urlscan.io logo urlscan.io
SecurityTrails logo

ars-vobiscum.media Open in urlscan Pro
85.13.138.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://das-impfbuch.eu/
Effective URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Submission: On March 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 39 HTTP transactions. The main IP is 85.13.138.188, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is ars-vobiscum.media.
TLS certificate: Issued by R3 on January 15th 2023. Valid for: 3 months.
This is the only time ars-vobiscum.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 77.244.253.148 47692 (NESSUS)
20 85.13.138.188 34788 (NMM-AS D)
1 23.227.60.200 13335 (CLOUDFLAR...)
1 108.156.60.28 16509 (AMAZON-02)
13 151.101.65.21 54113 (FASTLY)
2 192.229.221.25 15133 (EDGECAST)
39 6
1    77.244.253.148 (Felixdorf, Austria)

ASN47692 (NESSUS, AT)
PTR: s1.ws-server.at
das-impfbuch.eu
20    85.13.138.188 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd18300.kasserver.com
ars-vobiscum.media
1    23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
1    108.156.60.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-28.ams1.r.cloudfront.net
embed.sendcloud.sc
13    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
20 ars-vobiscum.media
ars-vobiscum.media
1 MB
15 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2345
t.paypal.com — Cisco Umbrella Rank: 3066
562 KB
1 sendcloud.sc
embed.sendcloud.sc — Cisco Umbrella Rank: 361517
2 KB
1 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 1745
37 KB
1 das-impfbuch.eu
das-impfbuch.eu
306 B
39 5
Domain Requested by
20 ars-vobiscum.media ars-vobiscum.media
13 www.paypal.com ars-vobiscum.media
www.paypal.com
2 t.paypal.com ars-vobiscum.media
1 embed.sendcloud.sc ars-vobiscum.media
1 cdn.shopify.com ars-vobiscum.media
1 das-impfbuch.eu 1 redirects
39 6
Subject Issuer Validity Valid
ars-vobiscum.media
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh
cdn.shopify.com
R3		 2023-01-17 -
2023-04-17		 3 months crt.sh
*.sendcloud.sc
Amazon RSA 2048 M02		 2023-02-24 -
2023-10-31		 8 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-10 -
2023-11-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Frame ID: D7130250909C8AF974663F050F4E9613
Requests: 30 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Frame ID: A253602066FF8B1394326B294C9216A7
Requests: 4 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Frame ID: 8447AD157EE89E893A67A1DCA3231F62
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

»Vor der "Impfung" waren sie gesund« von Andrea Drescher | 20222

Page URL History Show full URLs

  1. http://das-impfbuch.eu/ HTTP 301
    https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

39
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

1702 kB
Transfer

4971 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://das-impfbuch.eu/ HTTP 301
    https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 20222
ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/
Redirect Chain
  • http://das-impfbuch.eu/
  • https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
247 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
3a35915a7610b2d0d93c28c482a11f460c1b465aed50a15abf7e30802c724c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-cache, private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 12:30:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
sw-invalidation-states
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
deny

Redirect headers

Connection
Keep-Alive
Content-Length
293
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 09 Mar 2023 12:30:14 GMT
Keep-Alive
timeout=5, max=100
Location
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Server
Apache
all.css
ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/ 		530 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
a34ff431b4902f84d1ccc40c1b31a090cdc6eeee3e9279c4c6dc0dfb6f9bf7ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
content-encoding
br
last-modified
Fri, 03 Mar 2023 23:11:23 GMT
server
Apache
etag
"84731-5f607105af61f-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
animate.css
ars-vobiscum.media/bundles/moorlfoundation/storefront/css/ 		87 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/bundles/moorlfoundation/storefront/css/animate.css?167759245189270
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
b8bd07d3d3402af87416db62d127d3af763f4930a1e91d5cd82b4bc2dff1f37b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
content-encoding
br
last-modified
Tue, 28 Feb 2023 13:54:11 GMT
server
Apache
etag
"15cb6-5f5c2ee2ca23b-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
4515
ARV_Logo_Kreis%20sw.jpg
ars-vobiscum.media/media/26/6a/5b/1675955836/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/media/26/6a/5b/1675955836/ARV_Logo_Kreis%20sw.jpg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
48422e13a976b14abc306f50fa70938e7b83f0b9b7a99ad34f1e865c10e3a3d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Thu, 09 Feb 2023 15:17:16 GMT
server
Apache
accept-ranges
bytes
etag
"2dff-5f445e0489e9a"
content-length
11775
content-type
image/jpeg
ARV_Logo_Email_klein.png
ars-vobiscum.media/media/74/15/b6/1669631548/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/media/74/15/b6/1669631548/ARV_Logo_Email_klein.png
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
092c4f27488889c785b77ba98c9c28e1bb836e77c252d8bf77e9c7cfcbc7d519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Mon, 28 Nov 2022 10:32:28 GMT
server
Apache
accept-ranges
bytes
etag
"5a1d-5ee856361775c"
content-length
23069
content-type
image/png
book-solo_1920x1920.jpg
ars-vobiscum.media/thumbnail/38/d8/6b/1668938841/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/thumbnail/38/d8/6b/1668938841/book-solo_1920x1920.jpg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
8e7aa5da16d257b623d0eba796f74e723081d2d8e8f032c431644b77cce79462

