urlscan.io logo urlscan.io
SecurityTrails logo

barbara-heuser-singer.de Open in urlscan Pro
::ffff:a123:c181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.barbara-heuser-singer.de/
Effective URL: https://barbara-heuser-singer.de/
Submission: On January 21 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 33 HTTP transactions. The main IP is ::ffff:a123:c181, located in and belongs to . The main domain is barbara-heuser-singer.de.
TLS certificate: Issued by R3 on January 21st 2021. Valid for: 3 months.
This is the only time barbara-heuser-singer.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    ::ffff:a123:c181 (None, )

ASN- ()
www.barbara-heuser-singer.de
barbara-heuser-singer.de
3    52.216.80.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
klicktipp.s3.amazonaws.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
21 barbara-heuser-singer.de barbara-heuser-singer.de
5 fonts.gstatic.com barbara-heuser-singer.de
3 klicktipp.s3.amazonaws.com barbara-heuser-singer.de
klicktipp.s3.amazonaws.com
2 www.facebook.com barbara-heuser-singer.de
connect.facebook.net
2 connect.facebook.net barbara-heuser-singer.de
connect.facebook.net
1 www.barbara-heuser-singer.de 1 redirects
33 6
Subject Issuer Validity Valid
barbara-heuser-singer.de
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://barbara-heuser-singer.de/
Frame ID: B5B5EA8CD5CC715D13EA95B149A6F9B8
Requests: 31 HTTP requests in this frame

Frame: https://klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/54tnz7l4az8z3646.html
Frame ID: D3B9D9E9588FA334BF30CCA36C2E600C
Requests: 1 HTTP requests in this frame

Frame: https://klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/54tnz7l4az8z3646.html
Frame ID: 02F803D574A6AE490880EC46BFEDC279
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.barbara-heuser-singer.de/ HTTP 301
    https://barbara-heuser-singer.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
  • html /<!-- Analytics by WP-Statistics v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
  • html /<!-- Analytics by WP-Statistics v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
  • html /<!-- Analytics by WP-Statistics v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- Analytics by WP-Statistics v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

1869 kB
Transfer

3620 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.barbara-heuser-singer.de/ HTTP 301
    https://barbara-heuser-singer.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
barbara-heuser-singer.de/
Redirect Chain
  • https://www.barbara-heuser-singer.de/
  • https://barbara-heuser-singer.de/
62 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.14 PleskLin
Resource Hash
2a7e3659dbaceb948336c775216d55ba26674b9ad04c762d17c9c236f5e6bfc4

Request headers

:method
GET
:authority
barbara-heuser-singer.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 21 Jan 2021 14:56:26 GMT
content-type
text/html; charset=UTF-8
content-length
12235
x-powered-by
PHP/7.4.14 PleskLin
vary
Accept-Encoding,Cookie
link
<https://barbara-heuser-singer.de/wp-json/>; rel="https://api.w.org/", <https://barbara-heuser-singer.de/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://barbara-heuser-singer.de/>; rel=shortlink
cache-control
max-age=86400
expires
Fri, 22 Jan 2021 14:56:23 GMT
content-encoding
gzip

Redirect headers

server
nginx
date
Thu, 21 Jan 2021 14:56:23 GMT
content-type
text/html; charset=UTF-8
content-length
0
x-powered-by
PHP/7.4.14 PleskLin
vary
Accept-Encoding,Cookie
x-redirect-by
WordPress
location
https://barbara-heuser-singer.de/
cache-control
max-age=86400
expires
Fri, 22 Jan 2021 14:56:22 GMT
autoptimize_eb957c5b98dff9b546f72d2021407a52.css
barbara-heuser-singer.de/wp-content/cache/autoptimize/css/ 		83 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-content/cache/autoptimize/css/autoptimize_eb957c5b98dff9b546f72d2021407a52.css
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8bd82d9c9dd2827036d20d0eb9d01561a4504531e7472df3156aeadd670cbcdf

