urlscan.io logo urlscan.io
SecurityTrails logo

www.provinzial.de Open in urlscan Pro
212.34.85.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.provinzial.de/
Effective URL: https://www.provinzial.de/west/
Submission: On December 21 via api from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 9 domains to perform 93 HTTP transactions. The main IP is 212.34.85.158, located in Germany and belongs to FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE. The main domain is www.provinzial.de.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on July 25th 2024. Valid for: a year.
This is the only time www.provinzial.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 49 212.34.85.158 12316 (FITSNET F...)
4 2600:1901:0:5... 396982 (GOOGLE-CL...)
1 2a01:4f8:d0a:... 24940 (HETZNER-A...)
13 35.190.14.188 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:c... 396982 (GOOGLE-CL...)
4 35.241.3.184 396982 (GOOGLE-CL...)
2 2600:1901:0:1... 396982 (GOOGLE-CL...)
6 34.160.30.67 396982 (GOOGLE-CL...)
1 34.95.108.180 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 157.240.253.1 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 157.240.0.35 32934 (FACEBOOK)
1 2 142.250.186.162 15169 (GOOGLE)
93 15
49    212.34.85.158 (Germany)

ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE)
PTR: rev-212.34.85.158.rev.f-i-ts.net
www.provinzial.de
gtm.provinzial.de
4    2600:1901:0:5987:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
app.usercentrics.eu
privacy-proxy.usercentrics.eu
1    2a01:4f8:d0a:11f6::2 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
de.snippet-ablyft.com
13    35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
privacy-proxy.usercentrics.eu
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2600:1901:0:c07c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
api.usercentrics.eu
4    35.241.3.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
2    2600:1901:0:1e38:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
consent-api.service.consent.usercentrics.eu
6    34.160.30.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.30.160.34.bc.googleusercontent.com
bt.fraud0.com
1    34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
uct.service.usercentrics.eu
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
49 provinzial.de
www.provinzial.de
gtm.provinzial.de
2 MB
26 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 8924
privacy-proxy.usercentrics.eu — Cisco Umbrella Rank: 36700
api.usercentrics.eu — Cisco Umbrella Rank: 6334
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15010
uct.service.usercentrics.eu — Cisco Umbrella Rank: 17187
233 KB
6 fraud0.com
bt.fraud0.com — Cisco Umbrella Rank: 110848
56 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
439 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
82 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
2 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 341
827 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
83 KB
1 snippet-ablyft.com
de.snippet-ablyft.com
89 KB
93 9
Domain Requested by
48 www.provinzial.de 1 redirects www.provinzial.de
15 app.usercentrics.eu www.provinzial.de
app.usercentrics.eu
6 bt.fraud0.com app.usercentrics.eu
bt.fraud0.com
6 api.usercentrics.eu app.usercentrics.eu
5 www.facebook.com 1 redirects www.provinzial.de
3 connect.facebook.net gtm.provinzial.de
connect.facebook.net
3 www.youtube.com www.provinzial.de
gtm.provinzial.de
www.youtube.com
2 ade.googlesyndication.com 1 redirects www.provinzial.de
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
2 privacy-proxy.usercentrics.eu www.provinzial.de
privacy-proxy.usercentrics.eu
1 www.googletagmanager.com gtm.provinzial.de
1 uct.service.usercentrics.eu www.provinzial.de
1 gtm.provinzial.de www.provinzial.de
1 de.snippet-ablyft.com www.provinzial.de
93 14

This site contains no links.

Subject Issuer Validity Valid
www.provinzial.de
Sectigo RSA Organization Validation Secure Server CA		 2024-07-25 -
2025-08-25		 a year crt.sh
app.usercentrics.eu
WR3		 2024-11-30 -
2025-02-28		 3 months crt.sh
de.snippet-ablyft.com
Encryption Everywhere DV TLS CA - G2		 2024-05-12 -
2025-05-12		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
api.usercentrics.eu
WR3		 2024-11-29 -
2025-02-27		 3 months crt.sh
consent-api.service.consent.usercentrics.eu
WR3		 2024-11-26 -
2025-02-24		 3 months crt.sh
gtm.provinzial.de
R10		 2024-11-22 -
2025-02-20		 3 months crt.sh
api.fraud0.com
WR3		 2024-11-10 -
2025-02-08		 3 months crt.sh
uct.service.usercentrics.eu
WR3		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-29 -
2024-12-28		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.provinzial.de/west/
Frame ID: ABDA48DBFC4A7D05B634AEA407D75C1D
Requests: 87 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RsPtDxFNWss
Frame ID: C242246126D30991D6D619D5CFA6E1E7
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.39.0/cross-domain-bridge.html
Frame ID: E204E5DD7A74682A80D590A96533FA27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Startseite | Provinzial

Page URL History Show full URLs

  1. http://www.provinzial.de/ HTTP 307
    https://www.provinzial.de/ HTTP 302
    https://www.provinzial.de/west/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

93
Requests

98 %
HTTPS

47 %
IPv6

9
Domains

14
Subdomains

15
IPs

2
Countries

2305 kB
Transfer

6604 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.provinzial.de/ HTTP 307
    https://www.provinzial.de/ HTTP 302
    https://www.provinzial.de/west/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://ade.googlesyndication.com/ddm/activity/src=1103891;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cc1v9190626040z8858321880za201zb858321880;gcs=G100;gcd=13q3q3q2q5l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.provinzial.de%2Fwest%2F HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=1103891;dc_pre=CIv46KX6uIoDFTVhHgId-KoWMQ;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cc1v9190626040z8858321880za201zb858321880;gcs=G100;gcd=13q3q3q2q5l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.provinzial.de%2Fwest%2F
Request Chain 89
  • https://www.facebook.com/tr/?id=189635005718207&ev=F0Event-FB&dl=https%3A%2F%2Fwww.provinzial.de&rl=&if=false&ts=1734787299193&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734787299024.999712275450361415&pm=1&hrl=6060bb&ler=empty&cdl=API_unavailable&it=1734787298860&coo=false&tm=2&cs_cc=1&cas=8418678278209368&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?redirect=0&rqm=GET&cas=8418678278209368&cs_cc=1&tm=2&coo=false&it=1734787298860&cdl=API_unavailable&ler=empty&hrl=6060bb&pm=1&fbp=fb.1.1734787299024.999712275450361415&o=12316&ec=0&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.179&sh=1200&sw=1600&ts=1734787299193&if=false&rl=&dl=https%3A%2F%2Fwww.provinzial.de&ev=F0Event-FB&id=189635005718207

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.provinzial.de/west/
Redirect Chain
  • http://www.provinzial.de/
  • https://www.provinzial.de/
  • https://www.provinzial.de/west/
122 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
deb8d499a901c4da51dc84bb98d6764d89929e8f8bd035e3872add8dd630c068
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-length
15383
content-type
text/html;charset=UTF-8
date
Sat, 21 Dec 2024 13:21:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Sat, 21 Dec 2024 03:24:36 GMT
pragma
no-cache
server-timing
intid;desc=2f03ab4a66f03029
strict-transport-security
max-age=3600
vary
Accept-Encoding
x-magnolia-registration
Registered

