Submitted URL: http://mann-entfrosten.de/
Effective URL: https://www.mann-entfrosten.de/
Submission: On April 15 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 58 HTTP transactions. The main IP is 85.13.141.160, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.mann-entfrosten.de.
TLS certificate: Issued by R3 on April 13th 2023. Valid for: 3 months.
This is the only time www.mann-entfrosten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 mann-entfrosten.de
mann-entfrosten.de
www.mann-entfrosten.de
249 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
857 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
74 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
jnn-pa.googleapis.com — Cisco Umbrella Rank: 226
32 KB
4 amazonaws.com
klicktipp.s3.amazonaws.com — Cisco Umbrella Rank: 844872
41 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 974
trc.taboola.com — Cisco Umbrella Rank: 693
trc-events.taboola.com — Cisco Umbrella Rank: 1900
20 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
static.doubleclick.net — Cisco Umbrella Rank: 260
1 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2574
tr.outbrain.com — Cisco Umbrella Rank: 2494
7 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
136 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 241
4 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
50 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
58 13
Domain Requested by
17 www.mann-entfrosten.de www.mann-entfrosten.de
10 www.youtube.com www.mann-entfrosten.de
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 klicktipp.s3.amazonaws.com www.mann-entfrosten.de
klicktipp.s3.amazonaws.com
2 trc-events.taboola.com cdn.taboola.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.facebook.com www.mann-entfrosten.de
2 tr.outbrain.com amplify.outbrain.com
www.mann-entfrosten.de
2 connect.facebook.net www.mann-entfrosten.de
connect.facebook.net
2 mann-entfrosten.de 2 redirects
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com www.mann-entfrosten.de
1 amplify.outbrain.com www.mann-entfrosten.de
1 fonts.googleapis.com www.mann-entfrosten.de
58 20
Subject Issuer Validity Valid
mann-entfrosten.de
R3
2023-04-13 -
2023-07-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-22 -
2023-04-22
3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-09 -
2024-02-11
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh
*.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.mann-entfrosten.de/
Frame ID: 3C417B54910537E73045164069DA1705
Requests: 31 HTTP requests in this frame

Frame: https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
Frame ID: EC821951454F4D0E699E2D03EC57606D
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Frame ID: 39711717B64F8CE0F035D85D4FFDC46D
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Mann Entfrosten

Page URL History Show full URLs

  1. http://mann-entfrosten.de/ HTTP 301
    https://mann-entfrosten.de/ HTTP 301
    https://www.mann-entfrosten.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

67 %
IPv6

13
Domains

20
Subdomains

19
IPs

3
Countries

1485 kB
Transfer

5058 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mann-entfrosten.de/ HTTP 301
    https://mann-entfrosten.de/ HTTP 301
    https://www.mann-entfrosten.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.mann-entfrosten.de/
Redirect Chain
  • http://mann-entfrosten.de/
  • https://mann-entfrosten.de/
  • https://www.mann-entfrosten.de/
32 KB
8 KB
Document
General
Full URL
https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
9dad618a99fd87666258acc3f0bc1f6fa484d4983af932403ec9e1b09dff2460