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:26 GMT
content-encoding
gzip
etag
W/"5ffe8a98-14cd7"
last-modified
Wed, 13 Jan 2021 05:52:24 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30672000, public, immutable
expires
Tue, 11 Jan 2022 14:56:26 GMT
autoptimize_single_ceec915e1673a2ed1a7f18f7be58ef57.css
barbara-heuser-singer.de/wp-content/cache/autoptimize/css/ 		1 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-content/cache/autoptimize/css/autoptimize_single_ceec915e1673a2ed1a7f18f7be58ef57.css?ver=3.2.1
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
40732204f83b3f48d8020e6122ca47ee418c1a515142d2242ca400d5df7f3ba1

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:26 GMT
content-encoding
gzip
etag
W/"5ffe8a98-470"
last-modified
Wed, 13 Jan 2021 05:52:24 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30672000, public, immutable
expires
Tue, 11 Jan 2022 14:56:26 GMT
987f41ed53509f2ace183dc1ba440ea8.min.css
barbara-heuser-singer.de/wp-content/uploads/fusion-styles/ 		1 MB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
de652898a2e49d28e9cd1fa331faaa69ebf82bb8a88cca9e81c4775c8b4734fc

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:26 GMT
content-encoding
gzip
etag
W/"5fe2daab-11aab8"
last-modified
Wed, 23 Dec 2020 05:50:35 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 20 Feb 2021 14:56:26 GMT
jquery.min.js
barbara-heuser-singer.de/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:26 GMT
content-encoding
gzip
etag
W/"5fd0661f-15d98"
last-modified
Wed, 09 Dec 2020 05:52:31 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 20 Feb 2021 14:56:26 GMT
podcast-4.png
barbara-heuser-singer.de/wp-content/uploads/2020/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/09/podcast-4.png
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9e63e155355e11b19aa689a3a341fbca6bf904922acdbbf079fa24ceacb23488

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f731983-86f"
last-modified
Tue, 29 Sep 2020 11:24:51 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2159
expires
Sat, 20 Feb 2021 14:56:27 GMT
logo-akadmie-gewinner-1.png
barbara-heuser-singer.de/wp-content/uploads/2020/10/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/10/logo-akadmie-gewinner-1.png
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d1255ee3dadd50a85a1fc6c8d972091e69362d4586e84e122b5e3512eefe331d

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f8965e9-31ab"
last-modified
Fri, 16 Oct 2020 09:20:41 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12715
expires
Sat, 20 Feb 2021 14:56:27 GMT
logo-akadmie-gewinner.png
barbara-heuser-singer.de/wp-content/uploads/2020/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/10/logo-akadmie-gewinner.png
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fb2e4d89ed4f587713cf208a58c4b68050b20ba549011a93c2d5bcdb38e6e74a

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f885365-2f6e"
last-modified
Thu, 15 Oct 2020 13:49:25 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12142
expires
Sat, 20 Feb 2021 14:56:27 GMT
1603265277-600x436.png
barbara-heuser-singer.de/wp-content/uploads/2020/10/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/10/1603265277-600x436.png
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e58211f8ba0a2ab6a5c2d95027d0d0e963d150133db8a197ad49690c788abe7e

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f93f2e4-2e2dc"
last-modified
Sat, 24 Oct 2020 09:24:52 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
189148
expires
Sat, 20 Feb 2021 14:56:27 GMT
54tnz7l4az8z3646.js
klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/ 		338 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/54tnz7l4az8z3646.js
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b74e356be5abb68f25a141556867b0ad6f6fe8b7f05fccab68ce8de9a2eb2789