Redirect headers

content-length
138
content-type
text/html
date
Sat, 21 Dec 2024 13:21:37 GMT
location
https://www.provinzial.de/west/
strict-transport-security
max-age=3600
all~93f2f8887b1b78f1cf2801d16cdb764c~cache.css
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		141 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/all~93f2f8887b1b78f1cf2801d16cdb764c~cache.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
941b1f23518d30568f2df7f2b9dd130dc227b63cdb0494120cd297f9f18646e9
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=65602c90699ee13d
content-length
17535
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
all~cddf17c290de17fd57f4676096143a3b~cache.js
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		3 MB
446 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/all~cddf17c290de17fd57f4676096143a3b~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
1c16f5134f6b79ab98c074aa10618272927b1eb6986cb0d45c5f041f4cad935c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=1f549e93c0d94721
content-length
454987
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
vary
Accept-Encoding
theme-pr~2024-12-16-11-44-44-000~cache.css
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		101 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
925dff52c0cbaf5b257c08a09682a7e313e830243c83bfa9bda6c96c291d31c7
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=87a856b9e541504b
content-length
12309
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
theme-pr~2024-12-16-11-44-44-000~cache.js
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		467 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
d20e8224d1b57e924206bf18e3b97ab5851e1fd36ff1aba1c98de8cc38b04b79
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=1d1ca18d724435ff
content-length
257
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
anker.css
www.provinzial.de/.resources/oev-master-base/webresources/css/ 		80 B
377 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/css/anker.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
2e903c14d8a152fc3bc0365d4d51f337f4d216fdb49bd04601184839f76655d7
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=15bc943da73aae6f
content-length
90
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
fouc-web-components.css
www.provinzial.de/.resources/oev-master-base/webresources/css/ 		655 B
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/css/fouc-web-components.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
2eb375e3dde2e2945b0d6bebfbb25fc842bc32dd3b016d2d9ef1848fcbe513b3
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=71a56ef17ef45ae9
content-length
302
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
reset-card.css
www.provinzial.de/.resources/oev-master-base/webresources/css/ 		1 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/css/reset-card.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
0c59e766e8e06dfada38cbb9b6d7e38710c0a8e47c76f24eff42ded7a2010ff7
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=952790e528279023
content-length
400
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
style.css
www.provinzial.de/.resources/oev-master-base/webresources/css/ 		105 B
369 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/css/style.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
7d8ac26adb26f91aad5ec10d088721723f94eb31c8dec20223f98b9ee0c513b3
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=7999a39a05b1a2ff
content-length
82
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
multiSticky~331838e0be43c4d781d563e819a4eb58~cache.js
www.provinzial.de/.resources/oev-master-base/webresources/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/js/multiSticky~331838e0be43c4d781d563e819a4eb58~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
cea55a8f9d1adc2cf3945bef756b67982b6e6dce689dd41f8d7751993ac69830
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=83048ff7e656303d
content-length
903
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
search~b3e33bb85c33b7b6bbe72fdc6ee96090~cache.js
www.provinzial.de/.resources/oev-master-base/webresources/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/js/search~b3e33bb85c33b7b6bbe72fdc6ee96090~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
a80c3f820265dbb0b0f71a0d4b5c0228d876ca7a5a4876c5ef3b4f86d305d8eb
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=32ad05b2dc0f0cd5
content-length
3024
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
tracking~ee67ece68411389a00b09139e1f9b075~cache.js
www.provinzial.de/.resources/oev-master-base/webresources/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/js/tracking~ee67ece68411389a00b09139e1f9b075~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
7c9cef05b399b4ae7075a470913e352b647bfdf8b82b66f06f4ccac198dc0c4c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=f38cf9d0953154df
content-length
3038
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
location~fbf5d812e77dc13cf96f29da535a236b~cache.js
www.provinzial.de/.resources/oev-master-base/webresources/jsWithContext/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/jsWithContext/location~fbf5d812e77dc13cf96f29da535a236b~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
431644b3b2967b68ee13cc6e482442cdfdc8b7a8f9fa658e656f154e30da5084
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=8b1c7e42852b3107
content-length
6912
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
userConsentMultiClientStyle~2024-12-16-11-44-44-000~cache.js
www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/userConsentMultiClientStyle~2024-12-16-11-44-44-000~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
34fcf381d1a0b4651a8350b55800d9f860094f4648f7e127d7aafa00d1b31e5c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=f44807dbe7cc323d
content-length
1106
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
userConsentBannerStyle~2024-12-16-11-44-44-000~cache.js
www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/ 		286 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/userConsentBannerStyle~2024-12-16-11-44-44-000~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
4b5f78684ea38ed09e35de726efcb2eeb5182d0ea840f05fe01142155a990f91
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=7ebd80388a856481
content-length
188
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
loader.js
app.usercentrics.eu/browser-ui/latest/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a533f317f1e23bd74cb85a2eb19e932e96d0cee1aff705fba10f5647ba08c097
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type,Content-Length,Transfer-Encoding
content-encoding
gzip
x-goog-hash
crc32c=je9Tsw==, md5=aoOWL3eNQoCNItyHblfuJg==
etag
"6a83962f778d42808d22dc876e57ee26"
age
1401
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 13:58:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
8564
date
Sat, 21 Dec 2024 12:58:17 GMT
last-modified
Thu, 05 Dec 2024 13:52:20 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC7tdF-tgoFJ5tqzLKtMDe9Sar93lpEy71DjjOztLp7vyqZqKnQC7gyHWlzVPn1NhPe2-ADwT3U
strict-transport-security
max-age=7776000
cache-control
public, max-age=3600, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406740280203
content-length
8564
server
UploadServer
uc-block.bundle.js
privacy-proxy.usercentrics.eu/latest/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3e03d7b9a0fb8a8c03274a99bd623828a210c91916db9842d94d8d2bc3bdc54
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
content-encoding
gzip
x-goog-hash
crc32c=sYqa5A==, md5=SmlOmCO7L+viPT003A53mA==
etag
"4a694e9823bb2febe23d3d34dc0e7798"
age
2567
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 13:38:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
30438
date
Sat, 21 Dec 2024 12:38:51 GMT
last-modified
Wed, 11 Dec 2024 11:45:28 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6L9kdROfdARJ2Kyt5w0Tp20MM7YwJRWfOFM2kGrrReV1T8W6c1hMKsBzJZQ_B9KkhNGP7MD3o
strict-transport-security
max-age=7776000
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-version
3.3.14
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733917528814806
content-length
30438
server
UploadServer
/
de.snippet-ablyft.com/ 		89 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.snippet-ablyft.com/?pid=43273806
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:11f6::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
Apache /
Resource Hash
c3be67af5cb0992e18d9d815144c6789c48aa163c8d290f658bf5f0f3f19cb53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