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Apr 2023 12:44:18 GMT
link
<https://www.mann-entfrosten.de/wp-json/>; rel="https://api.w.org/", <https://www.mann-entfrosten.de/>; rel=shortlink
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 15 Apr 2023 12:44:18 GMT
location
https://www.mann-entfrosten.de/
server
Apache
vary
User-Agent
style.min.css
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/pages/marketing/1/
50 KB
11 KB
Stylesheet
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/pages/marketing/1/style.min.css?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
dd5d722a9f1e72689d15c266f8da4f28032518b8556410d2cd9629ccd064d0bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
etag
"c953-5b6aeb6452c14-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
10752
default.min.css
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/
397 KB
52 KB
Stylesheet
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/default.min.css?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
de8e4657255e798fffe3237564dbe11db135cabdb291c1d282c2326046977dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:41 GMT
server
Apache
etag
"635a3-5b6aeb6435757-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
53234
jquery.js
www.mann-entfrosten.de/wp-includes/js/jquery/
95 KB
32 KB
Script
General
Full URL
https://www.mann-entfrosten.de/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Sat, 18 Apr 2020 17:41:04 GMT
server
Apache
etag
"17a6a-5a3942b82fcea-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
32865
jquery-migrate.min.js
www.mann-entfrosten.de/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.mann-entfrosten.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Tue, 09 May 2017 19:22:04 GMT
server
Apache
etag
"2748-54f1c454f2dbd-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
3826
op-jquery-base-all.min.js
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/
51 KB
15 KB
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/op-jquery-base-all.min.js?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
0a6a86dd384b82a40acd38079ab83cf9a386338974a62184cca0bca2e5a1dad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
etag
"cd9f-5b6aeb644ce55-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
15741
flowplayer.min.js
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/modules/blog/video/flowplayer/
146 KB
47 KB
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/modules/blog/video/flowplayer/flowplayer.min.js?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
d96606ab0f5f5514c6a04e1e7959640d6851a62e495688b648ab2e9d1347b755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:41 GMT
server
Apache
etag
"248ba-5b6aeb6400b9b-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
47758
op-video-all.min.js
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/
76 KB
20 KB
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/op-video-all.min.js?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
e8644cbf656efae1c6683425d6a7ad875f48f01927a3744e403f59f1fb9d831c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
etag
"12f42-5b6aeb644ddf5-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
20454
si_captcha.js
www.mann-entfrosten.de/wp-content/plugins/si-captcha-for-wordpress/captcha/
685 B
407 B
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1681562658
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Tue, 09 May 2017 19:22:03 GMT
server
Apache
etag
"2ad-54f1c454df53f-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
311
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:300,r,i,b,bi
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1fc07649476e2be325b32473146e67aeff9508458f79e24f37a0c826a1e53c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Apr 2023 12:44:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Apr 2023 12:44:18 GMT
855248B2-E195-473A-B40C-00097F8EA446-14854-00000913B5EB090D-225x300.gif
www.mann-entfrosten.de/wp-content/uploads/2020/04/
37 KB
37 KB
Image
General
Full URL
