boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
200 OK 0 B URL User Request GET HTTP/2 boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
IP
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subject*.boomingproperties.co.ke
Fingerprint35:8D:31:55:59:72:71:03:C1:D6:C2:70:8F:6D:22:23:9E:D2:D3:E7
ValidityWed, 02 Aug 2023 08:57:09 GMT - Tue, 31 Oct 2023 08:57:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
Quad9 DNS malicious Sinkholed
GET /css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ== HTTP/1.1
Host: boomingproperties.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://aufeingespraech.de/Mdiana.branciforte@trinet.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Sep 2023 00:33:45 GMT
server: Apache
X-Firefox-Spdy: h2
aufeingespraech.de/jm/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1d
200 OK 7.5 kB URL GET HTTP/3 aufeingespraech.de/jm/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1d
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type ASCII text, with very long lines (7546), with no line terminators
Hash 19692a2e13ab09d18dbe07dd646c022a
f99d27122f00b497773febb2ab0e24ca764266b6
c8ef5ba744461fb197c95cc0c1a73054cbc9c50b12669f3290038beaf1a382db
GET /jm/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1d HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Cookie: cf_clearance=XfOGznI1Ot.SCu7Ai0z2K9U07.DAZrKqDErQq0nXWsA-1695342825-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=b67a55b1c57d3a43ee3967289e37642d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:33:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 29 Sep 2023 00:33:50 GMT
last-modified: Wed, 30 Aug 2023 05:45:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0HgzEsaQFH05PP5j24G7CUpQn75aofMaMkXFR8mH2gwXaD8kuNRCSomALZc7v04wsI8MafU0JyFxlAJq0RRk%2FyJJmny%2Bkt4YcqE2vaDVtaSrZ3XwTxy2n1XUFojpiOGzdu2LpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a675706d575685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 22 Sep 2023 00:33:50 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.5.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HAX4JZ4S52J1RE8FSQR78QHY-fra
cf-cache-status: HIT
age: 338
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 80a67570aa8d56c4-OSL
X-Firefox-Spdy: h2
aufeingespraech.de/boot/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1c
200 OK 51 kB URL GET HTTP/3 aufeingespraech.de/boot/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1c
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1c HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Cookie: cf_clearance=XfOGznI1Ot.SCu7Ai0z2K9U07.DAZrKqDErQq0nXWsA-1695342825-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=b67a55b1c57d3a43ee3967289e37642d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:33:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 29 Sep 2023 00:33:50 GMT
last-modified: Wed, 30 Aug 2023 05:45:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViV%2FbDdJ%2FmZnrlj2NDHnD20HwWRGlHh%2BCuOgwM53E1BxYPaijX9yYPLZHu1MQhvl6N0RZHpL2aEbLgJn1qTpRoFT%2Fx4YOHJlY9QgVUDEeD1x0JjFlu%2F4U40INM3yI6JXAM4QSXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a675706d555685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
200 OK 6.7 kB URL User Request GET HTTP/3 aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
IP
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6732), with no line terminators
Hash 536602533a7843ac2bcf2023246c463e
aa702a4ff416064cea03d45f8c38f77a7f74765f
5ff432f042dda1cd005346cea9ec94d0be250a91a83a929399c556d8ecadc43b
GET /beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82 HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aufeingespraech.de/Mdiana.branciforte@trinet.com?__cf_chl_tk=KqLm.o_gc7xaeQiSJpRMZ6RDxVFRAr6RJI9G3J2exQI-1695342825-0-gaNycGzNC_s
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=XfOGznI1Ot.SCu7Ai0z2K9U07.DAZrKqDErQq0nXWsA-1695342825-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=b67a55b1c57d3a43ee3967289e37642d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:33:49 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLEgJ4nnpivxKzo5GGH0UkK8KYq2Hsi1U8hBfqola8SNhJ2cLE6aHgN2nFYb5JoRLGLaSRg9O098Sim8fXl2eMgMaK81rZKvqvIbCUsMEOhwWHo0V5paKNYnerzeFQM13YWVIgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a6756f0cf35685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aufeingespraech.de/jq/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1a