expires
Sat, 21 Dec 2024 13:22:38 GMT
access-control-allow-origin
*
etag
704351362b6ba380344dc4f2673ba790
date
Sat, 21 Dec 2024 13:21:38 GMT
last-modified
Thu, 05 Dec 2024 06:44:59 GMT
content-type
text/javascript; charset=utf-8
server
Apache
Alle-Kontaktdaten_2676x669px_100KB.jpg
www.provinzial.de/.imaging/resizer/1920/480/50-50/dam/jcr:79f82787-c7ea-40cd-966e-2935bbe949f5/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/1920/480/50-50/dam/jcr:79f82787-c7ea-40cd-966e-2935bbe949f5/Alle-Kontaktdaten_2676x669px_100KB.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
b9487b852be190a88a92ca3d883c711fc85babb4cd7e1f99572de300057344e3
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=c6678dce948e8583
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
cookies-allowed.js
www.provinzial.de/.resources/oev-master-base/webresources/jsBody/ 		676 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/jsBody/cookies-allowed.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
adf57ae1a5c850e5a9abd3ac87f415bb539c126ed46deee297ce743b9c530a4e
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=c73a6442bb0d7145
content-length
306
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
userConsentDuplicateLoadFix~2024-12-16-11-44-44-000~cache.js
www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/ 		104 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/userConsentDuplicateLoadFix~2024-12-16-11-44-44-000~cache.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
0649db93ab2b7f87b4ded62c0ea199179daac083652469fe3ad7486de2d3ed08
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=608db3e28df5e4b7
content-length
114
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
userConsentBannerStyle~2024-12-16-11-44-44-000~cache.css
www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/ 		213 B
443 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-marketing-tag/webresources/userConsent/userConsentBannerStyle~2024-12-16-11-44-44-000~cache.css
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
b245afddc4c9c5c0fea821d6f6509c7419ab13369e35687fd246accb5d45f248
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=31536000, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sun, 21 Dec 2025 13:21:38 GMT
server-timing
intid;desc=bcb6f58ecea06ce9
content-length
152
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
index.module.js
app.usercentrics.eu/browser-ui/3.59.0/ 		442 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7a87b716a1f6df6e16256029ff6ab6ba2ecd44da9c355d7090564310856aa883
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=yo2lpw==, md5=IC6aT+irt6IKJrfhCUeStA==
etag
"202e9a4fe8abb7a20a26b7e1094792b4"
age
1380447
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
122084
date
Thu, 05 Dec 2024 13:54:11 GMT
last-modified
Thu, 05 Dec 2024 13:51:52 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4xiUqyDCi4Jo9nKct4ZdwnnyAl9jyB7EUlH8C2OhyVRfasDzWsCX2etEoroF57H9yYPryw_4fHUg
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406712000506
content-length
122084
server
UploadServer
RsPtDxFNWss
www.youtube.com/embed/ Frame C242 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/RsPtDxFNWss
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.provinzial.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Dec 2024 13:21:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
0c4efbc829e23bbcf5ad833b224f10e1.woff
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/0c4efbc829e23bbcf5ad833b224f10e1.woff
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=8094f0e5bdae6607
content-length
41472
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/x-font-woff;charset=UTF-8
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
6c80429e41fce8f39c0da2ef07aaa3c2.woff
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/6c80429e41fce8f39c0da2ef07aaa3c2.woff
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=0bcd658d41c32dcb
content-length
36892
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/x-font-woff;charset=UTF-8
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
languages.json
api.usercentrics.eu/settings/xOyQDQ2Nr/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/xOyQDQ2Nr/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.provinzial.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 21 Dec 2024 13:21:38 GMT
expires
Sat, 21 Dec 2024 13:21:38 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
AFiumC4KLwGWGTYYcid4BUfZgJomnDlcja45OsMXrFBsQe2GRT7mNwK8XyLB77XThKEvIl4L
languages.json
api.usercentrics.eu/settings/xOyQDQ2Nr/latest/ 		61 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/xOyQDQ2Nr/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
etag
"da13a9b5363ff28c20e52e67131f24fd"
age
43
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 13:21:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
67
x-client-geo-location
DE,DEHE
date
Sat, 21 Dec 2024 13:20:55 GMT
last-modified
Tue, 03 Dec 2024 08:43:28 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6FBr9OxjDh-527C7WFf_1vnQWE3bqoXodf2O9c8jvRvLV62xWWszXkurViq_o3yPCW
strict-transport-security
max-age=7776000
cache-control
public, max-age=1800, s-maxage=60
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733215408468048
content-length
67
server
UploadServer
e9c110c9a74bb927a8a37d5b842d43db.ttf
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		705 KB
373 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/e9c110c9a74bb927a8a37d5b842d43db.ttf
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
c64af742a7b7fcae047cb4d29201c6eabba05e84ce9c82b989715c329d67cf81
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=e5bf9175b5547a43
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/x-font-ttf;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
logo-pr.svg
www.provinzial.de/dam/jcr:b0b54b72-c6eb-43a6-a0c4-ff901ce85543/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:b0b54b72-c6eb-43a6-a0c4-ff901ce85543/logo-pr.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
fb2c1bc87f11ac8bdb9b722b6bf11714a415e6b0a000868372fab779a4114b25
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Tue, 22 Oct 2024 09:33:30 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=4d50dd25c9ed8e13
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="logo-pr.svg"
Auto_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:8ef52ff7-213d-453e-a10e-3695bc7a0738/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:8ef52ff7-213d-453e-a10e-3695bc7a0738/Auto_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
b4310c26fe602b9837725b03cd04b09d131ee3d5b56ccef7b1cc30a7e63a80d9
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=5c8a9b589c9d5021
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
Wohngebaeude-NEU_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:e32e8590-629b-460a-ba6c-3718c7bb3451/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:e32e8590-629b-460a-ba6c-3718c7bb3451/Wohngebaeude-NEU_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
d940a61aa45dce1d454edc4e2b68867753b0b8ba0827aa083f50926c6f91f20c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=35e17872c51cf5f7
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
Hausrat_NM_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:4cd77123-7eda-4824-9d02-07f9bd4cbd6e/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:4cd77123-7eda-4824-9d02-07f9bd4cbd6e/Hausrat_NM_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
6e627a96057a9bd290b48ac8bc8fac597305e76d25c9726890bf30fa2ed13a12
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=bfd283a85da48bd3
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
PHV_gruen_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:bb27b50f-ad82-4eb9-98a8-e9c184fb75a8/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:bb27b50f-ad82-4eb9-98a8-e9c184fb75a8/PHV_gruen_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
09e5f229272a96a2ff55ac53ec606ace4fcf3e4889a7e24196b6bd86d5f61609
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=e89abfbaa7e257d5
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
brandgefahren-adventszeit_1040x520-min.jpg
www.provinzial.de/.imaging/resizer/1040/520/50-50/dam/jcr:3430efac-e16e-4163-b481-008d9e1f98bc/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/1040/520/50-50/dam/jcr:3430efac-e16e-4163-b481-008d9e1f98bc/brandgefahren-adventszeit_1040x520-min.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
ca20652317cb24c669c145b046d7189d248c30b60eb739a5f16c3ee13295bc29
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=190755b5579906e7
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
einbruchdiebstahl-1040x520-min.jpg
www.provinzial.de/.imaging/resizer/1040/520/50-50/dam/jcr:cfe6f575-9b0d-415b-b9ee-5183f78bf0ed/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/1040/520/50-50/dam/jcr:cfe6f575-9b0d-415b-b9ee-5183f78bf0ed/einbruchdiebstahl-1040x520-min.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
d6c6ec75b707d6cdfd78a056cc5b68139185b20b20a45441ea5734f2739cda3c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=a49d002b22396ba7
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
Dachmarke_HausHof_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:2d82d177-92d7-42fe-b759-f932bbd94950/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:2d82d177-92d7-42fe-b759-f932bbd94950/Dachmarke_HausHof_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
9be05882dd7fcaff9fd8fa183ad3505457ee5c356c9f4e23ea8a4ce295045297
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=e6d21385aef74af9
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
Elementar_NM_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:cd57e71a-33e6-4c7c-af4f-1b1ec21cdcaf/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:cd57e71a-33e6-4c7c-af4f-1b1ec21cdcaf/Elementar_NM_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
1f77e0dc070c0dcfe478ffc019aca6e44e58a6df978603edda23a7d9573b9fd0
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=25b19dd9959de197
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
Beratersuche_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:7c879795-0019-42bd-9894-b1f713b81f2a/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:7c879795-0019-42bd-9894-b1f713b81f2a/Beratersuche_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
7c122b7a949a4e2dd67cc35f5c6b738a851011c14b4681ff9c1821c926156353
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=deadab247731f717
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
agenturwallet_contentbild_gruen.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:3199c0b7-f562-403b-ba9d-c009dffb69ff/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:3199c0b7-f562-403b-ba9d-c009dffb69ff/agenturwallet_contentbild_gruen.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
9a045b04c458212669652a44e2aa17ac494ab44dfbab6a7e4f58cd6a0376060f
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=9cb396bd33578191
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
karriere_NM_1040x520px-min.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:2bf712e6-b4a8-49b8-8ddd-89ccae138b94/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:2bf712e6-b4a8-49b8-8ddd-89ccae138b94/karriere_NM_1040x520px-min.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
261d1432145cc334d5b993f9f3ac18e6ac31b9122eb8280cde9567158dc86b5d
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=bdb3593124e1709b
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
service-kontakt_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:f29e461f-b5a1-4f3a-9f20-2de3cfbcad4d/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:f29e461f-b5a1-4f3a-9f20-2de3cfbcad4d/service-kontakt_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
9b9d2b22fa1fc2952b507a46a99c9f384b2e5adbd2b1c94e595e0a2fbfd2d316
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=299d6c30df6a0a8d
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
Schaden-melden_1040x520px.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:52bcd54b-f624-45ed-8a78-0d227b8ef622/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:52bcd54b-f624-45ed-8a78-0d227b8ef622/Schaden-melden_1040x520px.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
70fa547f6d5cd285e49b635b9317a64eea9e797e1b9c4df484f7463399386c73
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=6c58273362612cff
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
kundenportal-teaser-2.jpg
www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:c2da777b-5930-4e8e-a06a-03794e2273e8/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/.imaging/resizer/520/260/50-50/dam/jcr:c2da777b-5930-4e8e-a06a-03794e2273e8/kundenportal-teaser-2.jpg?imageFormat=webp
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
ba28f78e6436ea5e558ea9787fc1328854a1f861b0e06d3fec9296651ebebbb6
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=4567f66a398ad20b
cache-control
max-age=600, public
date
Sat, 21 Dec 2024 13:21:38 GMT
x-magnolia-registration
Registered
content-type
image/webp;charset=UTF-8
PV_Facetten_3_gruen_rgb-01.svg
www.provinzial.de/dam/jcr:dc538b75-397d-402a-9140-227b44781090/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:dc538b75-397d-402a-9140-227b44781090/PV_Facetten_3_gruen_rgb-01.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
6cd6a068f6c79572860c48dbff824c62642eb54012ee36b0959dc0bda72fe14b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Mon, 04 Mar 2024 16:22:37 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=34501425777cca3b
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="PV_Facetten_3_gruen_rgb-01.svg"
Icon-SoMe-Facebook.svg
www.provinzial.de/dam/jcr:f7bc89fc-9183-4c81-8564-f0833d0d45ee/ 		865 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:f7bc89fc-9183-4c81-8564-f0833d0d45ee/Icon-SoMe-Facebook.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
5375cc5aca88fa6accec4d1bd9f3cd9f66499951c6796a4b123a6705213ed82d
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Tue, 01 Feb 2022 14:16:34 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=a85d9c73452e0e71
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="Icon-SoMe-Facebook.svg"
Icon-SoMe-Instagram.svg
www.provinzial.de/dam/jcr:a81d620a-bb3c-406f-b2bd-5c10b50c21fa/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:a81d620a-bb3c-406f-b2bd-5c10b50c21fa/Icon-SoMe-Instagram.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
f9f419e3057bb158312ccbf21797be29c6a6d4307ccaf18e254ea515e6eab147
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Tue, 01 Feb 2022 14:16:34 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=d723a8836a92bb0d
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="Icon-SoMe-Instagram.svg"
Icon-SoMe-Youtube.svg
www.provinzial.de/dam/jcr:a314ad4b-2b75-4828-9b33-0f1798d99294/ 		874 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:a314ad4b-2b75-4828-9b33-0f1798d99294/Icon-SoMe-Youtube.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
358e73d95a9677323d50f1dca8fee409b841a21092817a3aba930f57ccfdd743
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Tue, 01 Feb 2022 14:16:34 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=bd8f5866b683453b
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="Icon-SoMe-Youtube.svg"
Icon-SoMe-Pinterest.svg
www.provinzial.de/dam/jcr:51c27c01-1101-4db2-b4ec-d2c428da25fe/ 		1 KB
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:51c27c01-1101-4db2-b4ec-d2c428da25fe/Icon-SoMe-Pinterest.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
2a872395345fef8dab177a9b2d78ffc05c62fb60b398c7f3fc1072948efdd8cf
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Tue, 01 Feb 2022 14:16:34 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=8040b5fdf025a7e7
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="Icon-SoMe-Pinterest.svg"
Icon-SoMe-xing.svg
www.provinzial.de/dam/jcr:b7298dfe-dc54-4e87-959e-66defa729ab4/ 		1 KB
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:b7298dfe-dc54-4e87-959e-66defa729ab4/Icon-SoMe-xing.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
f56c89da9a829ad4a5094178c4778095348087a725e0004707f9c25c3446584a
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Tue, 01 Feb 2022 14:16:34 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=054389490513cc45
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="Icon-SoMe-xing.svg"
linkedin-white.svg
www.provinzial.de/dam/jcr:88d4b6ce-bb3f-4232-865c-76c824b7537e/ 		633 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:88d4b6ce-bb3f-4232-865c-76c824b7537e/linkedin-white.svg
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
d72ae597d39c6b13cb046b7e0d27dff87d4b70b34eec323d79f91bd2fa770093
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Mon, 07 Feb 2022 14:21:52 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:38 GMT
server-timing
intid;desc=9bed7737c9c974ff
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="linkedin-white.svg"
40e8b3d963f10af9c6700507bfae2a60.woff
www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/40e8b3d963f10af9c6700507bfae2a60.woff
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://www.provinzial.de/.resources/oev-master-base/webresources/webcomponents/theme-pr~2024-12-16-11-44-44-000~cache.css