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 14:56:28 GMT
Last-Modified
Sun, 25 Oct 2020 19:08:40 GMT
Server
AmazonS3
x-amz-request-id
D094CECEBA857505
ETag
"601b45b8346d2a1a28844cade3826944"
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
338
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
x-amz-version-id
w85WZEy6MlaQQVbE_SBxJMGKfyYudNxx
x-amz-id-2
xjV9MdKz1k8Kcj1Dlf9uHMsXKQ+EZCx9Bweca+SnkndFvUo1++SsNMyRuhQagPP0/s4CjObz+Vw=
Expires
Fri, 02 Jan 1970
e0132b63-0042-44e3-8de1-2ff4fb8a97cd-600x450.jpeg
barbara-heuser-singer.de/wp-content/uploads/2020/03/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/03/e0132b63-0042-44e3-8de1-2ff4fb8a97cd-600x450.jpeg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
11c556a203f43970b6bf8d436f390c891665c83c61789b22d7542df143c6f575

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f74b1c2-e709"
last-modified
Wed, 30 Sep 2020 16:26:42 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
59145
expires
Sat, 20 Feb 2021 14:56:27 GMT
DSC_2433-600x900.jpg
barbara-heuser-singer.de/wp-content/uploads/2020/10/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/10/DSC_2433-600x900.jpg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
27fa99db0b6e580c0d92320803548926ac106eae44bf14bb594d7d797147bd82

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f774279-1f8a9"
last-modified
Fri, 02 Oct 2020 15:08:41 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
129193
expires
Sat, 20 Feb 2021 14:56:27 GMT
ffb66246-4ed1-4d90-bf98-d4ba19f3f694-1-600x432.jpeg
barbara-heuser-singer.de/wp-content/uploads/2020/10/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/10/ffb66246-4ed1-4d90-bf98-d4ba19f3f694-1-600x432.jpeg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a94554be0803e8f84d2f525e8cf640c11889195630e85a1e2a783a2a2599fc0c

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f897743-157b0"
last-modified
Fri, 16 Oct 2020 10:34:43 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
87984
expires
Sat, 20 Feb 2021 14:56:27 GMT
img-Produkt_Glueck2-600x375.jpg
barbara-heuser-singer.de/wp-content/uploads/2020/09/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/09/img-Produkt_Glueck2-600x375.jpg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5f52794e05906493d438360b1502c863f79fbff5c1e8dbe4f513918668de28a4

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f745c0c-50bb"
last-modified
Wed, 30 Sep 2020 10:21:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20667
expires
Sat, 20 Feb 2021 14:56:27 GMT
img-Produkt_Karriere2-600x375.jpg
barbara-heuser-singer.de/wp-content/uploads/2020/09/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/09/img-Produkt_Karriere2-600x375.jpg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
4e6e095aa8c3eee6c2bdba51b38f585f3a35c52846f2b907b532a094abbfc90c

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f745c0d-4c77"
last-modified
Wed, 30 Sep 2020 10:21:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19575
expires
Sat, 20 Feb 2021 14:56:27 GMT
autoptimize_b7c4be4d8fa395d519d369b276331cc5.js
barbara-heuser-singer.de/wp-content/cache/autoptimize/js/ 		453 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-content/cache/autoptimize/js/autoptimize_b7c4be4d8fa395d519d369b276331cc5.js
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
96d75c82fccae1e1aa06b7e06a06a471afe2cff0435afbd9b56140d2bce4a810

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
content-encoding
gzip
etag
W/"5ffe8a98-71222"
last-modified
Wed, 13 Jan 2021 05:52:24 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=30672000, public, immutable
expires
Tue, 11 Jan 2022 14:56:27 GMT
wp-emoji-release.min.js
barbara-heuser-singer.de/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
content-encoding
gzip
etag
W/"5fd0661f-37a6"
last-modified
Wed, 09 Dec 2020 05:52:31 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 20 Feb 2021 14:56:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
2FpnQKs1jMMdRDHafLvgDRmM8q1PuIzVMgo74ZoislReCySiWL9ZT54QR8XUHhx9o5WKwDIJSiGvZws9NFafeg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 21 Jan 2021 14:56:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
hit
barbara-heuser-singer.de/wp-json/wp-statistics/v2/ 		66 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-json/wp-statistics/v2/hit?_=1611240986&_wpnonce=2ab1a5c78d&wp_statistics_hit_rest=yes&browser=Chrome&platform=OS%20X&version=10.14.5&referred=https://barbara-heuser-singer.de&ip=82.102.19.136&exclusion_match=no&exclusion_reason&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&track_all=1&timestamp=1611244586&current_page_type=home&current_page_id=8&search_query&page_uri=/&user_id=0
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.14, PleskLin
Resource Hash
b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