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Sun, 20 Nov 2022 10:07:21 GMT
server
Apache
accept-ranges
bytes
etag
"10865-5ede41ad3bb44"
content-length
67685
content-type
image/jpeg
d-book-01_1920x1920.jpg
ars-vobiscum.media/thumbnail/a0/09/72/1668938842/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/thumbnail/a0/09/72/1668938842/d-book-01_1920x1920.jpg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
e375170d26c3049ae470a559530b705b9cf8413b4b064c76c835d608b7495178

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Sun, 20 Nov 2022 10:07:23 GMT
server
Apache
accept-ranges
bytes
etag
"21a02-5ede41ae3d842"
content-length
137730
content-type
image/jpeg
book-solo_400x400.jpg
ars-vobiscum.media/thumbnail/38/d8/6b/1668938841/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/thumbnail/38/d8/6b/1668938841/book-solo_400x400.jpg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
09d4438d340ad5aed04ec09268afd25de42373893463df0df84306511fba2ddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Sun, 20 Nov 2022 10:07:22 GMT
server
Apache
accept-ranges
bytes
etag
"3838-5ede41ad4c4e4"
content-length
14392
content-type
image/jpeg
d-book-01_400x400.jpg
ars-vobiscum.media/thumbnail/a0/09/72/1668938842/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/thumbnail/a0/09/72/1668938842/d-book-01_400x400.jpg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
5a77ec210510995edc29839585c0317e50e6f5a6f2942d5910111ca459793004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Sun, 20 Nov 2022 10:07:23 GMT
server
Apache
accept-ranges
bytes
etag
"2be3-5ede41ae53fa2"
content-length
11235
content-type
image/jpeg
souv2_480x480.png
cdn.shopify.com/s/files/1/0550/1511/2903/files/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0550/1511/2903/files/souv2_480x480.png?v=1654850341
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82deda7d148c3e4f48dfb06daf0c8cfa3d7f93ff7c7f80712ab6b4820c133146
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
source-type
image/png
server-timing
imagery;dur=291.824, imageryFetch;dur=47.740, imageryProcess;dur=243.159;desc="image", cfRequestDuration;dur=481.000185
source-length
118929
content-length
36850
x-xss-protection
1; mode=block
x-request-id
9e8077e7-fac8-4114-8a17-ecf4ed66c983
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Mar 2023 12:30:16 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0vLya1XTVno5RGmAudq5KoTr8ZQN%2F85muKj1UKHI93o8Dlyvj55A3O7b11B6%2F%2F3yiaWZGQkYFO%2BhTJL5KZ1fyRpumltVmZ9g2CEu9E9SN9g8i27VXkDMnAuMZo7%2FhcG8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0550/1511/2903/files/souv2_480x480.png>; rel="canonical"
cf-ray
7a535405cda19a3f-FRA
swag_paypal_paypal.svg
ars-vobiscum.media/media/bf/e8/94/1664359422/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/media/bf/e8/94/1664359422/swag_paypal_paypal.svg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
14b6f563744f176df1a746f53ad3a25d9effcb7bf9ffeba3ed534fb83bf905fe
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Tue, 15 Nov 2022 08:42:35 GMT
server
Apache
etag
"bea-5ed7e56775cd6"
vary
User-Agent
content-type
image/svg+xml
accept-ranges
bytes
content-length
3050
swag_paypal_card.svg
ars-vobiscum.media/media/f2/e0/71/1664359420/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/media/f2/e0/71/1664359420/swag_paypal_card.svg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
95c5c563b974f197ed5c62daaed23524fd639564a5ec5a27122658f3b4584e0e
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Tue, 15 Nov 2022 08:42:35 GMT
server
Apache
etag
"1031-5ed7e56775cd6"
vary
User-Agent
content-type
image/svg+xml
accept-ranges
bytes
content-length
4145
swag_paypal_apm_giropay.svg
ars-vobiscum.media/media/85/a4/be/1664359421/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars-vobiscum.media/media/85/a4/be/1664359421/swag_paypal_apm_giropay.svg
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
2fd72fbdfe0fea8939cd95b9729e55cbda355868be222125345e623b3b3c1c63
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Tue, 15 Nov 2022 08:42:35 GMT
server
Apache
etag
"1b72-5ed7e56775cd6"
vary
User-Agent
content-type
image/svg+xml
accept-ranges
bytes
content-length
7026
all.js
ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/js/ 		1 MB
321 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/js/all.js?16778850831448924
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
1d95e657233629d52266f42061e4ba87f28c166eafeb980659431b24ade702d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
content-encoding
br
last-modified
Fri, 03 Mar 2023 23:11:23 GMT
server
Apache
etag
"161bdc-5f607105b155f-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
api.min.js
embed.sendcloud.sc/spp/1.0.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendcloud.sc/spp/1.0.0/api.min.js
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-28.ams1.r.cloudfront.net
Software
envoy /
Resource Hash
a15ab037512ad6475d61b1c011399cf35c52f7f30e4d1f461bf523287694a654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 09:28:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
AMS1-P2
age
10923
x-frame-options
DENY
vary
Accept-Encoding
content-language
en-us
content-type
application/javascript; charset=utf-8
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
6
x-amz-cf-id
-V_OJmbGqydIMdWuKOxRXbQB6_C-8vyxJ7pzMZgwrQLwU56g1slC0A==
truncated
/ 		113 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
732703ae6fbff9108df105187da531c48e1268d476dc7420abcb9e3ee9de0330