Response headers

strict-transport-security
max-age=3600
cache-control
max-age=3600, public
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 14:21:38 GMT
server-timing
intid;desc=a744e04a20a51513
content-length
30668
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/x-font-woff;charset=UTF-8
last-modified
Mon, 16 Dec 2024 11:44:44 GMT
de.json
api.usercentrics.eu/settings/xOyQDQ2Nr/latest/ 		36 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/xOyQDQ2Nr/latest/de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e2f4fe427f87bc5118db76bf88968d70c15bfbda3a49eb0952a68d3bad93b5f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=AGlAkg==, md5=crNllnmJoYb60ECCieTsBw==
etag
"72b365967989a186fad0408289e4ec07"
age
43
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 13:21:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9884
x-client-geo-location
DE,DEHE
date
Sat, 21 Dec 2024 13:20:55 GMT
last-modified
Tue, 03 Dec 2024 08:43:28 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6ePdzXbZJaiSHJHPBe2kqi8Kkj-qTWdADbTpoQhmiDOIvnAveiB_w9-Y4bdIzPiJ0
strict-transport-security
max-age=7776000
cache-control
public, max-age=1800, s-maxage=60
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733215408461879
content-length
9884
server
UploadServer
de.json
api.usercentrics.eu/settings/xOyQDQ2Nr/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/xOyQDQ2Nr/latest/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.provinzial.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 21 Dec 2024 13:21:38 GMT
expires
Sat, 21 Dec 2024 13:21:38 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
AFiumC6hqnlnnUN04olfNW07FTx6drZef-3z0T8M0736SZ66A4OurCtAFN06hHU0CuN2_T53
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.39.0/ Frame E204 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-sdk/4.39.0/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.provinzial.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
1380372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1142
content-type
text/html
date
Thu, 05 Dec 2024 13:55:26 GMT
etag
"d5af8cf4152fb484e22d56efc3b70bff"
expires
Sat, 04 Jan 2025 13:55:26 GMT
last-modified
Thu, 05 Dec 2024 13:51:30 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1733406690528684
x-goog-hash
crc32c=PQpN5g== md5=1a+M9BUvtITiLVbvw7cL/w==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1142
x-guploader-uploadid
AFiumC5l3IXsQY1tD5hRCSjTnl-jlsB69eAzTOsafJIUstlFF_doy9YpX8CJxWhHWJTmsJ1-LcneEuNySA
1px.png
app.usercentrics.eu/session/ 		489 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=xOyQDQ2Nr
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
etag
"3702ada73b8951017b8451cbd6a96523"
age
1259
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 13:30:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
522
date
Sat, 21 Dec 2024 13:00:39 GMT
last-modified
Fri, 08 May 2020 09:06:13 GMT
content-type
image/png
x-guploader-uploadid
AFiumC5WwV5HsM7X_usHmbB65N_M0prI1Z98BH7gA14OLSnFQto2pKeHpa2JppZWu6SG_frH
strict-transport-security
max-age=7776000
cache-control
public,max-age=1800,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1588928773413784
content-length
522
server
UploadServer
DefaultData-a4587f74-3ec5bd08.js
app.usercentrics.eu/browser-ui/3.59.0/ 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/DefaultData-a4587f74-3ec5bd08.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3691af239ad760fe2a5357feb52da889c9ce35568bab1ee7dcc925cfc32ffd12
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=T6KoYQ==, md5=S40W2jRaTAPZtgtxG47fQw==
etag
"4b8d16da345a4c03d9b60b711b8edf43"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
970
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:42 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC7wM7nMS80jXNeA22PyyTnJmqHsYlX_Xsp-OnAGJkjBHwA8jaai3KGqRwY0N3LlqQ3XUyGvnsLLTg
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406702098890
content-length
970
server
UploadServer
translations-de.json
api.usercentrics.eu/translations/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bf4744b9b3f0e4045698f5fb68162af7628bbc2128921eeb31be29c1397c127a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=vkMyYw==, md5=PnJJnLIQ+Yt9hIkXUrIKkg==
etag
"3e72499cb210f98b7d84891752b20a92"
age
66713
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 18:49:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3078
x-client-geo-location
DE,DEHE
date
Fri, 20 Dec 2024 18:49:45 GMT
last-modified
Wed, 18 Dec 2024 09:44:32 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4z2EKVRD6PrRIfoLuB_4y7a0TqgdYzGHjL-7e7pF4XdXFV6h4fI9tpPGIRnlGOSMFP
strict-transport-security
max-age=7776000
cache-control
public, max-age=345600, s-maxage=86400
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1734515071922964
content-length
3078
server
UploadServer
translations-de.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.provinzial.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 21 Dec 2024 13:21:38 GMT
expires
Sat, 21 Dec 2024 13:21:38 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
AFiumC6y0mbI4kqekTet7Iotl08Ezjtf6MBMK_TBjzIUwcZzsAVSp4KNkDcB3fMYkZvCXtk
DefaultUI-b70614ad-1666ad73.js
app.usercentrics.eu/browser-ui/3.59.0/ 		2 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/DefaultUI-b70614ad-1666ad73.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
af600ffbf924b30957b763f0059288e351b50b0f7c29b21835012817d432aadf
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=hNOncQ==, md5=vujE83TAgZnZM7hKSeiZZw==
etag
"bee8c4f374c08199d933b84a49e89967"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
755
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:42 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC653cpR2bVIm-_rWIrWqHkSds6go5X4E7RQGkcTLHU8lJBsr-zzJiSoqn2ErDDw084R4IGL3nt3-Q
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406702677619
content-length
755
server
UploadServer
FirstLayerCustomization-512dadd0-5415e9cc.js
app.usercentrics.eu/browser-ui/3.59.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/FirstLayerCustomization-512dadd0-5415e9cc.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e518137c1c4b8030ad9459f7d9dffcbd4f793e78839926b220329d25adfe95d4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/DefaultUI-b70614ad-1666ad73.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=vCX7ag==, md5=k7M5gtPeEIShay9D58Lgxw==
etag
"93b33982d3de1084a16b2f43e7c2e0c7"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1074
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:43 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4B7F-FHeMFLN94_FNivucjA0Gg1l8II6-g-kCUVOxvh8lHJbEB1vyxB8Rv0NPMjHg_StM
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406703268214
content-length
1074
server
UploadServer
ButtonsCustomization-22871a1f-baa7311b.js
app.usercentrics.eu/browser-ui/3.59.0/ 		473 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/ButtonsCustomization-22871a1f-baa7311b.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f7aae1b6c5ecc92bb7a77e36b3f75d116f6f7f797da238c49902de2dbf66827
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/DefaultUI-b70614ad-1666ad73.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=sqsxBg==, md5=aq6CPjYdeRWOy5sRdv6blQ==
etag
"6aae823e361d79158ecb9b1176fe9b95"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
235
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:41 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC5BfE8jwfIuBT6_JfyUbPNLa_QmpssJ5aZm49XN4_4hktnRJlNW8bdNQWpFd6WXWdESWHd_UjQDJg
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406701215583
content-length
235
server
UploadServer
SecondLayerUI-876de6c7-3993ceb1.js
app.usercentrics.eu/browser-ui/3.59.0/ 		567 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/SecondLayerUI-876de6c7-3993ceb1.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c7f22fdefa0d2145825de139d93a23d873bf8431d990b72052da90dc29ca7683
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/DefaultUI-b70614ad-1666ad73.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=Q6x8Eg==, md5=uwIn5Gn90rQN/2Q33StaLQ==
etag
"bb0227e469fdd2b40dff6437dd2b5a2d"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
317
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:44 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4O8Ne7hSW0G8DPl4c-BZDFpmHoIS3Rs1vthXT92qPQv_wqJX2xnEtdkVUVas-qZOVhpHt_rI512w
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406704489077
content-length
317
server
UploadServer
3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://www.provinzial.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 21 Dec 2024 13:21:38 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
63b3201e5f2e400d4203f9ca0c2aa845
3
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

