| anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/ipaper.com |  104.21.62.244 | 200 OK | 6.2 kB |
URL GET anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/ipaper.com IP104.21.62.244:443
Requested byhttps://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w CertificateIssuerGoogle Trust Services Subjecthlus.de FingerprintFF:C7:88:9F:76:17:BA:0F:FA:78:F0:54:4B:61:E0:94:EB:60:A9:63 ValidityWed, 09 Apr 2025 06:56:21 GMT - Tue, 08 Jul 2025 07:56:04 GMT
File typeHTML document, ASCII text Hashc8e9e1d3a452822599e217a6928f3915 8eb66ec1b9e5dde6dfa672cefbea12bd446697cd 821ca2624c70b607861d67412c0f77d4645f5e694b48104ae89d2cc892687bc5
GET /aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/ipaper.com HTTP/1.1
Host: anaaf0143l4k7vryoti.hlus.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:19 GMT
content-type: text/html;charset=UTF-8
content-encoding: br
cf-ray: 92dd92f129db5697-OSL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yac3WEqe7ZIwhc6%2FugYGGJBoXg6%2Bet%2FBwCP35wdR4%2FBkV9D0lfpPlWJRR0yjQxG%2Brihm7b0VQaGkobSdcYGrzolqjJREp9u2Cpi9ojBHxy%2FdatUVVURfhd4w05VK5rIiNmDwwiw%2BrRuPib3XijI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4441&min_rtt=469&rtt_var=7926&sent=12&recv=15&lost=0&retrans=0&sent_bytes=5755&recv_bytes=1655&delivery_rate=8601980&cwnd=257&unsent_bytes=0&cid=8ae1c7448ee430f1&ts=4897&x=0"
X-Firefox-Spdy: h2
|
|
| aadcdn.msauthimages.net/dbd5a2dd-1w8jwks1hxms0x3uupvfcj4-auf10wywdkyjoadzb1m/logintenantbranding/0/bannerlogo?ts=638302283300106287 |  23.36.77.249 | 200 OK | 4.6 kB |
URL GET aadcdn.msauthimages.net/dbd5a2dd-1w8jwks1hxms0x3uupvfcj4-auf10wywdkyjoadzb1m/logintenantbranding/0/bannerlogo?ts=638302283300106287 IP23.36.77.249:443 ASN#20940 Akamai International B.V.
Requested byhttps://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w CertificateIssuerMicrosoft Corporation Subjectidnaakamaicdn.msftauth.net FingerprintDC:51:C1:FA:8A:C3:85:DA:8E:3C:1C:06:37:00:90:7A:B4:62:A9:DC ValidityFri, 27 Dec 2024 18:21:36 GMT - Mon, 22 Dec 2025 18:21:36 GMT
File typePNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced Hash829849ef1da3aa6dad2381efe4ae7d45 91b6929de3d80a797104794f192e352ef13f2f9c eb61ea8795b7d581940512eb8461e09b2acdb5b73d32ca3f0de864caadcef1e8
GET /dbd5a2dd-1w8jwks1hxms0x3uupvfcj4-auf10wywdkyjoadzb1m/logintenantbranding/0/bannerlogo?ts=638302283300106287 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anaaf0143l4k7vryoti.hlus.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 4619
content-type: image/*
content-md5: gphJ7x2jqm2tI4Hv5K59RQ==
last-modified: Wed, 13 Sep 2023 18:58:50 GMT
etag: 0x8DBB48B77D58014
x-ms-request-id: 7ddd6fa2-601e-001a-0530-72223d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=11608
date: Wed, 09 Apr 2025 22:52:17 GMT
x-content-type-options: nosniff
akamai-grn: 0.f54d2417.1744239137.180d9134
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js | 104.18.94.41 | 200 OK | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js IP104.18.94.41:443
Requested byhttps://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (48122) Hashd00e161860ff36cf8482d4768e280cab a6d5b477886524767e67d3edee385cd2c9f41a54 ca540bf2ebcfb08c9c8c92512c58707f1a62a572efd7ac409cba2229b55f012c
GET /turnstile/v0/b/580ba44007a6/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anaaf0143l4k7vryoti.hlus.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:17 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 04 Apr 2025 13:58:27 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 92dd92f17a45b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC | 104.18.94.41 | 200 OK | 229 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size229 kB (228556 bytes) Hash590a6a808a4f19faaacc3b1ddf1d193e 7d61895ed007c7da846f1e27e6c50cf995d93983 885fc9be3f993d7cab17b92bf5cdb176758b7046743012b7575113030c52fa47