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
Inter-Regular.woff2
ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/Inter-Regular.woff2
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de

Request headers

Referer
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Origin
https://ars-vobiscum.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Fri, 03 Mar 2023 23:11:23 GMT
server
Apache
accept-ranges
bytes
etag
"186f8-5f607105b24ff"
content-length
100088
content-type
font/woff2
Inter-Bold.woff2
ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/Inter-Bold.woff2
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
20fd98b18d523471ae687971086817766649ce25f32e438d14711561a95bc9e9

Request headers

Referer
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Origin
https://ars-vobiscum.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Fri, 03 Mar 2023 23:11:23 GMT
server
Apache
accept-ranges
bytes
etag
"1a324-5f607105b24ff"
content-length
107300
content-type
font/woff2
Inter-SemiBold.woff2
ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/Inter-SemiBold.woff2
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
e9bb1331830a18e2504d966f1fa931e711cad726e454722f324d63534cec97d9

Request headers

Referer
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Origin
https://ars-vobiscum.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Fri, 03 Mar 2023 23:11:23 GMT
server
Apache
accept-ranges
bytes
etag
"1a2b0-5f607105b24ff"
content-length
107184
content-type
font/woff2
Inter-Italic.woff2
ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/assets/font/Inter-Italic.woff2
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
54b81f9de5a85c8755771be7b864d44851b36c46faccf7d7edf8d2a4df0a4c54