X-Request-ID
39f9cbd0-16d4-43a7-911d-b9c67ae12d32
Access-Control-Allow-Origin
*
Referer
https://www.provinzial.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=7776000
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 21 Dec 2024 13:21:38 GMT
x-cloud-trace-context
60cfbc77f7cbb4005861dcedeeec0c69
vary
Origin
server
Google Frontend
content-type
text/html
de.json
privacy-proxy.usercentrics.eu/latest/ 		3 KB
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://privacy-proxy.usercentrics.eu/latest/de.json
Requested by
Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b28b050e82519288328bbfa6aeb5f05ce52b5854b032d444d3b5fa3a8df3058b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=A66pLQ==, md5=PvaiuHCMjqd0/i8BDWl4BQ==
etag
"3ef6a2b8708c8ea774fe2f010d697805"
age
1882
x-goog-stored-content-encoding
gzip
expires
Sat, 21 Dec 2024 13:50:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
914
date
Sat, 21 Dec 2024 12:50:16 GMT
last-modified
Wed, 11 Dec 2024 11:45:20 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4KVU-Bv7fF3NtG8DGy3H7c_9XRHQ21E3C52dWHeIQ3cVPWNQkb3wlbXiQOhSaUDYNf
strict-transport-security
max-age=7776000
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-version
3.3.14
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733917520136959
content-length
914
server
UploadServer
gtm.js
gtm.provinzial.de/ 		430 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gtm.provinzial.de/gtm.js?id=GTM-NG8G6ZS
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
f8a190a6cb50c3807bdd40e8da4fddab3f0c608434a95966874c90b14052fd62
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

strict-transport-security
max-age=3600
cache-control
private, max-age=900
content-encoding
gzip
expires
Sat, 21 Dec 2024 13:36:37 GMT
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 21 Dec 2024 12:00:00 GMT
vary
accept-encoding
fz.js
bt.fraud0.com/api/v2/ 		202 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bt.fraud0.com/api/v2/fz.js?cid=28409d52-7647-456f-aaaa-9516d5f7a8a2
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.30.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.30.160.34.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
9115fcb12c0905174f12358893df4535d1edf3cc9a4a8bcddcd59e412e5e488a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"674d7782-3295e"
age
840
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57358
date
Sat, 21 Dec 2024 13:07:38 GMT
last-modified
Mon, 02 Dec 2024 09:01:54 GMT
content-type
application/javascript
server
nginx/1.25.4
vary
Accept-Encoding
PrivacyButton-26d231f6.js
app.usercentrics.eu/browser-ui/3.59.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/PrivacyButton-26d231f6.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c793e523e78a008c4083f21f68c375008621c721ff667fabed0ace2b4be5d553
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=thL/xQ==, md5=jaIX85cIqzyEInTfXE+vaA==
etag
"8da217f39708ab3c842274df5c4faf68"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2449
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:43 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC5oVkH2yZE88PAbk2MsUkDuDAsCOf3RUjUMftVL2IOI_GBZBNu8CUomgmo1A1q7xmPaOTHuSv9uoA
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406703581531
content-length
2449
server
UploadServer
index-bfdf8f40.js
app.usercentrics.eu/browser-ui/3.59.0/ 		2 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/index-bfdf8f40.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
16fbe3117f477130ef56a90e130f5d520912346b9bfb6e605238d5f279e3f5a7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=WO4zfA==, md5=ZULo1Uq9NHdnnXU9hTRraQ==
etag
"6542e8d54abd3477679d753d85346b69"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
812
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:50 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4Hs1aCp6y0fWA3NqhbGe4NCpCJ0cjyzViMN9i6iSgAEIyigPRcNby7DjZtYEkXXBxFPkAumanZVQ
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406710018312
content-length
812
server
UploadServer
uct
uct.service.usercentrics.eu/ 		35 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=xOyQDQ2Nr&t=1&abv=&r=https%3A%2F%2Fwww.provinzial.de%2Fwest%2F&cb=1734787298620
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