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
cf-chl: anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3120
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:18 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 0uS6jz6g70oPCQSTY/iLxy9E3GQZkwekWjFqI/gzGNknpyntBiKa73aFL5BBsej3Tf3cc34lZFHlGT0nbe1O04F7FvJqbFxBy3gjeDCJFBDY+OwMZXlnkqk7deqCVRvNafqncaQ0ovD0Aga9/l4oo/K1J2AeUtX2MBIZkW09HvYRJlBtxq3dq4H3o2FK0Ccs92k8oXU/8HHC1qr5GFlBbAPg2p0UuW7KG5z34/GAdqINJq8nJP1NWFJ/r9rcCWzoi6wSck1W7HjWoQlRzGl2IEVM0lk4DsEr/q3L1iASSVbfGeKU6KXdSgH8bkNY/COHVmWd05awXncne3ox1GVDvLAgFSIjjRvh1VpPmdcKeupnRyN5aqV7LA0AOqxhbo+PlRBLCr9Z4nQjKvmQOrOSc/h5mHzObrmogriGm/4WCJS9mKnRn7g9LysbvSv/WqVft2N+plUB1W0+zeo4tMyOnGIDH9A9I5iyVlqPcSzrJ2HykYBtMjfXSEcpfp9xgrJkXHoO8YQBOuGsphpzogFPGxqGirQJ1MbrYLFxWelRAfV6MEdpntnixegLuHy9h6A8S+vQrJkLW/RsZ827HHhoKnk7YEz/O+hrwxJq7Yj+JSmh3fyTjfgDzSJyngSMhAgxKUhmLdWdTv/gvQFusSYxdI85/lZIV4zlby7j/eP3yIqzQIOpuhzOpEowexLFs5thvnpoN0nLciC7L4IZ8tizIogS2BqFf0QcRVgqulYqVG+WmDBFyYjvUQOTsk+Omv9C2E2jzHD36xZRchGC4ND6+w==$+UEcSlH0Df6Z+OK4a8hfRg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 92dd92f90e7056c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js | 104.17.25.14 | 200 OK | 93 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js IP104.17.25.14:443
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File typeJavaScript source, ASCII text, with very long lines (32089) Hash397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 29363
cf-ray: 92dd93434b8d7129-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-169d5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 88372
expires: Mon, 30 Mar 2026 22:52:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ztq9kyFknE3ESjJgZGllCwG5xngN4Cv8TJIPkEtjz623EDrb7oFEw26u75Z1ZNPq14NGf02znGsQXKN6nE5rrb5tM3ULm9G4CGifflNoKgLuK7Wa%2B%2By4AJ%2FMyKJgpn5E4z5VTWDr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg |  13.107.246.53 | 200 OK | 1.6 kB |
URL GET aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash4e48046ce74f4b89d45037c90576bfac 4a41b3b51ed787f7b33294202da72220c7cd2c32 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: image/svg+xml
content-length: 621
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
x-ms-request-id: 462f9d11-601e-007d-39b6-a6b275000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225230Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013hb
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w | 104.21.62.244 | 200 OK | 6.2 kB |
URL User Request GET anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w IP104.21.62.244:443
CertificateIssuerGoogle Trust Services Subjecthlus.de FingerprintFF:C7:88:9F:76:17:BA:0F:FA:78:F0:54:4B:61:E0:94:EB:60:A9:63 ValidityWed, 09 Apr 2025 06:56:21 GMT - Tue, 08 Jul 2025 07:56:04 GMT
File typeHTML document, ASCII text Hashc8e9e1d3a452822599e217a6928f3915 8eb66ec1b9e5dde6dfa672cefbea12bd446697cd 821ca2624c70b607861d67412c0f77d4645f5e694b48104ae89d2cc892687bc5
GET /aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w HTTP/1.1
Host: anaaf0143l4k7vryoti.hlus.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:17 GMT
content-type: text/html;charset=UTF-8
content-encoding: br
cf-ray: 92dd92e129ce5697-OSL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqFlGCoJCH5NK7pBzTd13G7mLG6RC3oxKubJP7DBzHRUZcD%2B%2B493v6XTW%2FxrE1KN0YAeG19YUH4c61rGPO79CJwBsfpiaTrbvaBctx%2FqmvDwxn9QlbUE0iinEjEO%2BkGop5bPMWeW6Akr12VpHo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6384&min_rtt=469&rtt_var=11862&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3264&recv_bytes=1358&delivery_rate=8601980&cwnd=254&unsent_bytes=0&cid=8ae1c7448ee430f1&ts=2302&x=0"