allow
GET
date
Thu, 21 Jan 2021 14:56:28 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-powered-by
PHP/7.4.14, PleskLin
vary
Accept-Encoding,Cookie,Origin
content-type
application/json; charset=UTF-8
link
<https://barbara-heuser-singer.de/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=1209600
x-robots-tag
noindex
x-wp-nonce
2ab1a5c78d
expires
Thu, 04 Feb 2021 14:56:27 GMT
KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
fonts.gstatic.com/s/roboto/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 08:28:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
541690
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14320
x-xss-protection
0
expires
Sat, 15 Jan 2022 08:28:17 GMT
barbara-heuser-singer_header3.jpg
barbara-heuser-singer.de/wp-content/uploads/2020/10/ 		658 KB
659 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/10/barbara-heuser-singer_header3.jpg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
37b8ba65cc3b08837bbbfaafbc2356906fd61c1bd90b1745384ca11cf8ab8e29

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f7736f0-a48d3"
last-modified
Fri, 02 Oct 2020 14:19:28 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
674003
expires
Sat, 20 Feb 2021 14:56:27 GMT
icomoon.woff
barbara-heuser-singer.de/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5fe188f8-51ac"
last-modified
Tue, 22 Dec 2020 05:49:44 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20908
expires
Thu, 04 Feb 2021 14:56:27 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d0c8.woff
fonts.gstatic.com/s/raleway/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v18/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d0c8.woff
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7878bbef599ba8ab8d2b85f5c4be4d73684136b62b7a5ff99aa6f497f23304b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 12:17:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 20:46:05 GMT
server
sffe
age
9526
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20152
x-xss-protection
0
expires
Fri, 21 Jan 2022 12:17:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc-AMP6lQ.woff
fonts.gstatic.com/s/roboto/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-AMP6lQ.woff
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced8d52840a0c3d0ef1bb1e52d061689a340e5b9c61ec2b18ecb3e9cfaeab3c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 12:35:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:59 GMT
server
sffe
age
8444
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14388
x-xss-protection
0
expires
Fri, 21 Jan 2022 12:35:43 GMT
fa-solid-900.woff2
barbara-heuser-singer.de/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://barbara-heuser-singer.de/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5fe188f8-13990"
last-modified
Tue, 22 Dec 2020 05:49:44 GMT
server
nginx
x-powered-by
PleskLin
content-type
font/woff2
cache-control
max-age=1209600
accept-ranges
bytes
content-length
80272
expires
Thu, 04 Feb 2021 14:56:27 GMT
54tnz7l4az8z3646.html
klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/ Frame D3B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/54tnz7l4az8z3646.html
Requested by
Host: klicktipp.s3.amazonaws.com
URL: https://klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/54tnz7l4az8z3646.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
klicktipp.s3.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://barbara-heuser-singer.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://barbara-heuser-singer.de/

Response headers

x-amz-id-2
2C49n5vBcy7h1fWxbkWlb1OHw362P+XGTakvzzYPVvuYy+J1kvLssnRBALXvsSXodbiCCJZzQGU=
x-amz-request-id
DEC29A534D416E61
Date
Thu, 21 Jan 2021 14:56:28 GMT
Last-Modified
Sun, 25 Oct 2020 19:08:40 GMT
ETag
"1cb4a16d1093eefade731fcfb8ea2fc1"
X-Robots-Tag
noindex, nofollow
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires
Fri, 02 Jan 1970
x-amz-version-id
BOGZitpY83E3lIp09ulgHEJtIttArN.A
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
15237
Server
AmazonS3
header-background-pattern-scaled-1-1.jpg
barbara-heuser-singer.de/wp-content/uploads/2020/09/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barbara-heuser-singer.de/wp-content/uploads/2020/09/header-background-pattern-scaled-1-1.jpg
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
::ffff:a123:c181 -, , ASN (),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8dde34d31d763ddeaa1be461eec351c5e26394bee9aeed0f4aef5c964d4e592e

