tr.cloudmagic.com/h/v6/link-track/1.0/1653586175111584-e5449996-ded2-d04e-76e6-83302b700c39/1653586158/25a6df233274f31d935e851802d6946d/fa6e8cf070e2759f5f1587cf217f3cfe/ce5f7a01e55be7e4e4aad4df40697507?redirect_uri=https://boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
302 Found 214 B URL User Request GET HTTP/1.1 tr.cloudmagic.com/h/v6/link-track/1.0/1653586175111584-e5449996-ded2-d04e-76e6-83302b700c39/1653586158/25a6df233274f31d935e851802d6946d/fa6e8cf070e2759f5f1587cf217f3cfe/ce5f7a01e55be7e4e4aad4df40697507?redirect_uri=https://boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
IP
Certificate IssuerAmazon
Subject*.cloudmagic.com
FingerprintCE:FB:06:DA:0B:67:D4:4C:CC:BC:AE:74:58:9C:0E:34:A6:D3:19:C9
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text, with no line terminators
Hash f1dd6324866f895a47b45ca3e868d6af
277a5add810a91059a51d565dfc7044ab31cb03b
30797f691d03db21d36290ad022fe08c013e8149b8a9b7b34362d9d0a03ab869
GET /h/v6/link-track/1.0/1653586175111584-e5449996-ded2-d04e-76e6-83302b700c39/1653586158/25a6df233274f31d935e851802d6946d/fa6e8cf070e2759f5f1587cf217f3cfe/ce5f7a01e55be7e4e4aad4df40697507?redirect_uri=https://boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ== HTTP/1.1
Host: tr.cloudmagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,cm-user-identifier,x-cmreqid,x-cmsid,x-cmsession
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Access-Control-Allow-Origin: https://calendar.newtonhq.com
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Sep 2023 00:32:32 GMT
Location: https://boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
Vary: Accept
Content-Length: 214
Connection: keep-alive
boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
200 OK 0 B URL User Request GET HTTP/2 boomingproperties.co.ke/css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ==
IP
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subject*.boomingproperties.co.ke
Fingerprint35:8D:31:55:59:72:71:03:C1:D6:C2:70:8F:6D:22:23:9E:D2:D3:E7
ValidityWed, 02 Aug 2023 08:57:09 GMT - Tue, 31 Oct 2023 08:57:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
Quad9 DNS malicious Sinkholed
GET /css/wq8cmrpe/ZGlhbmEuYnJhbmNpZm9ydGVAdHJpbmV0LmNvbQ== HTTP/1.1
Host: boomingproperties.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://aufeingespraech.de/Mdiana.branciforte@trinet.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Sep 2023 00:32:33 GMT
server: Apache
X-Firefox-Spdy: h2
unpkg.com/axios@1.5.0/dist/axios.min.js
200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.5.0/dist/axios.min.js
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31907)
Hash dc2b008d6a9118a0347bdc329ba260ee
91ac309b7d7d5ba99eb481f29ac01d443ea92f5e
b9ecabaabf25f2bbceb0c2eabaff77ed61f69c29ce551b1a8ac7156f87108cf4
GET /axios@1.5.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aufeingespraech.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7cca-kawwm319W6metIHymsAdRD6pL14"
via: 1.1 fly.io
fly-request-id: 01H95VE0NT42S6HRA8HPB4P7K3-fra
cf-cache-status: HIT
age: 1855358
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 80a673a93e1e5688-OSL
content-encoding: br
X-Firefox-Spdy: h2
aufeingespraech.de/boot/92d06e00ee73fa1639cfbf668ea39859650ce0a52181a
200 OK 51 kB URL GET HTTP/3 aufeingespraech.de/boot/92d06e00ee73fa1639cfbf668ea39859650ce0a52181a