X-Firefox-Spdy: h2
|
|
| ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 | 104.21.43.98 | 200 OK | 929 B |
URL User Request GET ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 IP104.21.43.98:443
CertificateIssuerGoogle Trust Services Subjectpoyb.de Fingerprint65:E5:8E:30:B0:40:99:E7:F1:00:FE:4B:3B:68:08:36:91:99:39:42 ValidityWed, 09 Apr 2025 05:53:22 GMT - Tue, 08 Jul 2025 06:52:03 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashd910c31596cab4bd03d1a4a6aee58c01 5f786a5f7c80d6a2d9db1f0d9bee0b315f5b974e 9efb673db319c9619a72683595fa720dcc3b91bbfe8102460d6dcb60b09f1ef6
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft |
GET /s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 HTTP/1.1
Host: ipaper-f9r8525eu2f43o.poyb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anaaf0143l4k7vryoti.hlus.de/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: text/html
content-encoding: br
cf-ray: 92dd933c99b97127-OSL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6JKIOp7fKQRk5f4%2BUyFeyGCldQDLsKXElNzPB9PNf63bRP1g%2BH4b9koc8h5GSzE9aaKPNYrbmnho2raxE5ZzscuiJWsqz6CqTZCsBICx0amSOR40jSZIiC4yhu3bjQB4vNbp3ZOnrcN3Ii6F4le1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5840&min_rtt=420&rtt_var=10839&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3261&recv_bytes=1424&delivery_rate=8000000&cwnd=252&unsent_bytes=0&cid=65c33e0557799749&ts=925&x=0"
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css | 13.107.246.53 | 200 OK | 111 kB |
URL GET aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeASCII text, with very long lines (61177) Size111 kB (110554 bytes) Hashce26137fc0d9b7d7a0d52ebe3a186512 b9d7fb3fe7d08f46c2d1153bb47b13809375c663 1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipaper-f9r8525eu2f43o.poyb.de
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: text/css
content-length: 19953
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 21:18:26 GMT
etag: 0x8DA2180FA29F5AF
x-ms-request-id: 5b0bcd76-c01e-006c-677a-a85f7e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225230Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g2g000000005zfc
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg | 13.107.246.53 | 200 OK | 513 B |
URL GET aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha9cc2824ef3517b6c4160dcf8ff7d410 8db9aebad84ca6e4225bfdd2458ff3821cc4f064 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: image/svg+xml
content-length: 276
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 19:28:34 GMT
etag: 0x8D79B8371B97A82
x-ms-request-id: 1c5c4a29-201e-0064-736d-a84571000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225230Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013hf
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:17 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 92dd92f2eba856c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg | 13.107.246.53 | 200 OK | 2.9 kB |
URL GET aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashfe87496cc7a44412f7893a72099c120a a0c1458c08a815df63d3cb0406d60be6607ca699 55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: image/svg+xml
content-length: 1173
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Fri, 17 Jan 2020 19:28:39 GMT
etag: 0x8D79B83749623C9
x-ms-request-id: 97b2165a-801e-0052-1cc3-a8c801000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225230Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013hd
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg | 23.36.79.136 | 200 OK | 3.7 kB |
URL GET aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg IP23.36.79.136:443 ASN#20940 Akamai International B.V.