200 OK 86 kB URL GET HTTP/3 aufeingespraech.de/jq/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1a
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/144f287192f11b2cdaf693fe0d0314d4650ce0ede8b1a HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Cookie: cf_clearance=XfOGznI1Ot.SCu7Ai0z2K9U07.DAZrKqDErQq0nXWsA-1695342825-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; PHPSESSID=b67a55b1c57d3a43ee3967289e37642d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:33:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 29 Sep 2023 00:33:50 GMT
last-modified: Wed, 30 Aug 2023 05:45:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FL2NVm%2ButNhboJdf0IYu0qTtgmOLYNRz4oHDrH0V3%2Fgf4dUtR8Iakhu7DOYIDh2NcWbkHbhIP2XO0ePN4HeDXL4Gli4M7cDHG1o7HaNN8vK5xH07I31%2Fcxm8oF9lkKh%2FeL5k9Zs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a675706d545685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios@1.5.0/dist/axios.min.js
200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.5.0/dist/axios.min.js
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31907)
Hash dc2b008d6a9118a0347bdc329ba260ee
91ac309b7d7d5ba99eb481f29ac01d443ea92f5e
b9ecabaabf25f2bbceb0c2eabaff77ed61f69c29ce551b1a8ac7156f87108cf4
GET /axios@1.5.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aufeingespraech.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 00:33:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7cca-kawwm319W6metIHymsAdRD6pL14"
via: 1.1 fly.io
fly-request-id: 01H95VE0NT42S6HRA8HPB4P7K3-fra
cf-cache-status: HIT
age: 1855431
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 80a675712ad856c4-OSL
content-encoding: br
X-Firefox-Spdy: h2
aufeingespraech.de/Mdiana.branciforte@trinet.com
403 Forbidden 6.3 kB URL User Request GET HTTP/2 aufeingespraech.de/Mdiana.branciforte@trinet.com
IP
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6323), with no line terminators
Hash 1af3b223ed093dc6af86faa6c2858836
157b382e6f9d73992e9c3607c504c1e5b0999e17
6135bc545127233df06c8f3bf4b908cd2561719ca3a6d446af7af3b61baa09b3
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mdiana.branciforte@trinet.com HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 22 Sep 2023 00:33:45 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljahwjv1%2BBzbB60M2lX81PXEc7jnsICn%2F5v2Ev0STb17mJj6IX127m3aolnWSP%2By%2Fz8pmvxQtriOdxv0RkAnDLot6v3BUdmFazrSQii8iHpvmv%2BAtUVBYXjRXC5EQaUE%2BhsZBJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a67556482756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
aufeingespraech.de/Mdiana.branciforte@trinet.com
302 Found 6.7 kB URL User Request POST HTTP/3 aufeingespraech.de/Mdiana.branciforte@trinet.com
IP
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mdiana.branciforte@trinet.com HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aufeingespraech.de/Mdiana.branciforte@trinet.com?__cf_chl_tk=KqLm.o_gc7xaeQiSJpRMZ6RDxVFRAr6RJI9G3J2exQI-1695342825-0-gaNycGzNC_s
Content-Type: application/x-www-form-urlencoded
Content-Length: 3468
Origin: https://aufeingespraech.de
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 22 Sep 2023 00:33:49 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51650ce0eddbf81PASbeebb091955c06fa68b3eb8afc0bae51650ce0eddbf82
set-cookie: cf_clearance=XfOGznI1Ot.SCu7Ai0z2K9U07.DAZrKqDErQq0nXWsA-1695342825-0-1-69b0ef05.7e78ddc4.3eb1b0e5-160.0.0; path=/; expires=Sat, 21-Sep-24 00:33:49 GMT; domain=.aufeingespraech.de; HttpOnly; Secure; SameSite=None
PHPSESSID=b67a55b1c57d3a43ee3967289e37642d; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zep%2BnFQB%2B5BFavTXYXlBk%2BXVqKfoD0pvmOaZMTpNm5hp8NLw8AR9iRiPxY7W11kmpOqj%2Bhn5Gg1TZN%2F4wopJfddXxQ1XCE6Z20SniEZCOyr%2BgY%2Fg2sXdDx3iuYzesaqXrzltMhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a6756d0c3f5685-OSL
alt-svc: h3=":443"; ma=86400
192.185.159.224
104.21.79.2