=SEC_IAM-Kampagne-2021&utm_medium=email&_hsmi=208686898&_hsenc=p2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ&utm_content=208686898&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
147d0365a5413a15fa0664a6f0cb320c752caa80ab687efd1716dda2dd3e5a00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:07:40 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3300
x-cache
Hit from cloudfront
x-amz-request-id
NZDN8KSVM16JFTZG
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Wed, 29 Sep 2021 12:22:43 GMT
server
AmazonS3
etag
"7d66b5ef0bf986fc45175071745b7193"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-length
121402
x-amz-cf-id
Y3BzRGw-v1FIE9DCY4db_Z5TmGttaleh0msn4A3P3oMqDwz3ACCwjw==
x-amz-id-2
pkRUvZ+FO+3HcNjR0WcCmVnA1x8vmzJ7sSrz86p0cBZE4iG+0xwX4L35l+fP7HZ9lNjwuvruKTc=
prismathreewoff2.woff2
www.mittelstandsforum.de/layout/fnt/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mittelstandsforum.de/layout/fnt/prismathreewoff2.woff2?timestamp=1648213219799
Requested by
Host: www.mittelstandsforum.de
URL: https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbcf3086d91a55dcadab44633685e141ea3fc9561b1e7cb2087fc952cd2f49bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mittelstandsforum.de/layout/css/maincss.css?r=54413
Origin
https://www.mittelstandsforum.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
73581
x-cache
Hit from cloudfront
x-amz-request-id
YE91JD0Z40RKFN5Y
x-xss-protection
1; mode=block
accept-ranges
bytes
referrer-policy
same-origin
last-modified
Fri, 19 Jul 2019 05:46:52 GMT
server
AmazonS3
date
Thu, 31 Mar 2022 10:36:19 GMT
content-type
application/octet-stream
etag
"6cb392097134535aff42ecbde01d4721"
x-amz-cf-pop
FRA50-C1
content-length
23774
x-amz-cf-id
eOJTqe9CLI1V2vHMpGROCIOFDJ1cF89sf3oxg2vMwBnDMBJTL6NvXw==
x-amz-id-2
MDOkWm9+MeYglFjTV1/mF5TqSVUn6f63tqGEBSQ07dzvYLDWS3apl5v+LuMU5oHM/faWYmp2j3k=
1.css
fast.fonts.net/lt/ 		0
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/lt/1.css?apiType=css&c=1455b350-6389-4219-80c4-d7a65dd85137&fontids=1475498,1475534,1475558
Requested by
Host: email.all-for-one.com
URL: https://email.all-for-one.com/e3t/Ctc/R+113/cl5mt04/VVZQpt7lrpF1W7q0mfk1wyH2QW4gSXWJ4Hlc_0MZjDWt3pdrrV1-WJV7CgZ37W3wpFTB8FLxPgW7-95Rq2js1t5Vn3CD93k59nnW9gfymm3PgZJQW96m6P93RypwdW4T92Yg929n0GW5w7WM88WZ3tVW3zq8Zv25W_YLW5Yyw_R53WB92W14Cbff132BWgW5_mkqd7XDnpvW7jHbgC1zZ654W2C8rLN6wFCXSW71sy-w4dn0nBW5WRcKD1FXt7lW5_6ph-4L85ZkW6PtFyL8RPZSWW2bXkfl6KXPpqW3QSmtw581pW6W3ywqcr932XtdW1gYzkj6x_9MdW8k8l2J1_rbrlW2QmPy95LPRwvW3LnXhx4gYjgL31hm1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 07:02:39 GMT
cf-cache-status
HIT
age
317399
cf-ray
6f4f75deadc59ba0-FRA
content-length
0
x-amz-id-2
L5bv0alfOF/bQJFXzAQlHn9HaChxcAvv52J9lHLeK610O1FT2XePrEILBjx5Nk8AkgTJO/uOaLk=
last-modified
Tue, 23 Mar 2021 12:59:56 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
4B5N4CX34TWCEWS4
cache-control
public, max-age=0, s-maxage=604800
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-meta-mtime
1361983047
de.json
cookie-cdn.cookiepro.com/consent/4ec7d153-58d9-4e4d-bae0-8c1bca14b8e1/93ceae55-c448-4f07-ba75-263370bc5d8b/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/4ec7d153-58d9-4e4d-bae0-8c1bca14b8e1/93ceae55-c448-4f07-ba75-263370bc5d8b/de.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8176319a0ea14344d2e86ee484ed1add62f8f0cad04d4657287ea5b1b33cbed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
DZhIICtqLYSaw4KX41ljCw==
age
2133
x-ms-lease-status
unlocked
last-modified
Mon, 07 Mar 2022 12:18:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f9a7db1-101e-0031-7833-32d95e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75de7fa792ab-FRA
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/otFlat.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
EXbJt9InrxA+LlZTe81nFg==
age
2132
x-ms-lease-status
unlocked
last-modified
Thu, 10 Feb 2022 02:30:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a91be015-501e-00a6-4142-238f53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dee86692ab-FRA
expires
Fri, 01 Apr 2022 11:02:39 GMT
otPcCenter.json
cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/v2/otPcCenter.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