https://www.mann-entfrosten.de/wp-content/uploads/2020/04/855248B2-E195-473A-B40C-00097F8EA446-14854-00000913B5EB090D-225x300.gif
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
4458e162e5024ccb5047fd89975c0f4972bb794727f1089b3b16be444241d2c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
last-modified
Sun, 19 Apr 2020 12:57:27 GMT
server
Apache
accept-ranges
bytes
etag
"9574-5a3a45310f794"
content-length
38260
content-type
image/gif
live_search.min.js
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/
3 KB
1023 B
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/live_search.min.js?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
6baf67f6e2aa9fef5c7deda2ea451f7e569dd87e100401b4559707cb2ad551b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
etag
"dd1-5b6aeb644ddf5-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
970
comment-reply.min.js
www.mann-entfrosten.de/wp-includes/js/
1 KB
563 B
Script
General
Full URL
https://www.mann-entfrosten.de/wp-includes/js/comment-reply.min.js?ver=4.7.25
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 21:58:04 GMT
server
Apache
etag
"434-5c009f532b8fa-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
488
wp-embed.min.js
www.mann-entfrosten.de/wp-includes/js/
1 KB
688 B
Script
General
Full URL
https://www.mann-entfrosten.de/wp-includes/js/wp-embed.min.js?ver=4.7.25
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 21:58:04 GMT
server
Apache
etag
"56a-5c009f532b8fa-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
636
op-front-all.min.js
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/
63 KB
18 KB
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/op-front-all.min.js?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
819fc7cf6950a71ed92dd0620f5edf8c0d3d2179a6b55415ef653703b0e8ff6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
etag
"fccf-5b6aeb6448fd5-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
18158
menus.min.js
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/
352 B
227 B
Script
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/js/menus.min.js?ver=2.5.24
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
0a9fb050b2e7f402613dfeaa848cc13162dc0cb709b2ab983442b9d9893bec6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
br
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
etag
"160-5b6aeb644beb5-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
175
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 15 Apr 2023 12:44:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
TcZBhwFREkzXAT0Ay1DcHcFQKgIF+aKkC9zU+VAju/0jxKeOPoe0iQFaR/KApQLDXQJCAAfyd5X3VltOzZ67ag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/
22 KB
7 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 12:44:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Apr 2023 09:41:56 GMT
Server
AkamaiNetStorage
ETag
"838e9c2ec6e148b2af141d9d77d0f660:1680601866.61769"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6771
Expires
Sat, 15 Apr 2023 13:04:18 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1300307/
58 KB
18 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1300307/tfa.js
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac445f6b3b79541ba9cf9d0f61064265678566b2d2ec8269d8a5521921aa2702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
oXQnCl.LemJlQfxy.l9mriCYrgY46YV0
content-encoding
gzip
via
1.1 varnish
date
Sat, 15 Apr 2023 12:44:18 GMT
x-amz-request-id
XG965REAHHEVWVAA
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18205
x-amz-id-2
Uo+yFZ8Y1zu3+7obN/iO66kHJJQ7NA1w6oEg3PHFWzEHQ9uFxrpgNmSsXZqO6pvecrwzt6NaPfg=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Sun, 09 Apr 2023 11:24:59 GMT
server
AmazonS3
x-timer
S1681562658.460813,VS0,VE107
etag
"0d2add44f35d3bd6048a02f4708fe61f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
4s7az44ilz8zfe93.html
klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/ Frame EC82
15 KB
16 KB
Document
General
Full URL
https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f86d2274b8d40baf8876172e3a26881673b49b2fded62c2c8560e2f048e418d4