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/92d06e00ee73fa1639cfbf668ea39859650ce0a52181a HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Cookie: cf_clearance=PWJ7GgkU0i7KZVW83oRL4dK9N7jMVkvMIBkiA_wI2zk-1695342753-0-1-69b0ef05.c399f377.3eb1b0e5-160.0.0; PHPSESSID=6d62ad2391b248e9ef0d621245c95f75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 29 Sep 2023 00:32:37 GMT
last-modified: Wed, 30 Aug 2023 05:45:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JvbiCAKE1u3vyD6lhDM%2FVbopxEkUdsAPsHqh1%2FCWYt5JTK7C32JI3PNuox22fXxI0jCSc8gvcSvqszi5XZxRNn0ixzbm7K14rzZMbZvAhnH6XfOT5pp4xws9odYwd%2FB5eN3udk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a673a8db7e56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aufeingespraech.de/jm/92d06e00ee73fa1639cfbf668ea39859650ce0a52181b
200 OK 7.5 kB URL GET HTTP/3 aufeingespraech.de/jm/92d06e00ee73fa1639cfbf668ea39859650ce0a52181b
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type ASCII text, with very long lines (7546), with no line terminators
Hash 19692a2e13ab09d18dbe07dd646c022a
f99d27122f00b497773febb2ab0e24ca764266b6
c8ef5ba744461fb197c95cc0c1a73054cbc9c50b12669f3290038beaf1a382db
GET /jm/92d06e00ee73fa1639cfbf668ea39859650ce0a52181b HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Cookie: cf_clearance=PWJ7GgkU0i7KZVW83oRL4dK9N7jMVkvMIBkiA_wI2zk-1695342753-0-1-69b0ef05.c399f377.3eb1b0e5-160.0.0; PHPSESSID=6d62ad2391b248e9ef0d621245c95f75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 29 Sep 2023 00:32:37 GMT
last-modified: Wed, 30 Aug 2023 05:45:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIAc8Icpzns%2Fz9xKy6xa4VhDGECwm8f0mK9pr5rnXyaKr3eyw%2B2MFcDUswhitpFlZLkTRnf1QcY4v2malU%2BvvnXIjfnhCEo5SuIzxUQvJQb5VaQNk0TKYv%2F88YiuR%2FCRvDFcAh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a673a8db8056a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.5.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HAX4JZ4S52J1RE8FSQR78QHY-fra
cf-cache-status: HIT
age: 265
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 80a673a91e125688-OSL
X-Firefox-Spdy: h2
aufeingespraech.de/jq/92d06e00ee73fa1639cfbf668ea39859650ce0a521817
200 OK 86 kB URL GET HTTP/3 aufeingespraech.de/jq/92d06e00ee73fa1639cfbf668ea39859650ce0a521817
IP
Requested by https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/92d06e00ee73fa1639cfbf668ea39859650ce0a521817 HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
Cookie: cf_clearance=PWJ7GgkU0i7KZVW83oRL4dK9N7jMVkvMIBkiA_wI2zk-1695342753-0-1-69b0ef05.c399f377.3eb1b0e5-160.0.0; PHPSESSID=6d62ad2391b248e9ef0d621245c95f75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 29 Sep 2023 00:32:37 GMT
last-modified: Wed, 30 Aug 2023 05:45:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFSCRDZ%2FGB19enUAZfBS7O%2BecJS5%2FEMZETtceUhr%2BNR5q0qYaoRE3i1wbgn6Nriz35GcRTi9yHFqVYf1BacDtGot2jFbIoUcodmhigVhAMP8kfGl%2BLehOjw0OBixBC2plv2R3Xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a673a8db7d56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aufeingespraech.de/Mdiana.branciforte@trinet.com
403 Forbidden 6.7 kB URL User Request GET HTTP/2 aufeingespraech.de/Mdiana.branciforte@trinet.com
IP
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6749), with no line terminators