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerMicrosoft Corporation Subjectidnaakamaicdn.msftauth.net FingerprintDC:51:C1:FA:8A:C3:85:DA:8E:3C:1C:06:37:00:90:7A:B4:62:A9:DC ValidityFri, 27 Dec 2024 18:21:36 GMT - Mon, 22 Dec 2025 18:21:36 GMT
File typeSVG Scalable Vector Graphics image Hashee5c8d9fb6248c938fd0dc19370e90bd d01a22720918b781338b5bbf9202b241a5f99ee4 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
GET /ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 1435
content-type: image/svg+xml
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
last-modified: Wed, 15 Jan 2025 21:58:26 GMT
accept-ranges: bytes
etag: "0x8DD35AFBD3521E0"
x-ms-request-id: ebb60303-301e-0088-6bb2-672f25000000
x-ms-version: 2018-03-28
access-control-expose-headers: Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
access-control-allow-origin: *
cache-control: public, max-age=466729
date: Wed, 09 Apr 2025 22:52:30 GMT
vary: Accept-Encoding
akamai-grn: 0.844f2417.1744239150.1be57605
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/92dd92f26b6956c3/1744239138747/aa973513836229721fc332de6a9d208c825041dc25c90a33d9cf1934d08c1ba6/UiwgR0gAsZGroDl | 104.18.94.41 | 401 Unauthorized | 1 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/92dd92f26b6956c3/1744239138747/aa973513836229721fc332de6a9d208c825041dc25c90a33d9cf1934d08c1ba6/UiwgR0gAsZGroDl IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/92dd92f26b6956c3/1744239138747/aa973513836229721fc332de6a9d208c825041dc25c90a33d9cf1934d08c1ba6/UiwgR0gAsZGroDl HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Wed, 09 Apr 2025 22:52:23 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqpc1E4NiKXIfwzLeap0gjIJQQdwlyQoz2c8ZNNCMG6YAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIKqXNRODYilyH8My3mqdIIyCUEHcJckKM9nPGTTQjBumABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKqXNRODYilyH8My3mqdIIyCUEHcJckKM9nPGTTQjBumABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApdfJOCmmV2bSlh6nChLGapFSo88StypCpt1AQfbAJj8fqVBHhAw4VYNLUoqeDDC9vZnyhuQ7b7IcuT7_sDtj3LKJ6ssOG9q1GovjbH3ZjeL7KNmfbu8LMvGnPFy7qwIfGVfW0nHa1fOpkJ4eR4x5QgXB-XWU73m58kp2ZVTZSAA-1_27bIbqkY6sRVebtqBQTryTYS2kOot9b45LqOTJh0O-hJocxVSnkcaIXrf_wdbRyRy3SVKij2v_Kj8fatopaIs9rH7SyaJ6yGCU0FClhiKTpLgmaHYsGRPwtXzEWg4QjG185nGarn5gENDX-IU2ylRTEyyy3dSneYeOExB2MwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 92dd93168f0456c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC | 104.18.94.41 | 200 OK | 4.7 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (4716), with no line terminators Hashc95b2efa2af1d838b9d69bb7276f5556 8af848fd6fc8597a6bd2cfe039f8af9ea019cb5b 236821f644ef547ccb1e16f6eb5b3d6aa7a21dbc2d1f3286c84d6525cb0ff5b2
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
cf-chl: anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 42091
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:27 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: qnr5cyLqkbt1tcR8z41KBlYhLuaZmXU719Efo09hBFVUd6q15YPitsp+XBCwsO5F5bfyXcGv6Y/EYtLmf9f1isq4OxJMtWBNUkr/S4WFJpmVitnSACq/vulXyfKJUPS4dyzcuc2d/cn1xf7b//AuQIiu9bfHCpBrwCc+eM6BG9sno+YqZu/yqJ4Mq6tthIGiUuPffRP/BmALZUP1IyhYOArFqf6Z+rcySb8LFNGqhkS2KTERrZ2SCyqFcb88DQ5vvd3ByIRojT3kXdzfJmsrZsUXUARKUXfDCnPP+geCP/WTzKLip7sKap25/ueJqodntKzQW1WDYsLVKHYW9qh/bQ167sLqO18MwsDqXRbT4g8+NxQPnFb9sGUiP8pxixC+Zyl7leYk5huLpbgaYC0gFwE3N5wdoWcmedI6v6cTs8gy1ExgmHVKll4YIK05x1cL2nqiHbm9GIqic+OjlNlZ2783CX0F0niOGwFcdaPcuOaDtWm6k+pyPt8v3QtLJuHq6HjgZr95N4xe+6yn0PzhTPn0GaTga+Qp+dnbkGy3jzcULrLBNiMLgHF4bIkoOI/ix9/BGJsFfwuC64RJf14emjgvogtVK+yoySsjU1FE28CdgJ8BEOhP638sM7wHlp/Bmn70VVfKuQIJuG+rYM2ypIXB5e667rpypwGj5a8oA/XI+897+AHoZYUq0FqcCA1DpAgCjxhppYpV4av3TeoQ+pKRmqQDfzBcguKnMBMenuqIJYXgSq7D1c3+YSffcc5XUF/K+Mm/dNWXLH8xKO3KeyH1lUq3ibhIoogE+jXM1YZUHHzrKwh/RJWnKWLXwupW9VFtRQUJUplZ/zoQ5c9L9EKMfRFjHeWKdOJKNb2MN40OyakyDWNaLggvfIzh09eI/o9oD6xkhzbfQDhz+PLYipylc2DwzOS41EdiwvWC4eCQZ0KvXLT9mNnc71BnsivoWEoYF2qCSjFk8y+dNMmYHuRqmsQ4GPs8qHl7WaGprtIC8A8j2tXJ7TlC64VSwUceltqvDB4L0/S+Cb+j5tZZAjFPJDD6y6mS54O27DJ+csW8pQOW2k/WQlB4X+6bt2rFBL06kM6pJhxrWPfFyHRJRDBtnMoRnO5xhI2c1n0XPo8=$QySVlclbvatJaoJMKm3+2Q==
cf-chl-out: dO0IyBDZrHUcZs9R7x9T0vw2VfwCxhYYf+Akr5ikPQ96VLiHyB/YINvNg5awPFbp/DHfRigrYJslTHfHiPjJPw==$LeXZvtey9BPQCiVTMQqcUg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 92dd93319caf56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg | 13.107.246.53 | 200 OK | 7.4 kB |
URL GET aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb59c16ca9bf156438a8a96d45e33db64 4e51b7d3477414b220f688adabd76d3ae6472ee3 a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: image/svg+xml
content-length: 2407
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 11:11:29 GMT
etag: 0x8DA034FE445C10D
x-ms-request-id: 67206a15-701e-0034-2608-a68721000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225230Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013hc
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg | 13.107.246.53 | 200 OK | 1.9 kB |
URL GET aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashbc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:32 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
x-ms-request-id: 7459f52f-001e-002e-464a-a5e6fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225232Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013kr
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback | 104.18.94.41 | 302 Found | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP104.18.94.41:443
Requested byhttps://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anaaf0143l4k7vryoti.hlus.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 09 Apr 2025 22:52:17 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/580ba44007a6/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 92dd92f15a31b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif | 13.107.246.53 | 200 OK | 2.7 kB |
URL GET aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeGIF image data, version 89a, 352 x 3 Hash166de53471265253ab3a456defe6da23 17c6df4d7ccf1fa2c9efd716fbae0fc2c71c8d6d a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
GET /shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:30 GMT
content-type: image/gif
content-length: 2672
cache-control: public, max-age=31536000
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
etag: 0x8D79B83739984DD
x-ms-request-id: 558400f0-c01e-005b-24cc-a6fa6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225230Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013he
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92dd92f26b6956c3/1744239138742/8AVydzGAea66JLT | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92dd92f26b6956c3/1744239138742/8AVydzGAea66JLT IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 38 x 37, 8-bit/color RGB, non-interlaced Hash9ebef9c659315353dd10fcd767d243cf 140e06154cf98951030546223573be5dadecfc1c e362958badfd0d136edcdd7f20a5d9bf098f16a692559f9721ca95a888f1ab91