Request headers

Referer
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Origin
https://ars-vobiscum.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:15 GMT
last-modified
Fri, 03 Mar 2023 23:11:23 GMT
server
Apache
accept-ranges
bytes
etag
"1a368-5f607105b24ff"
content-length
107368
content-type
font/woff2
info
ars-vobiscum.media/widgets/checkout/ 		1 KB
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/widgets/checkout/info
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/js/all.js?16778850831448924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
1275df0a5329c04f38ca0c646b717b6c5a0083fe9289d7e523daf61d9ade81c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 09 Mar 2023 12:30:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
br
server
Apache
x-frame-options
deny
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-robots-tag
noindex
js
www.paypal.com/sdk/ 		485 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&currency=EUR&enable-funding=paylater,venmo
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/js/all.js?16778850831448924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16fb20dfe6cdd2b57559dbe79abbf77b2ec5f7d84a26692732870de8bfc5aa84
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-eLDEs5dvBd5p2E3RTCc+wjKhqj79JxTE030EFAs20y3KC36S' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-eLDEs5dvBd5p2E3RTCc+wjKhqj79JxTE030EFAs20y3KC36S' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-eLDEs5dvBd5p2E3RTCc+wjKhqj79JxTE030EFAs20y3KC36S' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-eLDEs5dvBd5p2E3RTCc+wjKhqj79JxTE030EFAs20y3KC36S' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 12:30:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1016
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f881176616193
server-timing
"traceparent;desc="00-0000000000000000000f881176616193-f212072ba3b0c18c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
138795
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220049-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f881176616193-e95ad41b6f7e833f-01
x-timer
S1678365016.453950,VS0,VE5
etag
W/"21e2b-EpKYGo+UO0anqmYcfAnHsRvJp7w"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
3, 0
js
www.paypal.com/sdk/ 		485 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/js/all.js?16778850831448924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16fb20dfe6cdd2b57559dbe79abbf77b2ec5f7d84a26692732870de8bfc5aa84
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 12:30:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1016
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f88117663db90
server-timing
"traceparent;desc="00-0000000000000000000f88117663db90-2d4fcdde32edf153-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
138795
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220033-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f88117663db90-2a7d74c2c834a53c-01
x-timer
S1678365016.454119,VS0,VE3
etag
W/"21e2b-EpKYGo+UO0anqmYcfAnHsRvJp7w"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
2, 1
icomoon.ttf
ars-vobiscum.media/bundles/netzpshariff6/static/font/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/bundles/netzpshariff6/static/font/icomoon.ttf?y3dlpj
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
0ca9a7725f2abe35a1afe3077fe22228dd3b639da06e7f9fe840f2a61aac30f7