ZpEAbh0BppVJFPu0Tn1v0w==
age
2131
x-ms-lease-status
unlocked
last-modified
Thu, 10 Feb 2022 02:30:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2c78f951-b01e-0017-0842-239146000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dee86c92ab-FRA
expires
Fri, 01 Apr 2022 11:02:39 GMT
otCookieSettingsButton.json
cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/otCookieSettingsButton.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
bZ6sFc9Mh4SBvE3dHyo0/Q==
age
2132
x-ms-lease-status
unlocked
last-modified
Thu, 10 Feb 2022 02:30:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9265b79b-401e-0071-2135-23de66000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dee86d92ab-FRA
expires
Fri, 01 Apr 2022 11:02:39 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 07:02:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
2HSefDmVwJneRQMu6SXIPw==
age
2132
x-ms-lease-status
unlocked
last-modified
Thu, 10 Feb 2022 02:30:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6ee58389-401e-002c-3b42-23d4e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6f4f75dee86e92ab-FRA
expires
Fri, 01 Apr 2022 11:02:39 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| CONTEXT function| _typeof object| Hyphenopoly function| ES6Promise function| $ function| jQuery object| picturefillCFG function| picturefill function| Mark function| setImmediate function| clearImmediate string| MTUserId object| MTFontIds object| Optanon object| OneTrust

3 Cookies

Domain/Path Name / Value
.email.all-for-one.com/ Name: __cfruid
Value: dd6037f46ef4ffe6978626f6749dca90c6c8a667-1648796558
.fonts.net/ Name: __cf_bm
Value: WUl8CP1FK.HDM1nFNevoAu9f8SMmxZ7CTMqOJi.Cxs4-1648796559-0-AUTn35Dy4lfUtgZcbXsatp6JzgYIAaiBtJ51uHytOthEiwjbdaOoTsAaGLwpI/0iJV1uyzhHGFl8lB9d6z9/x18=
.mittelstandsforum.de/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Apr+01+2022+07%3A02%3A39+GMT%2B0000+(GMT)&version=6.31.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.mittelstandsforum.de%2F%3Futm_campaign%3DSEC_IAM-Kampagne-2021%26utm_medium%3Demail%26_hsmi%3D208686898%26_hsenc%3Dp2ANqtz-8gQFMf_J-RwAraNthFxDSvMp3cP1YugU1pLKpXM90V925_mzdhPp3BO144BKnLdjww-DZNT_Q3Bz6wFWQRpy8a1DE592P3dsZgKGs4tV0fFBhwcrQ%26utm_content%3D208686898%26utm_source%3Dhs_email&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0%2CC0005%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allforoneprod-media.e-spirit.cloud
cookie-cdn.cookiepro.com
email.all-for-one.com
fast.fonts.net
www.mittelstandsforum.de
143.204.98.104
143.204.98.51
2606:2c40::c73c:671d
2606:4700::6811:e04e
2606:4700::6812:778
111fcacc450de8c8283ef33dc5738c30cc3e6aa7be8512fbde5f93ceecd9226c
13e9c0d07bc2464b8f2dbb2b723b2a6e7e6a769491e3c68dca766b61e3cb972b
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
147d0365a5413a15fa0664a6f0cb320c752caa80ab687efd1716dda2dd3e5a00
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
45ed79c22f756eababc55f9736967626a11a091d756d043d1d71f907a0ae0830
57cb93f32f5eff45123f75934d8f05678f011f84db759a1094cf1ef26f97526b
64cdd66f110a72e7e82d08bf076f1e8f408c4e2d1544f24efb05a083d97af476
6f086724bc77186e04cd8b34784f3693a3dd7f829cd448892a88b1f9c524b2da
7eeca92a65e9a424905126b76bb2954f4f7588b38a077b0f0c48ac9fb4e0bb77
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
84f75130597e9fba045653f364091f28720c8410a0c61d14e9a803c2a1b1e2b9
8763f880ab7a6a620eada707e203c93f0a71d9319cd8de674a92c0a876780943
877ed5b9cf10071f7ab621e169b9375908fca173ea73987649df1e50168dffb5
8f0df435bfdc31c4ae406019c9d872754028b5ecb2125dc9322890f42af1a308
9b124ef76a8c350372e8c71bcdde6bece98cddd8c7fb201cbd1ac21522be3d38
9b5c49c1e6e613a2bf0bd44f8a8bcc10c00756a94c1d106357e17cab1b207197
9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1
b8176319a0ea14344d2e86ee484ed1add62f8f0cad04d4657287ea5b1b33cbed
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
bbcf3086d91a55dcadab44633685e141ea3fc9561b1e7cb2087fc952cd2f49bb
cccd0168b8045f702a0466d1371fd19ba19f669fb3b8c387d34691e7acfa9838
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4f769f17c0765451eed0d2deffc643cb297285459db985e3c0917589b9dbdb4
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66