Request headers

Referer
https://www.mann-entfrosten.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
15579
Content-Type
text/html
Date
Sat, 15 Apr 2023 12:44:19 GMT
ETag
"77db83c711fa771979579528e006162c"
Expires
Fri, 02 Jan 1970
Last-Modified
Fri, 24 Apr 2020 21:03:12 GMT
Server
AmazonS3
X-Robots-Tag
noindex, nofollow
x-amz-id-2
1Tf3o/wiOFykOxCpNkI18yCCc8uhFuwS7IbklrmEXRiLDz4GQn5SpO2VZBEyr85BhavwYZ9v3rA=
x-amz-request-id
R85F2R1GBP8P8PYR
x-amz-version-id
FrnHg2YBpiXZYawJrVv2g9WLGX2rGS2m
TlfjlnO8nMw
www.youtube.com/embed/ Frame 3971
72 KB
31 KB
Document
General
Full URL
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b84c54ee0c4f57f41bb04dfcbcdb9819ffc572c8fadb88814394f6074994f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mann-entfrosten.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Apr 2023 12:44:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
style-9.png
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/images/divider/
1 KB
1 KB
Image
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/images/divider/style-9.png
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/default.min.css?ver=2.5.24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
2db90f0b7c78a83a3969d21e28f998956861f0d7acd3111c9b9b9571009d4084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/default.min.css?ver=2.5.24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
last-modified
Thu, 17 Dec 2020 20:19:41 GMT
server
Apache
accept-ranges
bytes
etag
"4db-5b6aeb64059ba"
content-length
1243
content-type
image/png
search-icon.png
www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/images/
406 B
454 B
Image
General
Full URL
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/images/search-icon.png
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/default.min.css?ver=2.5.24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.141.160 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd21720.kasserver.com
Software
Apache /
Resource Hash
19050ffc427e337593a597e2c5391095e541244707c26ea6dd43e44c183a8c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/wp-content/themes/optimizePressTheme/lib/assets/default.min.css?ver=2.5.24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:18 GMT
last-modified
Thu, 17 Dec 2020 20:19:42 GMT
server
Apache
accept-ranges
bytes
etag
"196-5b6aeb6440336"
content-length
406
content-type
image/png
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:300,r,i,b,bi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mann-entfrosten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 05:13:05 GMT
x-content-type-options
nosniff
age
27073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Apr 2024 05:13:05 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:300,r,i,b,bi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mann-entfrosten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:05 GMT
x-content-type-options
nosniff
age
353593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:05 GMT
608451789881936
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/608451789881936?v=2.9.101&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07b8ad3f0fa0bead34258eb51e080b91f589b97b685277ec196964535b22e749
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 15 Apr 2023 12:44:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
250wZq+YskjgZAqn2O0YS/yflR94RuDlc400KEjtjr/VeskWC3tj/nm/ljtmMoQir194Y8YNhskP6A8VLrKkWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
cachedClickId
tr.outbrain.com/
35 B
194 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=002435f0dba44f9f7e8ee7ba047d2e2398
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 12:44:18 GMT
X-TraceId
e00c7e860e1c3d24e26f8bd407b79335
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/
53 B
225 B
Image
General
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08293105880845402&referrer=&marketerId=002435f0dba44f9f7e8ee7ba047d2e2398&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.mann-entfrosten.de%2F&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 12:44:18 GMT
Cache-Control
no-cache
X-TraceId
4770afede07b8213e6127af54ab4d064
Content-Length
53
Content-Type
image/gif;
json
trc.taboola.com/1300307/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1300307/trc/3/json?tim=1681562658587&data=%7B%22id%22%3A735%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681562658578%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.mann-entfrosten.de%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jonasmann-entfrostende%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681562658586%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.mann-entfrosten.de%2F%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1300307/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a77d82095d0e83ff2a011c118d0858ed218136d1afce66dcebef6295a6f2ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-vcl-time-ms
25
date