Request headers

Referer
https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/css/all.css?1677885083542513
Origin
https://ars-vobiscum.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:16 GMT
last-modified
Sun, 15 Jan 2023 15:55:42 GMT
server
Apache
etag
"e54-5f24f7fb4b0c7"
vary
User-Agent
content-type
font/ttf
accept-ranges
bytes
content-length
3668
local
www.paypal.com/credit-presentment/experiments/ Frame A253 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8587b72908a6d4c66a14660071dd4d4fb98912e7fce3303ce52fac18d9909dc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-sGD8lvmhqrWwzXWxhS84kJKBE5np85jyWGNliwp1kZE=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ars-vobiscum.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
60495
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1442
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-sGD8lvmhqrWwzXWxhS84kJKBE5np85jyWGNliwp1kZE=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Thu, 09 Mar 2023 12:30:16 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"12ba-d3gPt6RVmHhn86NxSDMfzCTVuqI"
paypal-debug-id
f987320a85e9d
server-timing
"traceparent;desc="00-0000000000000000000f987320a85e9d-8f6c08902bb755bb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f987320a85e9d-79843e174e6fad7b-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
46, 16740
x-served-by
cache-hhn-etou8220057-HHN, cache-fra-eddf8230045-FRA
x-timer
S1678365017.591837,VS0,VE1
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=ars-vobiscum.media&t=xo&v=5.0.358&source=payments_sdk&client_id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&comp=buttons,messages,hosted-fields,funding-eligibility&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MXavHc+H3WKmh7Phrd2rJODqehy82lzhbY6m7H98AyflIbGd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MXavHc+H3WKmh7Phrd2rJODqehy82lzhbY6m7H98AyflIbGd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 12:30:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
145359
x-cache
HIT, HIT
paypal-debug-id
f494356a4dbb6
server-timing
"traceparent;desc="00-0000000000000000000f494356a4dbb6-79efbebc483157b5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220056-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f494356a4dbb6-810b8bdf46028952-01
x-timer
S1678365017.592827,VS0,VE1
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
8, 1
store-api
ars-vobiscum.media/_proxy/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ars-vobiscum.media/_proxy/store-api?path=%2Fstore-api%2Fpaypal%2Fpayment-method-eligibility
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/theme/89cf19d73080a8aee025cacdb4849418/js/all.js?16778850831448924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.138.188 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd18300.kasserver.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 09 Mar 2023 12:30:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
deny
vary
User-Agent
cache-control
no-cache, private
expires
Thu, 09 Mar 2023 12:30:16 GMT
local
www.paypal.com/credit-presentment/experiments/ Frame 8447 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8587b72908a6d4c66a14660071dd4d4fb98912e7fce3303ce52fac18d9909dc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-sGD8lvmhqrWwzXWxhS84kJKBE5np85jyWGNliwp1kZE=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ars-vobiscum.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
60495
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1442
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-sGD8lvmhqrWwzXWxhS84kJKBE5np85jyWGNliwp1kZE=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Thu, 09 Mar 2023 12:30:16 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"12ba-d3gPt6RVmHhn86NxSDMfzCTVuqI"
paypal-debug-id
f987320a85e9d
server-timing
"traceparent;desc="00-0000000000000000000f987320a85e9d-8f6c08902bb755bb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f987320a85e9d-79843e174e6fad7b-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
46, 16741
x-served-by
cache-hhn-etou8220057-HHN, cache-fra-eddf8230045-FRA
x-timer
S1678365017.753646,VS0,VE1
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/ Frame A253 		485 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16fb20dfe6cdd2b57559dbe79abbf77b2ec5f7d84a26692732870de8bfc5aa84
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 12:30:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1016
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f88117663db90
server-timing
"traceparent;desc="00-0000000000000000000f88117663db90-2d4fcdde32edf153-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
138795
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220033-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f88117663db90-2a7d74c2c834a53c-01
x-timer
S1678365017.765516,VS0,VE1
etag
W/"21e2b-EpKYGo+UO0anqmYcfAnHsRvJp7w"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
2, 2
ts