GET /cdn-cgi/challenge-platform/h/b/d/92dd92f26b6956c3/1744239138742/8AVydzGAea66JLT HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:20 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 92dd93063d9a56c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ | 104.18.94.41 | 200 OK | 28 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ IP104.18.94.41:443
Requested byhttps://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeHTML document, ASCII text, with very long lines (22054) Hashc84cb3c8ec81ed6e7f62458306c14e3e 18e0bd12dee88e61617acb94b7361a05d16ef330 1154d1bb237b90906fb7d8a46d30a515e972a758a2d6d4d629a73424351f98e4
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anaaf0143l4k7vryoti.hlus.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:17 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-NkZAg5fk7I3aoVet' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 92dd92f26b6956c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC | 104.18.94.41 | 200 OK | 28 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (28172), with no line terminators Hash988279c8e85f451ca1ccf2c0b9007805 ac969bfd418235f5bb875e5221f7068955c1c0d2 b6fbfd995ceaba511bee3fbe9a8f6add2fe9f2c99b7bddd57eda1aa735f83d05
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/713172538:1744236878:8BopAoBZQCVLh8NiwhNuje8bA4zZk7oqJPnY6K6bUJ0/92dd92f26b6956c3/anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
cf-chl: anxYtEeTVZOYbQ_A22giqiL34dk.hi2pSBslu2bHsFE-1744239137-1.1.1.1-5A9w6m20vR4jYDVdC86BUzmE5TrDpL1EinDZtgOXLuq0w8ha1rOVoqLNVywNBeVC
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 33423
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:23 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: kAG/uprY/N773orazpt6J5WK5sa4d+ELMQmq3t1eZ9yMSC30JUPesSZX4aoSMiE+$ucN9+aqPNnCWRwKp15bIkg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 92dd9318682756c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w | 104.21.62.244 | 302 Found | 929 B |
URL User Request POST anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w IP104.21.62.244:443
CertificateIssuerGoogle Trust Services Subjecthlus.de FingerprintFF:C7:88:9F:76:17:BA:0F:FA:78:F0:54:4B:61:E0:94:EB:60:A9:63 ValidityWed, 09 Apr 2025 06:56:21 GMT - Tue, 08 Jul 2025 07:56:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w HTTP/1.1
Host: anaaf0143l4k7vryoti.hlus.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://anaaf0143l4k7vryoti.hlus.de
DNT: 1
Connection: keep-alive
Referer: https://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 09 Apr 2025 22:52:29 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izRnNu4qLH%2BOuCVyajm7Q%2FnU3tVGDDdyvUlfgDNZYfdYu6FUb1ov2SvbZtSMkptWJOO%2FT4yahCD0dpyztW%2F8CnbNIgkD6TSlriIuHdrEXKc%2Fwg19WELYjgZrt%2FJREpRCkeEKOTEgmq7kasp%2BN0g%3D"}],"group":"cf-nel","max_age":604800}
location: https://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3
cf-ray: 92dd93321837b50f-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3780&min_rtt=618&rtt_var=2161&sent=160&recv=221&lost=0&retrans=0&sent_bytes=11833&recv_bytes=12375&delivery_rate=2218&cwnd=12000&unsent_bytes=0&cid=ceb98084b80c7b1d&ts=12286&x=16"
|
|
| cdn.jsdelivr.net/gh/mecolo123/coke-stat@refs/heads/main/loaderjs.js | 151.101.193.229 | 200 OK | 80 kB |
URL GET cdn.jsdelivr.net/gh/mecolo123/coke-stat@refs/heads/main/loaderjs.js IP151.101.193.229:443
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT
File typeJavaScript source, ASCII text, with very long lines (35312) Hash160e8a1bab4d985226694e9eadafe027 562bdcfa950a78b94c1d67ef6caddb9f0d37fe95 487679fa66d16f192f1189fb8594bfec063fe024086f1340720c2759383ec2f9