Sat, 15 Apr 2023 12:44:18 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230045-FRA
server
nginx
x-timer
S1681562659.604896,VS0,VE25
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
www-player.css
www.youtube.com/s/player/36754c51/ Frame 3971
399 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/36754c51/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 11:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51993
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Apr 2024 11:58:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3971
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:08 GMT
x-content-type-options
nosniff
age
353590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3971
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:40:37 GMT
x-content-type-options
nosniff
age
72221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 16:40:37 GMT
www-embed-player.js
www.youtube.com/s/player/36754c51/www-embed-player.vflset/ Frame 3971
349 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110882
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Apr 2024 12:37:47 GMT
base.js
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 3971
2 MB
619 KB
Script
General
Full URL
https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
86880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
633325
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Apr 2024 12:36:18 GMT
fetch-polyfill.js
www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/ Frame 3971
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 11:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Apr 2024 11:05:09 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=608451789881936&ev=PageView&dl=https%3A%2F%2Fwww.mann-entfrosten.de%2F&rl=&if=false&ts=1681562658727&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681562658725.918954875&it=1681562658489&coo=false&rqm=GET
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 15 Apr 2023 12:44:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
id
googleads.g.doubleclick.net/pagead/ Frame 3971
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4188c3a25afe2469097ec9721ae0989e100a90eae94e4a6843005f4543421c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 15 Apr 2023 12:44:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3971
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:36:08 GMT
x-content-type-options
nosniff
age
491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 12:51:08 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 15 Apr 2023 12:44:19 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3971
66 KB
31 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b78b81dcfbb3e21a189e3f8905b22490c971372c49ebcbb1baae3b692a9e351e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31223
x-xss-protection
0
remote.js
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 3971
116 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 02:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
37792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36566
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Apr 2024 02:14:27 GMT
Q7HKpAo5xAdI8hJakOcHWgfuIV1tfxiK6LUilzZiPbM.js
www.google.com/js/th/ Frame 3971
36 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/Q7HKpAo5xAdI8hJakOcHWgfuIV1tfxiK6LUilzZiPbM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43b1caa40a39c40748f2125a90e7075a07ee215d6d7f188ae8b5229736623db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14384
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 12:03:54 GMT
sddefault.jpg
i.ytimg.com/vi/TlfjlnO8nMw/ Frame 3971
49 KB
50 KB
Image
General
Full URL
https://i.ytimg.com/vi/TlfjlnO8nMw/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGHIgXChAMA8=&rs=AOn4CLABZZlnYXmRWnYI1e2t6mdPdN5ufQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0243552a1c868334fba3de0814f4d28fd98d5465e7d1ee6a02d86aafa9bff666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50480
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Apr 2023 14:44:19 GMT
embed.js
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 3971
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9035
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Apr 2024 12:43:35 GMT
truncated
/ Frame 3971
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
arOknyCnU-K0KfFHE86k-yQtYpK1o5oJ-suhAlPeZTt3kdeI46OGJHeFbUeKE0evz6-VTXFXVA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3971
3 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/arOknyCnU-K0KfFHE86k-yQtYpK1o5oJ-suhAlPeZTt3kdeI46OGJHeFbUeKE0evz6-VTXFXVA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dfcb0b6a81551bcd71120af74ad3e236cf2e0ada6b46f07505ad51f0b7fe351d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3431
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 16 Apr 2023 12:44:19 GMT
chicklet.js
klicktipp.s3.amazonaws.com/userimages/177051/chicklet/ Frame EC82
253 B
855 B
Script
General
Full URL