t.paypal.com/ 		42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=%C2%BBVor%20der%20%22Impfung%22%20waren%20sie%20gesund%C2%AB%20von%20Andrea%20Drescher%20%7C%2020222&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1678365016771&g=0&completeurl=https%3A%2F%2Fars-vobiscum.media%2FVor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher%2F20222&ru=https%3A%2F%2Fars-vobiscum.media%2FVor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher%2F20222&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE6) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Mar 2023 12:30:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (frc/4CE6)
traceparent
00-00000000000000000007da00984ca244-2717201166aafd80-01
content-type
image/gif
paypal-debug-id
7da00984ca244
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
content-length
42
expires
Thu, 09 Mar 2023 12:30:16 GMT
ts
t.paypal.com/ 		42 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=%C2%BBVor%20der%20%22Impfung%22%20waren%20sie%20gesund%C2%AB%20von%20Andrea%20Drescher%20%7C%2020222&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1678365016772&g=0&completeurl=https%3A%2F%2Fars-vobiscum.media%2FVor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher%2F20222&ru=https%3A%2F%2Fars-vobiscum.media%2FVor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher%2F20222&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: ars-vobiscum.media
URL: https://ars-vobiscum.media/Vor-der-Impfung-waren-sie-gesund-von-Andrea-Drescher/20222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB8) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ars-vobiscum.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Mar 2023 12:30:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (frc/4CB8)
traceparent
00-0000000000000000000708650d54df0c-a07c67a0f01abe14-01
content-type
image/gif
paypal-debug-id
708650d54df0c
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
content-length
42
expires
Thu, 09 Mar 2023 12:30:16 GMT
js
www.paypal.com/sdk/ Frame 8447 		485 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16fb20dfe6cdd2b57559dbe79abbf77b2ec5f7d84a26692732870de8bfc5aa84
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EppfPk+B8/jZOEfFZT+qxXsheci4EUyd0LJ9r44ITNpddXTl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 12:30:16 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1016
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f88117663db90
server-timing
"traceparent;desc="00-0000000000000000000f88117663db90-2d4fcdde32edf153-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
138795
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220033-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f88117663db90-2a7d74c2c834a53c-01
x-timer
S1678365017.777847,VS0,VE1
etag
W/"21e2b-EpKYGo+UO0anqmYcfAnHsRvJp7w"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
2, 3
hash
www.paypal.com/credit-presentment/experiments/ Frame A253 		40 B
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_6c03ce9144_mti6mza6mty
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07e23ede2756aa3f5f7cc9759117c4910875e032c27b8556a1e20626224f10ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 09 Mar 2023 12:30:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS, MISS
paypal-debug-id
f97265257f0cf
server-timing
"traceparent;desc="00-0000000000000000000f97265257f0cf-4949fa1b1c558c5b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
57
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220056-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f97265257f0cf-57c2c44ce705c7d0-01
x-timer
S1678365017.840436,VS0,VE208
etag
W/"28-EKNGN61mHZi6M0Rxdlb8x2IJwvg"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
accept-ranges
bytes
x-cache-hits
0, 0
hash
www.paypal.com/credit-presentment/experiments/ Frame 8447 		40 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_6c03ce9144_mti6mza6mty
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07e23ede2756aa3f5f7cc9759117c4910875e032c27b8556a1e20626224f10ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUlNja3ZqbEdjbExDSmdMY1JUN0N5Rl9RTTh3T0dEbklmbzVmV2tsSnlLV1FFbWozN3JsSy1ubEhnYXRFcFppWGljV2hVbWs3d3NJWmhGSCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZGVfREUmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2dqcmJkbnp1Y252YnZxaXNtbnZ0bmh2cWVqcmZ2In19&env=production&scriptUID=uid_kgjrbdnzucnvbvqismnvtnhvqejrfv&version=1.40.2&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 09 Mar 2023 12:30:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS, MISS
paypal-debug-id
f9726528bfeb8
server-timing
"traceparent;desc="00-0000000000000000000f9726528bfeb8-b4c9c2d1371bc4f3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
57
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220056-HHN, cache-fra-eddf8230045-FRA
traceparent
00-0000000000000000000f9726528bfeb8-7c79092af2c5a226-01
x-timer
S1678365017.883246,VS0,VE210
etag
W/"28-EKNGN61mHZi6M0Rxdlb8x2IJwvg"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
accept-ranges
bytes
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame A253 		0
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 8447 		0
0
logger
www.paypal.com/xoplatform/logger/api/ 		1017 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&locale=de_DE&currency=EUR&intent=capture&enable-funding=paylater,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad37c22ca630b0671120dc3aca488725bfd68387f588bed233f7e48445e3f6b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://ars-vobiscum.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/json