GET /gh/mecolo123/coke-stat@refs/heads/main/loaderjs.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: refs
x-jsd-version-type: branch
etag: W/"13a9f-Vivc+pUKeLlMHWfvbK3bnw03/pU"
content-encoding: br
accept-ranges: bytes
date: Wed, 09 Apr 2025 22:52:30 GMT
age: 2437
x-served-by: cache-fra-eddf8230150-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23676
X-Firefox-Spdy: h2
|
|
| anaaf0143l4k7vryoti.hlus.de/favicon.ico | 104.21.62.244 | 404 Not Found | 36 B |
URL GET anaaf0143l4k7vryoti.hlus.de/favicon.ico IP104.21.62.244:443
Requested byhttps://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w CertificateIssuerGoogle Trust Services Subjecthlus.de FingerprintFF:C7:88:9F:76:17:BA:0F:FA:78:F0:54:4B:61:E0:94:EB:60:A9:63 ValidityWed, 09 Apr 2025 06:56:21 GMT - Tue, 08 Jul 2025 07:56:04 GMT
File typeASCII text, with no line terminators Hash658c9286407aeee268ba52e45da2252a 18591157b79780b4edf9b66af042581fa5a36756 394c095c2710c6a131c27fb7e00ada38ec005c86b512403062ed81c33f6b51f0
GET /favicon.ico HTTP/1.1
Host: anaaf0143l4k7vryoti.hlus.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anaaf0143l4k7vryoti.hlus.de/aNAaf/L4k7VryOTi/uqablg7xyPdIT8h5LN7w1b7xgen/aNAaf/L4k7VryOTi/Steve.isaac/0143/ipaper.com/uqablg7xyPdIT8h5LN7w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 09 Apr 2025 22:52:18 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFg18ORR4FxBpRpoUc35W1%2FV%2FfKbEPOVz0IrdfgfMf66T8FpBdwCQwj4lp%2B0ZOsFi3Jj8vWuD2jUOPszZNtBKpRHc9RUgem0XtVpbSe1t7jcmnjHf37ihz47wgcJCNkgXbW69viGMmyIURFGFaw%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
cf-ray: 92dd92f2feb2b50f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3780&min_rtt=618&rtt_var=2161&sent=160&recv=221&lost=0&retrans=0&sent_bytes=11833&recv_bytes=12375&delivery_rate=2218&cwnd=12000&unsent_bytes=0&cid=ceb98084b80c7b1d&ts=944&x=16"
|
|
| aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 13.107.246.53 | 200 OK | 17 kB |
URL GET aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://ipaper-f9r8525eu2f43o.poyb.de/s5i18d2bv9k8dh4ytqm6/pulvkjkd5ic6p2a8xZ2VuL2FOQWFmL0w0azdWcnlPVGkvU3RldmUuaXNhYWMvMDE0My9pcGFwZXIuY29tL3VxYWJsZzd4eVBkSVQ4aDVMTjd3 CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00 ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipaper-f9r8525eu2f43o.poyb.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Apr 2025 22:52:31 GMT
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=31536000
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
x-ms-request-id: dcd051d5-701e-0034-1c6c-a58721000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250409T225231Z-r1ccbf87bcczbvxvhC1SVGwz9g0000000g800000000013hq
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92dd92f26b6956c3&lang=auto | 104.18.94.41 | 200 OK | 115 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92dd92f26b6956c3&lang=auto IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size115 kB (115136 bytes) Hash77966546a48faecd2e4602202be53ea7 5afb6b64cf4b3248ce84845e66a2d9ed7ef41655 e597019a35e0a7128188c0149d67bb701ddaecd7d4f34860a7a24feca30ff382
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92dd92f26b6956c3&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/iwc9h/0x4AAAAAABHMG-xU2VjgtAJY/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Apr 2025 22:52:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 92dd92f30bba56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|