https://klicktipp.s3.amazonaws.com/userimages/177051/chicklet/chicklet.js
Requested by
Host: klicktipp.s3.amazonaws.com
URL: https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2e37e7ae5489607f965b027f74c8b2b31ccd7f3b08d3f3ea9dc38ccfe6d57b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 12:44:20 GMT
x-amz-version-id
eIN_P1GUFlBNC6v1zeY_9kxNGekYKB0_
Last-Modified
Mon, 10 Apr 2023 18:00:58 GMT
Server
AmazonS3
x-amz-request-id
F40CXN1Z4N30A1QB
ETag
"0075bb2202136cebef063bcfe73e666f"
x-amz-server-side-encryption
AES256
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
253
x-amz-id-2
BDELGyzOSPyFRjITrqWEh8U8hHSmjV058RMK8sK0AowWUvyG2a2zJTa6MoYRzs9v9Duph4Qwuzs=
Expires
Fri, 02 Jan 1970
4s7az44ilz8zfe93.html
klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/ Frame EC82
15 KB
15 KB
Image
General
Full URL
https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
Requested by
Host: klicktipp.s3.amazonaws.com
URL: https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 12:44:20 GMT
x-amz-version-id
FrnHg2YBpiXZYawJrVv2g9WLGX2rGS2m
Last-Modified
Fri, 24 Apr 2020 21:03:12 GMT
Server
AmazonS3
x-amz-request-id
F409D3ZP1F000PAA
ETag
"77db83c711fa771979579528e006162c"
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
15579
x-amz-id-2
HYCsrFiGre00aGWPAfmD4KeqLoTxRz9xoGoexIkhhzBkwEHlbO+6yEbC7DKn9HV4IPqqvsQGDY0=
Expires
Fri, 02 Jan 1970
form_continue_medium_orange_swoosh.png
klicktipp.s3.amazonaws.com/userimages/system/forms/buttons/ Frame EC82
9 KB
9 KB
Image
General
Full URL
https://klicktipp.s3.amazonaws.com/userimages/system/forms/buttons/form_continue_medium_orange_swoosh.png
Requested by
Host: klicktipp.s3.amazonaws.com
URL: https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdda41ce0fd587b0a270734a582315d443d9d3fa04ae803feaadc816e3d19c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://klicktipp.s3.amazonaws.com/userimages/177051/forms/206055/4s7az44ilz8zfe93.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 12:44:20 GMT
x-amz-version-id
null
Last-Modified
Mon, 18 Jan 2016 13:33:59 GMT
Server
AmazonS3
x-amz-request-id
F409NVFA6BFXCEW4
ETag
"9ce081a85817e25fa8645c6f1d55abdc"
Content-Type
image/png
x-amz-meta-s3fox-filesize
8756
x-amz-meta-s3fox-modifiedtime
1444914962000
Accept-Ranges
bytes
Content-Length
8756
x-amz-id-2
ipp3yrxnN/LtZ7EICQ5fFYcu0t83Sc5nHy1ytD+TMC9lb6x5rvUcOHPFQ7axjvy1SQQ5XVm3WHY=
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3971
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 12:44:19 GMT
generate_204
www.youtube.com/ Frame 3971
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?hFUMQg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 15 Apr 2023 12:44:19 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3971
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fb3769f1b4ed3b153daa6aa6b4f75f32d6dc029af06aa59ec0235a605e8dc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 15 Apr 2023 12:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=608451789881936&ev=Microdata&dl=https%3A%2F%2Fwww.mann-entfrosten.de%2F&rl=&if=false&ts=1681562659386&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mann%20Entfrosten%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mann-entfrosten.de%2F%22%2C%22og%3Atitle%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681562658725.918954875&it=1681562658489&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mann-entfrosten.de
URL: https://www.mann-entfrosten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 15 Apr 2023 12:44:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/112/ Frame 3971
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 13:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 15 Apr 2023 13:19:30 GMT
unip
trc-events.taboola.com/1300307/log/3/
0
252 B
XHR
General
Full URL
https://trc-events.taboola.com/1300307/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1681562658580&ver=36&isls=true&src=i&invt=1500&msa=1218&rv=1&tim=1681562660137&vi=1681562658578&ri=0c3baa1a6c626fa237afae7ed9348b0c&ref=null&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fwww.mann-entfrosten.de%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1300307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin
https://www.mann-entfrosten.de
pragma
no-cache
date
Sat, 15 Apr 2023 12:44:20 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
log_event
www.youtube.com/youtubei/v1/ Frame 3971
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
X-Goog-Request-Time
1681562661471
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
X-YouTube-Client-Version
1.20230411.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs3Q3BZSkdyOU16TSiiuOqhBg%3D%3D
X-YouTube-Ad-Signals
dt=1681562658788&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 15 Apr 2023 12:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 15 Apr 2023 12:44:21 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 3971
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
X-Goog-Request-Time
1681562661481