Response headers

date
Thu, 09 Mar 2023 12:30:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f9726525c44a6
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220057-HHN, cache-fra-eddf8230023-FRA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f9726525c44a6-c6f9280edbeaac60-01
x-timer
S1678365017.325538,VS0,VE211
etag
W/W/"3f9-g1NxZ/JLXMOnTiiGC4X6w9nsD9k"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ars-vobiscum.media
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ars-vobiscum.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Full
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://ars-vobiscum.media
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 09 Mar 2023 12:30:17 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f972652bcb7d8
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f972652bcb7d8-ddbcca7307e4035e-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-hhn-etou8220076-HHN, cache-fra-eddf8230023-FRA
x-timer
S1678365017.058174,VS0,VE259
logger
www.paypal.com/xoplatform/logger/api/ 		1015 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARSckvjlGclLCJgLcRT7CyF_QM8wOGDnIfo5fWklJyKWQEmj37rlK-nlHgatEpZiXicWhUmk7wsIZhFH&commit=true&currency=EUR&enable-funding=paylater,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abf5824005405e3c15b3b4c4ee16eb073b6cb7cf548ada8eabf54ac4530db49d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://ars-vobiscum.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/json

Response headers

date
Thu, 09 Mar 2023 12:30:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f97265230a67e
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220068-HHN, cache-fra-eddf8230023-FRA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f97265230a67e-fe6d122852f462c8-01
x-timer
S1678365017.241988,VS0,VE265
etag
W/W/"3f7-wVsxwYuRzx6d/e6d5OvOvgSnxPc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ars-vobiscum.media
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ars-vobiscum.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Full
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://ars-vobiscum.media
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 09 Mar 2023 12:30:17 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f972652eca432
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f972652eca432-59b95d5a16b7e901-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-hhn-etou8220066-HHN, cache-fra-eddf8230023-FRA
x-timer
S1678365017.058151,VS0,VE176

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger
Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| features boolean| sasShowOnProductCard boolean| sasPreviewVariantOnHover boolean| sasShowOnOffCanvasCart boolean| sasShowOnCartPage boolean| sasShowOnCheckoutConfirmPage boolean| useDefaultCookieConsent string| activeNavigationId object| router string| storeApiProxyToken string| salesChannelId object| breakpoints object| csrf number| customerLoggedInState number| wishlistEnabled object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| picturefillCFG function| picturefill function| $ function| jQuery function| PluginConfigManager function| PluginManager function| PluginBaseClass function| Hammer function| flatpickr object| eventEmitter function| storeApiClient function| Feature object| L function| Shariff object| sendcloud number| tnsId function| moorlFoundationModal object| __post_robot_11_0_0___uid_kgjrbdnzucnvbvqismnvtnhvqejrfv object| __zoid_10_1_0___uid_kgjrbdnzucnvbvqismnvtnhvqejrfv object| __post_robot_11_0_0___uid_cepbhtvlqqrpfxmisejljfrdcclpzf object| __zoid_10_1_0___uid_cepbhtvlqqrpfxmisejljfrdcclpzf object| paypalDDL