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
etag
"5f6b6b03-19827"
last-modified
Wed, 23 Sep 2020 15:34:27 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
104487
expires
Sat, 20 Feb 2021 14:56:27 GMT
KFOkCnqEu92Fr1Mu51xIIzQXKMny.woff
fonts.gstatic.com/s/roboto/v20/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzQXKMny.woff
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f09bbae5289c9be089e1d23780723db09ebcd57923b456ee6a97d1fb1d41669f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 12:50:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:01 GMT
server
sffe
age
7554
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16088
x-xss-protection
0
expires
Fri, 21 Jan 2022 12:50:33 GMT
KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff
fonts.gstatic.com/s/roboto/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b731864456e11cb0dbb57959da8e514d6964e4e7e95b1dd69ee1660eaa87c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://barbara-heuser-singer.de
Referer
https://barbara-heuser-singer.de/wp-content/uploads/fusion-styles/987f41ed53509f2ace183dc1ba440ea8.min.css?ver=3.2.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 23:38:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
141461
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14376
x-xss-protection
0
expires
Wed, 19 Jan 2022 23:38:46 GMT
3189149764527074
connect.facebook.net/signals/config/ 		240 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3189149764527074?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0412d7d1e08c74672f94fea6936f526b63e3dec61fa91fc196498340576c6087
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
PXOCKAsYzNKnASKnyNbGoR+DdiAnHUPUhdJCQkG7hrEe63aB0LTnpg+acwD97RXlI/QXv3q8UfaaE7xxD+5JbA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 21 Jan 2021 14:56:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
619362604
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3189149764527074&ev=PageView&dl=https%3A%2F%2Fbarbara-heuser-singer.de%2F&rl=&if=false&ts=1611240987804&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611240987800.1053567829&it=1611240987645&coo=false&rqm=GET
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:56:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 21 Jan 2021 14:56:27 GMT
54tnz7l4az8z3646.html
klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/ Frame 02F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://klicktipp.s3.amazonaws.com/userimages/326000/forms/220313/54tnz7l4az8z3646.html
Requested by
Host: barbara-heuser-singer.de
URL: https://barbara-heuser-singer.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
klicktipp.s3.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://barbara-heuser-singer.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://barbara-heuser-singer.de/

Response headers

x-amz-id-2
MzHH804imq/KstVnD8wu/J+4QTz/Mul7Dr3YuonXgV/fGkbF63Iq0wSOjd0ppNtGlj7oNZDMaq0=
x-amz-request-id
E22129AB42C381AF
Date
Thu, 21 Jan 2021 14:56:28 GMT
Last-Modified
Sun, 25 Oct 2020 19:08:40 GMT
ETag
"1cb4a16d1093eefade731fcfb8ea2fc1"
X-Robots-Tag
noindex, nofollow
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires
Fri, 02 Jan 1970
x-amz-version-id
BOGZitpY83E3lIp09ulgHEJtIttArN.A
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
15237
Server
AmazonS3
/
www.facebook.com/tr/ 		0
86 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://barbara-heuser-singer.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryXkXwCo2tGzXjyuk0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 21 Jan 2021 14:56:28 GMT
content-type
text/plain
access-control-allow-origin
https://barbara-heuser-singer.de
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| _EPYT_ function| fbq function| _fbq object| WP_Statistics_http object| doc string| form function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| twemoji object| wp function| epdofitvids object| cssua object| fusionBgImageVars object| fusionJSVars object| fusion object| fusionLightboxVideoVars object| fusionEqualHeightVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| onYouTubeIframeAPIReady function| vimeoReady function| fusionInitVimeoPlayers object| fusionVideoGeneralVars object| fusionTimeout undefined| prevCallback function| insertParam function| registerYoutubePlayers function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers function| fusionYouTubeTimeout function| getAdminbarHeight function| getWaypointOffset object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider object| fusionAnimationsVars function| fusionSetMobileAnimationData function| fusionSetAnimationData function| fusionInitGallery function| getScrollBarWidth object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaElasticSliderVars object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| getWaypointTopOffset object| avadaSidebarsVars function| fusionReSettStickySidebarStatus function| setStickySidebarStatus function| calcStickySidebarOffset function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars function| fusionCalcColumnEqualHeights object| _EPADashboard_ object| Modernizr function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Waypoint object| browserPrefixes function| EventEmitter object| eventie function| imagesLoaded object| _fusionImageParallaxImages function| YTReady function| onYouTubePlayerAPIReady object| avadaLightBox object| $ilInstances object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| fusionEqualHeightsCids string| responsiveTypeElements string| fusionBaseFontSize number| lastYPosition boolean| scrollDisabled number| adminBarHeight number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| php_js object| fusionVimeoPlayers boolean| mobileMenuSepAdded number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height object| currentPackeryElement string| waypointContextKey