strict-transport-security
max-age=7776000
cache-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
function-execution-id
8pyd8ld0c7ke
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/gif
x-cloud-trace-context
280e800681d35ff1faee74de14495e6f
server
Google Frontend
index-44e959b8.js
app.usercentrics.eu/browser-ui/3.59.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/index-44e959b8.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db418179dc0f29c3c3e3a3f005a177bcfc3f1d6b57ac9f332d43987efc3bdb06
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index.module.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=8jMqMQ==, md5=bQPWvUyjRsm3PoYSb1Il6A==
etag
"6d03d6bd4ca346c9b73e86126f5225e8"
age
1380446
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2110
date
Thu, 05 Dec 2024 13:54:12 GMT
last-modified
Thu, 05 Dec 2024 13:51:49 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC7E2bu9j8MENuMcQ48cLhvfvYqgnaH54XlqVMpEOWoGJVRkr-xhMBxGsdevyQmytHPTyF4
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406709703951
content-length
2110
server
UploadServer
SaveButton-f892ee57.js
app.usercentrics.eu/browser-ui/3.59.0/ 		1 KB
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/SaveButton-f892ee57.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f67ef4969b8d3d1a4287b44b6a9ce5aa8aa8ad470b7f3688f14256a9d3f5bb03
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index-44e959b8.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=bNJuCA==, md5=NjkC7CxwE8j7JbfIih9U6A==
etag
"363902ec2c7013c8fb25b7c88a1f54e8"
age
1380445
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
616
date
Thu, 05 Dec 2024 13:54:13 GMT
last-modified
Thu, 05 Dec 2024 13:51:44 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC5AHOrvW2x0DA6JOzCN9Wuu9qAf1G22dSUj1qyDksZ1iNwKA0F7mNqvoiSjWN-WHTCZNE2PgG5jeA
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406704182436
content-length
616
server
UploadServer
VirtualServiceItem-bd968d37.js
app.usercentrics.eu/browser-ui/3.59.0/ 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/VirtualServiceItem-bd968d37.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a6c5ae7bfbf03c6bb71faaaf3d25f3032ccd205c337ff1cca2d1b32c3bfda071
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index-44e959b8.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=q58xNw==, md5=tq8obWpKQO7+S1f3VlhSCg==
etag
"b6af286d6a4a40eefe4b57f75658520a"
age
1380445
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
48666
date
Thu, 05 Dec 2024 13:54:13 GMT
last-modified
Thu, 05 Dec 2024 13:51:45 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4J0rVGzv1HIR3uTyqEWYn98mXNSWlsUB4nEe0Zk2PQvZfQNBSq3HqT9ufOltpidQFrofF3hmToXQ
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406705800715
content-length
48666
server
UploadServer
DefaultTabs-20d58f8e.js
app.usercentrics.eu/browser-ui/3.59.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.59.0/DefaultTabs-20d58f8e.js
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5c0cdd9aa391539e0b896ea8909a2f96fe803304e0bc10348600b09bb927c7fa
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.provinzial.de
Referer
https://app.usercentrics.eu/browser-ui/3.59.0/index-44e959b8.js

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=6ArMFQ==, md5=nOuwNI4cXWJb0Zw1Ef3v/w==
etag
"9cebb0348e1c5d625bd19c3511fdefff"
age
1380445
x-goog-stored-content-encoding
gzip
expires
Fri, 05 Dec 2025 13:54:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1690
date
Thu, 05 Dec 2024 13:54:13 GMT
last-modified
Thu, 05 Dec 2024 13:51:42 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC4rOeqitGxRWY0XbGYCNZAGs45ueQGpP-XQyaiaJkKBkjExxk3zrfnm9ik66NHxkwV9Sk6TJWbLCw
strict-transport-security
max-age=7776000
cache-control
public, max-age=31536000, no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733406702387072
content-length
1690
server
UploadServer
jcr:65c6a9ee-553a-4c13-8226-0aa5ab7b1660
www.provinzial.de/dam/ 		417 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.provinzial.de/dam/jcr:65c6a9ee-553a-4c13-8226-0aa5ab7b1660
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
37b70fb73c288d7334e65b4958449bf797f40b84ba9384546153b5d500b702ec
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

strict-transport-security
max-age=3600
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
x-magnolia-registration
Registered
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
intid;desc=e8f23099b155f809
content-length
312
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
image/svg+xml;charset=UTF-8
content-disposition
attachment; filename="bild1x1px.svg"
vary
Accept-Encoding
last-modified
Fri, 11 Feb 2022 13:06:53 GMT
event
bt.fraud0.com/api/v2/ 		4 B
19 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.fraud0.com/api/v2/event
Requested by
Host: bt.fraud0.com
URL: https://bt.fraud0.com/api/v2/fz.js?cid=28409d52-7647-456f-aaaa-9516d5f7a8a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.30.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.30.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d04aec57c7429f91367da93e604aa04bcc35916a73afc714c3c3a0edc34d5eb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.provinzial.de/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.provinzial.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/octet-stream
event
bt.fraud0.com/api/v2/ 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.fraud0.com/api/v2/event
Requested by
Host: bt.fraud0.com
URL: https://bt.fraud0.com/api/v2/fz.js?cid=28409d52-7647-456f-aaaa-9516d5f7a8a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.30.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.30.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d8ffb41f9785cc166ba6d923dd209402959c6dcdf797a4fd526a4cf77aec289d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.provinzial.de/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.provinzial.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/octet-stream
telemetry
bt.fraud0.com/api/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.fraud0.com/api/v2/telemetry
Requested by
Host: bt.fraud0.com
URL: https://bt.fraud0.com/api/v2/fz.js?cid=28409d52-7647-456f-aaaa-9516d5f7a8a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.30.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.30.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.provinzial.de/

Response headers

via
1.1 google
access-control-max-age
86400
access-control-allow-origin
https://www.provinzial.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 13:21:38 GMT
access-control-allow-credentials
true
event
bt.fraud0.com/api/v2/ 		4 B
19 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.fraud0.com/api/v2/event
Requested by
Host: bt.fraud0.com
URL: https://bt.fraud0.com/api/v2/fz.js?cid=28409d52-7647-456f-aaaa-9516d5f7a8a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.30.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.30.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d211a73fcc94673d08bcacea3bfd588db5619c532c427218f3484ceef99c99ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.provinzial.de/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.provinzial.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/octet-stream
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: gtm.provinzial.de
URL: https://gtm.provinzial.de/gtm.js?id=GTM-NG8G6ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Sat, 21 Dec 2024 13:21:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gtm.provinzial.de
URL: https://gtm.provinzial.de/gtm.js?id=GTM-NG8G6ZS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-xFdXLqdm' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-xFdXLqdm' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4498, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
3gGqSw7hA2C7zNPG7JDEGTBsdgQO2X+Ig5C3UIuFcINAggazdQloeF1OAze2DXrkzfqNkOu24hk8f6BYKvrYAA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
destination
www.googletagmanager.com/gtag/ 		229 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-1103891&l=dataLayer&cx=c&gtm=45Fe4cc1v858321880za204&sign=002ec59184c9dbce8e7f47ce5a8884b5d3ba6fc93723a659512bfd1e46ecec82_20241221
Requested by
Host: gtm.provinzial.de
URL: https://gtm.provinzial.de/gtm.js?id=GTM-NG8G6ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
896f318b44c766ba08d73c7510688dc682a91007e5b9a29dd63e5d3737b52b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sat, 21 Dec 2024 13:21:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 13:21:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 21 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83794
x-xss-protection
0
server
Google Tag Manager
telemetry
bt.fraud0.com/api/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.fraud0.com/api/v2/telemetry
Requested by
Host: bt.fraud0.com
URL: https://bt.fraud0.com/api/v2/fz.js?cid=28409d52-7647-456f-aaaa-9516d5f7a8a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.30.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.30.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.provinzial.de/