12 Cookies

Domain/Path Name / Value
ars-vobiscum.media/ Name: session-
Value: 7b8016a51a700f2427ea273c63cf92a2
ars-vobiscum.media/ Name: csrf[frontend.wishlist.product.merge]
Value: 236fbe3.pkEd9b2vqBiEkB7hSc5eNcWo6AzkSxlIwJMmDMlblHM.4nNKocj33Hnd9FOJKJhvY4jB3DmLP0AptqJkVL8P0j_gM1CS3v7afsbXUw
ars-vobiscum.media/ Name: csrf[frontend.wishlist.product.merge.pagelet]
Value: 015a16949853.K74G4qkMM9weJybHv7xSzZS7eU1LMw-oysIwalAVMYs.WulyvZl9Ur1tbWe1ztQbvuLwFxV8Wl_vnLgdASJvQul4-jCr-m9rtippcw
ars-vobiscum.media/ Name: csrf[frontend.checkout.line-item.add]
Value: fb100b011a223880c9e6bfc46d1388c.3omzhDkWyOEyZO42jYvZj0sBzMm8QzhbzHZz1iHRE-8.krzs6ndwoYdoDN13z-K9_npxmbnTNEIZoz4pkWi9XbCMwN3VZi6Ll3Mwvw
ars-vobiscum.media/ Name: csrf[frontend.wishlist.product.add]
Value: be9acadf5f0fc0f.TmJk8wNzhkwtYjt4acJ1z-AWijXTSh2LPlpPE8UoXDs.PwM3xXlEtR1_VFMoA5MNudFHs2aKBnnlSQ0XY_xdCGEDNRGrMAnIFFcxUA
ars-vobiscum.media/ Name: csrf[frontend.wishlist.product.remove]
Value: c7e6fd62903bebc3877be2.VVA48qss2ZYWzgallzvs4wAGjIC5zL7Cc4_2X0xm0nE.MAEJiu5Vjc5whn7O_gLbmnBQwt_zo_GJQL-9OnUthAcDKVWCxG-b3iL6Qw
ars-vobiscum.media/ Name: csrf[frontend.account.login]
Value: a2c3cbb10.qGYVrdkyzEynwTquTdV8kxPlsVC8fJoK7TRJkIcZY1E.5TMl_p90_QPlu3n0AZsV_EyAyBvJS-tInmw6oN1sVjPfE0_sm2C8GZ-WTQ
ars-vobiscum.media/ Name: csrf[frontend.product.reviews]
Value: 07feee2a96e15d8.Do9RMyCXIfJGMX4MqykyIgBVNuLNlk6WQgOu4l2dWic.T9A_S0ntTbN1AD1Y2mULVTNsQJqg2A3GF3fdtGz6DU89wzp0QaMRsC0IMw
ars-vobiscum.media/ Name: csrf[frontend.store-api.proxy]
Value: 5060782fc4.yYEfJRzSA1HtXAobr_VBs-4WRYOdbPaQsjd-glAbMXA.nssubzGkYGSBEk5K_KN16YQhCtrqHrOo2XAT7wVPQzeR-V5LMYB0NZdoZQ
ars-vobiscum.media/ Name: timezone
Value: Etc/Unknown
.paypal.com/ Name: ts
Value: vreXpYrS%3D1773055816%26vteXpYrS%3D1678366816%26vr%3Dc659c3411860a5710ca0157bffffffff%26vt%3Dc659c3411860a5710ca0157bfffffffe
.paypal.com/ Name: ts_c
Value: vr%3Dc659c3411860a5710ca0157bffffffff%26vt%3Dc659c3411860a5710ca0157bfffffffe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ars-vobiscum.media
cdn.shopify.com
das-impfbuch.eu
embed.sendcloud.sc
t.paypal.com
www.paypal.com
www.paypal.com
108.156.60.28
151.101.65.21
192.229.221.25
23.227.60.200
77.244.253.148
85.13.138.188
07e23ede2756aa3f5f7cc9759117c4910875e032c27b8556a1e20626224f10ec
092c4f27488889c785b77ba98c9c28e1bb836e77c252d8bf77e9c7cfcbc7d519
09d4438d340ad5aed04ec09268afd25de42373893463df0df84306511fba2ddc
0ca9a7725f2abe35a1afe3077fe22228dd3b639da06e7f9fe840f2a61aac30f7
1275df0a5329c04f38ca0c646b717b6c5a0083fe9289d7e523daf61d9ade81c2
14b6f563744f176df1a746f53ad3a25d9effcb7bf9ffeba3ed534fb83bf905fe
16fb20dfe6cdd2b57559dbe79abbf77b2ec5f7d84a26692732870de8bfc5aa84
1d95e657233629d52266f42061e4ba87f28c166eafeb980659431b24ade702d2
20fd98b18d523471ae687971086817766649ce25f32e438d14711561a95bc9e9
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2fd72fbdfe0fea8939cd95b9729e55cbda355868be222125345e623b3b3c1c63
3a35915a7610b2d0d93c28c482a11f460c1b465aed50a15abf7e30802c724c4e
48422e13a976b14abc306f50fa70938e7b83f0b9b7a99ad34f1e865c10e3a3d9
54b81f9de5a85c8755771be7b864d44851b36c46faccf7d7edf8d2a4df0a4c54
5a77ec210510995edc29839585c0317e50e6f5a6f2942d5910111ca459793004
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
732703ae6fbff9108df105187da531c48e1268d476dc7420abcb9e3ee9de0330
77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de
82deda7d148c3e4f48dfb06daf0c8cfa3d7f93ff7c7f80712ab6b4820c133146
8587b72908a6d4c66a14660071dd4d4fb98912e7fce3303ce52fac18d9909dc1
8e7aa5da16d257b623d0eba796f74e723081d2d8e8f032c431644b77cce79462
95c5c563b974f197ed5c62daaed23524fd639564a5ec5a27122658f3b4584e0e
a15ab037512ad6475d61b1c011399cf35c52f7f30e4d1f461bf523287694a654
a34ff431b4902f84d1ccc40c1b31a090cdc6eeee3e9279c4c6dc0dfb6f9bf7ce
abf5824005405e3c15b3b4c4ee16eb073b6cb7cf548ada8eabf54ac4530db49d
ad37c22ca630b0671120dc3aca488725bfd68387f588bed233f7e48445e3f6b4
b8bd07d3d3402af87416db62d127d3af763f4930a1e91d5cd82b4bc2dff1f37b
e375170d26c3049ae470a559530b705b9cf8413b4b064c76c835d608b7495178
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bb1331830a18e2504d966f1fa931e711cad726e454722f324d63534cec97d9