Hash 8be0eed6bb0adb468778b656db8becd1
21c4dfb028a7d71960ab728fa4983c2ab7e91b80
16fc52735557da74d62c3eb040268661c887dba6d613e68ed2067c0b67ade4de
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mdiana.branciforte@trinet.com HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 22 Sep 2023 00:32:33 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FMhTxUHt9r%2FyjSVritbnX5NV81OhQ1CL33egII5ooJObbeXFgOEHkL4cJoch6pP6NvqxG8BZYnT8e3y9m6USIC%2B550whvBd0C7CJEXHihm3sy%2B%2F58UQfBNJgLz18s8OV34y4%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a673925cc856ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
aufeingespraech.de/Mdiana.branciforte@trinet.com
302 Found 6.7 kB URL User Request POST HTTP/3 aufeingespraech.de/Mdiana.branciforte@trinet.com
IP
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
POST /Mdiana.branciforte@trinet.com HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aufeingespraech.de/Mdiana.branciforte@trinet.com?__cf_chl_tk=OWKz_f_vCw75j1jOT7QiNM0yb1FlqCviOwwlBidQekQ-1695342753-0-gaNycGzNDaU
Content-Type: application/x-www-form-urlencoded
Content-Length: 3894
Origin: https://aufeingespraech.de
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
set-cookie: cf_clearance=PWJ7GgkU0i7KZVW83oRL4dK9N7jMVkvMIBkiA_wI2zk-1695342753-0-1-69b0ef05.c399f377.3eb1b0e5-160.0.0; path=/; expires=Sat, 21-Sep-24 00:32:36 GMT; domain=.aufeingespraech.de; HttpOnly; Secure; SameSite=None
PHPSESSID=6d62ad2391b248e9ef0d621245c95f75; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIGAEZp7DG%2FiXLKc49Y6W9J0uyIvPoF3wijdOTAJJv3FIVg0FHuk4Dw07dpvpwm0EuJYzo56sSQ9MN%2FEKRkL7ymmIOB9vJwNV4agBZU6yRmd5DtixHkUlbIcTLJjfjWGaDjvBDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a673a59a1c56a9-OSL
alt-svc: h3=":443"; ma=86400
aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
200 OK 6.7 kB URL User Request GET HTTP/3 aufeingespraech.de/beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f
IP
Certificate IssuerLet's Encrypt
Subjectaufeingespraech.de
FingerprintE6:F1:6E:29:88:E9:FE:8B:A8:8F:39:53:12:F8:7A:47:16:9F:79:65
ValidityThu, 24 Aug 2023 10:03:14 GMT - Wed, 22 Nov 2023 10:03:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6732), with no line terminators
Hash 10a18a41e397b5db62d658cfe060b19c
3e815cd8fa4ded6917d60ede37673f7dc6082011
a47007b5bf640a1c5ce6715db96760d73aeeeafb130823794eb2cf7fb6c2e49e
GET /beebb091955c06fa68b3eb8afc0bae51650ce0a51497ePASbeebb091955c06fa68b3eb8afc0bae51650ce0a51497f HTTP/1.1
Host: aufeingespraech.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aufeingespraech.de/Mdiana.branciforte@trinet.com?__cf_chl_tk=OWKz_f_vCw75j1jOT7QiNM0yb1FlqCviOwwlBidQekQ-1695342753-0-gaNycGzNDaU
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=PWJ7GgkU0i7KZVW83oRL4dK9N7jMVkvMIBkiA_wI2zk-1695342753-0-1-69b0ef05.c399f377.3eb1b0e5-160.0.0; PHPSESSID=6d62ad2391b248e9ef0d621245c95f75
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 22 Sep 2023 00:32:37 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuARBvKUC2ukSSLtXPSQ%2FanH6R201Zm%2FoVu1vxKdVP6fY45gT6hsPO7Z%2FCc6xN%2FV6w6kZxIAqIcH3OjCovG%2BKc24az64K%2Fq6fKb9%2FLFAVSvzmuVnPa%2Ftf7EOB3HG6Vtp03Q1TtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a673a7eb1656a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
52.70.13.66
104.16.123.175