Response headers

via
1.1 google
access-control-max-age
86400
access-control-allow-origin
https://www.provinzial.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 13:21:38 GMT
access-control-allow-credentials
true
519246669442740
connect.facebook.net/signals/config/ 		77 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/519246669442740?v=2.9.179&r=stable&domain=www.provinzial.de&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
507feea275f5248165f3bfcc320cab35f8481fcdee4445bf0746567fcc8329fa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gLs8BYCC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gLs8BYCC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70544, tp=66, tpl=0, uplat=142, ullat=0
pragma
public
x-fb-debug
68tHppre6goN8AySWMk71Lwc1KRZIYBZ3QLDVdWwySka2vHx9EBSnkGdkEcjdbuZwDmMJuo20cbm0h2Ncp1kFw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
www-widgetapi.js
www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
br
age
1617
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 12:54:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 12:54:41 GMT
last-modified
Mon, 16 Dec 2024 05:14:15 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
189635005718207
connect.facebook.net/signals/config/ 		31 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/189635005718207?v=2.9.179&r=stable&domain=www.provinzial.de&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
7a255796a0e09eb37cbc2542f069ddf6619f76a87ac784d6fc3bc7c61571e388
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FNs6SEMr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FNs6SEMr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=91, mss=1232, tbw=87950, tp=85, tpl=0, uplat=153, ullat=0
pragma
public
x-fb-debug
zyCaypUMHjTVunXROAHvs9WcmPlVYUyvJngxbjF9D8rCDs3aag0u9LcwMkl618oSDIcOfIPFKdzEMy/j/+4J4Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=519246669442740&ev=F0Event-FB&dl=https%3A%2F%2Fwww.provinzial.de&rl=&if=false&ts=1734787299025&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734787299024.999712275450361415&pm=1&hrl=025163&ler=empty&cdl=API_unavailable&it=1734787298860&coo=false&tm=2&cs_cc=1&cas=8496133680444174&rqm=GET
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4544, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=519246669442740&ev=F0Event-FB&dl=https%3A%2F%2Fwww.provinzial.de&rl=&if=false&ts=1734787299025&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734787299024.999712275450361415&pm=1&hrl=025163&ler=empty&cdl=API_unavailable&it=1734787298860&coo=false&tm=2&cs_cc=1&cas=8496133680444174&rqm=FGET
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450854716805986645"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
9LWDbkvrXv4Dg0RzFsCnmmGPPO/S98tX4cJH/ETQrcSoV3FG6Kk1DlYLNC5C/x2B2RzklUXJu6FCQ/0u9WjxUA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450854716805986645", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4912, tp=13, tpl=0, uplat=156, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
src=1103891;dc_pre=CIv46KX6uIoDFTVhHgId-KoWMQ;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cc1v9190626040z8858321...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=1103891;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cc1v91906...
  • https://ade.googlesyndication.com/ddm/activity/src=1103891;dc_pre=CIv46KX6uIoDFTVhHgId-KoWMQ;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=1103891;dc_pre=CIv46KX6uIoDFTVhHgId-KoWMQ;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cc1v9190626040z8858321880za201zb858321880;gcs=G100;gcd=13q3q3q2q5l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.provinzial.de%2Fwest%2F?
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 21 Dec 2024 13:21:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=1103891;dc_pre=CIv46KX6uIoDFTVhHgId-KoWMQ;type=fraud0;cat=f0;ord=9336935764515;u=undefined;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cc1v9190626040z8858321880za201zb858321880;gcs=G100;gcd=13q3q3q2q5l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.provinzial.de%2Fwest%2F?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 21 Dec 2024 13:21:39 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=189635005718207&ev=F0Event-FB&dl=https%3A%2F%2Fwww.provinzial.de&rl=&if=false&ts=1734787299193&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=123...
  • https://www.facebook.com/tr/?redirect=0&rqm=GET&cas=8418678278209368&cs_cc=1&tm=2&coo=false&it=1734787298860&cdl=API_unavailable&ler=empty&hrl=6060bb&pm=1&fbp=fb.1.1734787299024.999712275450361415&...
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?redirect=0&rqm=GET&cas=8418678278209368&cs_cc=1&tm=2&coo=false&it=1734787298860&cdl=API_unavailable&ler=empty&hrl=6060bb&pm=1&fbp=fb.1.1734787299024.999712275450361415&o=12316&ec=0&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.179&sh=1200&sw=1600&ts=1734787299193&if=false&rl=&dl=https%3A%2F%2Fwww.provinzial.de&ev=F0Event-FB&id=189635005718207
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=26, mss=1232, tbw=8304, tp=21, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
location
/tr/?redirect=0&rqm=GET&cas=8418678278209368&cs_cc=1&tm=2&coo=false&it=1734787298860&cdl=API_unavailable&ler=empty&hrl=6060bb&pm=1&fbp=fb.1.1734787299024.999712275450361415&o=12316&ec=0&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.179&sh=1200&sw=1600&ts=1734787299193&if=false&rl=&dl=https%3A%2F%2Fwww.provinzial.de&ev=F0Event-FB&id=189635005718207
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=7776, tp=18, tpl=0, uplat=0, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=189635005718207&ev=F0Event-FB&dl=https%3A%2F%2Fwww.provinzial.de&rl=&if=false&ts=1734787299193&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.1.1734787299024.999712275450361415&pm=1&hrl=6060bb&ler=empty&cdl=API_unavailable&it=1734787298860&coo=false&tm=2&cs_cc=1&cas=8418678278209368&rqm=FGET
Requested by
Host: www.provinzial.de
URL: https://www.provinzial.de/west/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450854716714112988"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
slDd6FDTfNBHoFiC+X24oCtOhAW64z8/nu6y8ISB/hKXqUTikU1/HCrd1c0uY93k9t01pfFnnoUecdiiwUL2Lw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450854716714112988", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=26, mss=1232, tbw=8535, tp=25, tpl=0, uplat=120, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pr.svg
www.provinzial.de/dam/jcr:900b18b3-1441-4a13-9caa-5fe1cee47332/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.provinzial.de/dam/jcr:900b18b3-1441-4a13-9caa-5fe1cee47332/pr.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.34.85.158 , Germany, ASN12316 (FITSNET Finanz Informatik Technologie Service GmbH & Co. KG, DE),
Reverse DNS
rev-212.34.85.158.rev.f-i-ts.net
Software
/
Resource Hash
922eb073844e1d1a2311b7c29cd0a836748c5bf49714634079b1d17f079ed215
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.provinzial.de/west/

Response headers

last-modified
Wed, 26 Oct 2022 13:02:11 GMT
strict-transport-security
max-age=3600
cache-control
max-age=600, public
content-encoding
gzip
x-magnolia-registration
Registered
expires
Sat, 21 Dec 2024 13:31:39 GMT
server-timing
intid;desc=d9cfc51dda3edbc1
date
Sat, 21 Dec 2024 13:21:39 GMT
content-type
image/svg+xml;charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="pr.svg"

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oev_theme-pr function| initUsercentrisObserver function| applyConsentManagerStyling function| getCurrentLogo object| google object| mapboxgl object| L object| bitmovin object| Twitch object| grecaptcha function| _wcomWidget object| Microsoft function| js3q object| Calendly object| oa object| hbspt object| uc object| dataLayer function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill object| uetq object| bowser object| ablyft number| ablyftEventQueueInterv object| ablyftTempStorage boolean| ablyftClickListener object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| oev_all object| UC_UI boolean| F0Loaded object| fraud0 object| google_tag_manager object| google_tag_data object| _dxpTracking function| onYouTubeIframeAPIReady string| search object| r function| fbq function| _fbq object| _fbq_gtm_ids object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady

12 Cookies

Domain/Path Name / Value
www.provinzial.de/west Name: csrf
Value: B1zOMSjQqfub23OMtTK_mkrHeJlIz6oLDBYk6VnouXLGr--qkSppOJDA53rV1XGJASbLahg_UtSRyvsJvBg4xQ:AAABk-lhctA:aJk8Np-RD3FZH5M3AvXbNw
www.provinzial.de/ Name: INGRESSCOOKIE
Value: 1734787298.985.194581.487719|2a20d5ecf96129f16fb5b6f11ee9ce4c
www.provinzial.de/ Name: JSESSIONID
Value: 7CCE62202E3734D5CD6A0B44FE10ABD4
www.provinzial.de/ Name: region
Value: west
.youtube.com/ Name: YSC
Value: Aqn7TCtcRC4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vphHMc4lYPA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgTQ%3D%3D
www.provinzial.de/ Name: f0_uid
Value: d8e14bda-d663-4c63-b138-0999219f1481.1734787298750
www.provinzial.de/ Name: f0_sid
Value: 49c49ef1-02cf-462c-9358-ea014791f9c1.1734787298750.30
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vphHMc4lYPA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgTQ%3D%3D
.provinzial.de/ Name: _fbp
Value: fb.1.1734787299024.999712275450361415