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/TlfjlnO8nMw?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=0&vq=&rel=0
X-YouTube-Client-Version
1.20230411.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs3Q3BZSkdyOU16TSiiuOqhBg%3D%3D
X-YouTube-Ad-Signals
dt=1681562658788&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 15 Apr 2023 12:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 15 Apr 2023 12:44:21 GMT
unip
trc-events.taboola.com/1300307/log/3/
0
251 B
XHR
General
Full URL
https://trc-events.taboola.com/1300307/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1681562658580&ver=36&isls=true&src=i&invt=3000&msa=1218&rv=1&tim=1681562663138&vi=1681562658578&ri=0c3baa1a6c626fa237afae7ed9348b0c&ref=null&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fwww.mann-entfrosten.de%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1300307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mann-entfrosten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin
https://www.mann-entfrosten.de
pragma
no-cache
date
Sat, 15 Apr 2023 12:44:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| fbq function| _fbq function| obApi object| _tfa object| _wpemojiSettings undefined| $ function| jQuery object| OptimizePress function| opjq function| checkJqueryVersion function| loadOldjQueryVersion function| deleteJquery object| jQuery11240573169209065111 function| flowplayer function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| initVideoPlayerFullscreenYoutubeElements function| getVideoId function| onYouTubeIframeAPIReady object| mejs object| op_yt_player object| op_url_player function| MediaElement function| MediaElementPlayer function| si_captcha_refresh string| ajaxUrl object| addComment object| wp function| selectnav boolean| isMobile boolean| isIframe function| Dropkick function| Stellar function| op_show_loading function| op_hide_loading function| dropkickListener function| apiObj function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: bL2eNK4wK-g
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 7CpYJGr9MzM
.mann-entfrosten.de/ Name: _fbp
Value: fb.1.1681562658725.918954875
www.mann-entfrosten.de/ Name: outbrain_cid_fetch
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
klicktipp.s3.amazonaws.com
mann-entfrosten.de
static.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google.com
www.gstatic.com
www.mann-entfrosten.de
www.youtube.com
yt3.ggpht.com
141.226.228.48
151.101.1.44
2.19.229.53
2a00:1450:4001:800::2006
2a00:1450:4001:806::2016
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.217.38.4
64.202.112.95
85.13.141.160
0243552a1c868334fba3de0814f4d28fd98d5465e7d1ee6a02d86aafa9bff666
07b8ad3f0fa0bead34258eb51e080b91f589b97b685277ec196964535b22e749
0a6a86dd384b82a40acd38079ab83cf9a386338974a62184cca0bca2e5a1dad3
0a9fb050b2e7f402613dfeaa848cc13162dc0cb709b2ab983442b9d9893bec6e
0b84c54ee0c4f57f41bb04dfcbcdb9819ffc572c8fadb88814394f6074994f1e
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
19050ffc427e337593a597e2c5391095e541244707c26ea6dd43e44c183a8c11
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b
2db90f0b7c78a83a3969d21e28f998956861f0d7acd3111c9b9b9571009d4084
2e37e7ae5489607f965b027f74c8b2b31ccd7f3b08d3f3ea9dc38ccfe6d57b8c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4188c3a25afe2469097ec9721ae0989e100a90eae94e4a6843005f4543421c90
43b1caa40a39c40748f2125a90e7075a07ee215d6d7f188ae8b5229736623db3
4458e162e5024ccb5047fd89975c0f4972bb794727f1089b3b16be444241d2c1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
6baf67f6e2aa9fef5c7deda2ea451f7e569dd87e100401b4559707cb2ad551b9
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7fb3769f1b4ed3b153daa6aa6b4f75f32d6dc029af06aa59ec0235a605e8dc85
819fc7cf6950a71ed92dd0620f5edf8c0d3d2179a6b55415ef653703b0e8ff6a
87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a
9a77d82095d0e83ff2a011c118d0858ed218136d1afce66dcebef6295a6f2ad5
9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd
9dad618a99fd87666258acc3f0bc1f6fa484d4983af932403ec9e1b09dff2460
a1fc07649476e2be325b32473146e67aeff9508458f79e24f37a0c826a1e53c5
ac445f6b3b79541ba9cf9d0f61064265678566b2d2ec8269d8a5521921aa2702
b78b81dcfbb3e21a189e3f8905b22490c971372c49ebcbb1baae3b692a9e351e
bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
cdda41ce0fd587b0a270734a582315d443d9d3fa04ae803feaadc816e3d19c90
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d96606ab0f5f5514c6a04e1e7959640d6851a62e495688b648ab2e9d1347b755
dd5d722a9f1e72689d15c266f8da4f28032518b8556410d2cd9629ccd064d0bb
de8e4657255e798fffe3237564dbe11db135cabdb291c1d282c2326046977dd1
dfcb0b6a81551bcd71120af74ad3e236cf2e0ada6b46f07505ad51f0b7fe351d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8644cbf656efae1c6683425d6a7ad875f48f01927a3744e403f59f1fb9d831c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f86d2274b8d40baf8876172e3a26881673b49b2fded62c2c8560e2f048e418d4
f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f