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.provinzial.de/west/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040F302C4350000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.usercentrics.eu
app.usercentrics.eu
bt.fraud0.com
connect.facebook.net
consent-api.service.consent.usercentrics.eu
de.snippet-ablyft.com
gtm.provinzial.de
privacy-proxy.usercentrics.eu
uct.service.usercentrics.eu
www.facebook.com
www.googletagmanager.com
www.provinzial.de
www.youtube.com
142.250.186.162
157.240.0.35
157.240.253.1
212.34.85.158
2600:1901:0:1e38::
2600:1901:0:5987::
2600:1901:0:c07c::
2a00:1450:4001:800::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:81d::200e
2a01:4f8:d0a:11f6::2
34.160.30.67
34.95.108.180
35.190.14.188
35.241.3.184
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
0649db93ab2b7f87b4ded62c0ea199179daac083652469fe3ad7486de2d3ed08
09e5f229272a96a2ff55ac53ec606ace4fcf3e4889a7e24196b6bd86d5f61609
0c59e766e8e06dfada38cbb9b6d7e38710c0a8e47c76f24eff42ded7a2010ff7
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
16fbe3117f477130ef56a90e130f5d520912346b9bfb6e605238d5f279e3f5a7
1c16f5134f6b79ab98c074aa10618272927b1eb6986cb0d45c5f041f4cad935c
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
1e2f4fe427f87bc5118db76bf88968d70c15bfbda3a49eb0952a68d3bad93b5f
1f77e0dc070c0dcfe478ffc019aca6e44e58a6df978603edda23a7d9573b9fd0
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
25dd114c2f885924740de83597589835df1a394b84b1cf687585790462f95042
261d1432145cc334d5b993f9f3ac18e6ac31b9122eb8280cde9567158dc86b5d
2a872395345fef8dab177a9b2d78ffc05c62fb60b398c7f3fc1072948efdd8cf
2e903c14d8a152fc3bc0365d4d51f337f4d216fdb49bd04601184839f76655d7
2eb375e3dde2e2945b0d6bebfbb25fc842bc32dd3b016d2d9ef1848fcbe513b3
34fcf381d1a0b4651a8350b55800d9f860094f4648f7e127d7aafa00d1b31e5c
358e73d95a9677323d50f1dca8fee409b841a21092817a3aba930f57ccfdd743
3691af239ad760fe2a5357feb52da889c9ce35568bab1ee7dcc925cfc32ffd12
37b70fb73c288d7334e65b4958449bf797f40b84ba9384546153b5d500b702ec
431644b3b2967b68ee13cc6e482442cdfdc8b7a8f9fa658e656f154e30da5084
4b5f78684ea38ed09e35de726efcb2eeb5182d0ea840f05fe01142155a990f91
507feea275f5248165f3bfcc320cab35f8481fcdee4445bf0746567fcc8329fa
5375cc5aca88fa6accec4d1bd9f3cd9f66499951c6796a4b123a6705213ed82d
5c0cdd9aa391539e0b896ea8909a2f96fe803304e0bc10348600b09bb927c7fa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cd6a068f6c79572860c48dbff824c62642eb54012ee36b0959dc0bda72fe14b
6e627a96057a9bd290b48ac8bc8fac597305e76d25c9726890bf30fa2ed13a12
70fa547f6d5cd285e49b635b9317a64eea9e797e1b9c4df484f7463399386c73
7a255796a0e09eb37cbc2542f069ddf6619f76a87ac784d6fc3bc7c61571e388
7a87b716a1f6df6e16256029ff6ab6ba2ecd44da9c355d7090564310856aa883
7c122b7a949a4e2dd67cc35f5c6b738a851011c14b4681ff9c1821c926156353
7c9cef05b399b4ae7075a470913e352b647bfdf8b82b66f06f4ccac198dc0c4c
7d8ac26adb26f91aad5ec10d088721723f94eb31c8dec20223f98b9ee0c513b3
7f7aae1b6c5ecc92bb7a77e36b3f75d116f6f7f797da238c49902de2dbf66827
896f318b44c766ba08d73c7510688dc682a91007e5b9a29dd63e5d3737b52b96
9115fcb12c0905174f12358893df4535d1edf3cc9a4a8bcddcd59e412e5e488a
922eb073844e1d1a2311b7c29cd0a836748c5bf49714634079b1d17f079ed215
925dff52c0cbaf5b257c08a09682a7e313e830243c83bfa9bda6c96c291d31c7
941b1f23518d30568f2df7f2b9dd130dc227b63cdb0494120cd297f9f18646e9
9a045b04c458212669652a44e2aa17ac494ab44dfbab6a7e4f58cd6a0376060f
9b9d2b22fa1fc2952b507a46a99c9f384b2e5adbd2b1c94e595e0a2fbfd2d316
9be05882dd7fcaff9fd8fa183ad3505457ee5c356c9f4e23ea8a4ce295045297
a533f317f1e23bd74cb85a2eb19e932e96d0cee1aff705fba10f5647ba08c097
a6c5ae7bfbf03c6bb71faaaf3d25f3032ccd205c337ff1cca2d1b32c3bfda071
a80c3f820265dbb0b0f71a0d4b5c0228d876ca7a5a4876c5ef3b4f86d305d8eb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adf57ae1a5c850e5a9abd3ac87f415bb539c126ed46deee297ce743b9c530a4e
af600ffbf924b30957b763f0059288e351b50b0f7c29b21835012817d432aadf
b245afddc4c9c5c0fea821d6f6509c7419ab13369e35687fd246accb5d45f248
b28b050e82519288328bbfa6aeb5f05ce52b5854b032d444d3b5fa3a8df3058b
b4310c26fe602b9837725b03cd04b09d131ee3d5b56ccef7b1cc30a7e63a80d9
b9487b852be190a88a92ca3d883c711fc85babb4cd7e1f99572de300057344e3
ba28f78e6436ea5e558ea9787fc1328854a1f861b0e06d3fec9296651ebebbb6
bf4744b9b3f0e4045698f5fb68162af7628bbc2128921eeb31be29c1397c127a
c3be67af5cb0992e18d9d815144c6789c48aa163c8d290f658bf5f0f3f19cb53
c64af742a7b7fcae047cb4d29201c6eabba05e84ce9c82b989715c329d67cf81
c793e523e78a008c4083f21f68c375008621c721ff667fabed0ace2b4be5d553
c7f22fdefa0d2145825de139d93a23d873bf8431d990b72052da90dc29ca7683
ca20652317cb24c669c145b046d7189d248c30b60eb739a5f16c3ee13295bc29
cea55a8f9d1adc2cf3945bef756b67982b6e6dce689dd41f8d7751993ac69830
d04aec57c7429f91367da93e604aa04bcc35916a73afc714c3c3a0edc34d5eb0
d20e8224d1b57e924206bf18e3b97ab5851e1fd36ff1aba1c98de8cc38b04b79
d211a73fcc94673d08bcacea3bfd588db5619c532c427218f3484ceef99c99ac
d6c6ec75b707d6cdfd78a056cc5b68139185b20b20a45441ea5734f2739cda3c
d72ae597d39c6b13cb046b7e0d27dff87d4b70b34eec323d79f91bd2fa770093
d8ffb41f9785cc166ba6d923dd209402959c6dcdf797a4fd526a4cf77aec289d
d940a61aa45dce1d454edc4e2b68867753b0b8ba0827aa083f50926c6f91f20c
db418179dc0f29c3c3e3a3f005a177bcfc3f1d6b57ac9f332d43987efc3bdb06
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
deb8d499a901c4da51dc84bb98d6764d89929e8f8bd035e3872add8dd630c068
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e03d7b9a0fb8a8c03274a99bd623828a210c91916db9842d94d8d2bc3bdc54
e518137c1c4b8030ad9459f7d9dffcbd4f793e78839926b220329d25adfe95d4
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56c89da9a829ad4a5094178c4778095348087a725e0004707f9c25c3446584a
f67ef4969b8d3d1a4287b44b6a9ce5aa8aa8ad470b7f3688f14256a9d3f5bb03
f8a190a6cb50c3807bdd40e8da4fddab3f0c608434a95966874c90b14052fd62
f9f419e3057bb158312ccbf21797be29c6a6d4307ccaf18e254ea515e6eab147
fb2c1bc87f11ac8bdb9b722b6bf11714a415e6b0a000868372fab779a4114b25