1 Cookies

Domain/Path Name / Value
.barbara-heuser-singer.de/ Name: _fbp
Value: fb.1.1611240987800.1053567829

5 Console Messages

Source Level URL
Text
console-api log URL: https://barbara-heuser-singer.de/wp-content/cache/autoptimize/js/autoptimize_b7c4be4d8fa395d519d369b276331cc5.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://barbara-heuser-singer.de/wp-content/cache/autoptimize/js/autoptimize_b7c4be4d8fa395d519d369b276331cc5.js(Line 4)
Message:
YT API init check
console-api log URL: https://barbara-heuser-singer.de/wp-content/cache/autoptimize/js/autoptimize_b7c4be4d8fa395d519d369b276331cc5.js(Line 4)
Message:
YT API init check
console-api log URL: https://barbara-heuser-singer.de/wp-content/cache/autoptimize/js/autoptimize_b7c4be4d8fa395d519d369b276331cc5.js(Line 4)
Message:
YT API init check
console-api log URL: https://barbara-heuser-singer.de/wp-content/cache/autoptimize/js/autoptimize_b7c4be4d8fa395d519d369b276331cc5.js(Line 4)
Message:
YT API init check

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

barbara-heuser-singer.de
connect.facebook.net
fonts.gstatic.com
klicktipp.s3.amazonaws.com
www.barbara-heuser-singer.de
www.facebook.com
2a00:1450:4001:820::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.216.80.184
::ffff:a123:c181
0412d7d1e08c74672f94fea6936f526b63e3dec61fa91fc196498340576c6087
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c556a203f43970b6bf8d436f390c891665c83c61789b22d7542df143c6f575
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
27fa99db0b6e580c0d92320803548926ac106eae44bf14bb594d7d797147bd82
2a7e3659dbaceb948336c775216d55ba26674b9ad04c762d17c9c236f5e6bfc4
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
37b8ba65cc3b08837bbbfaafbc2356906fd61c1bd90b1745384ca11cf8ab8e29
40732204f83b3f48d8020e6122ca47ee418c1a515142d2242ca400d5df7f3ba1
4e6e095aa8c3eee6c2bdba51b38f585f3a35c52846f2b907b532a094abbfc90c
5f52794e05906493d438360b1502c863f79fbff5c1e8dbe4f513918668de28a4
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28
7878bbef599ba8ab8d2b85f5c4be4d73684136b62b7a5ff99aa6f497f23304b1
8b731864456e11cb0dbb57959da8e514d6964e4e7e95b1dd69ee1660eaa87c57
8bd82d9c9dd2827036d20d0eb9d01561a4504531e7472df3156aeadd670cbcdf
8dde34d31d763ddeaa1be461eec351c5e26394bee9aeed0f4aef5c964d4e592e
96d75c82fccae1e1aa06b7e06a06a471afe2cff0435afbd9b56140d2bce4a810
9e63e155355e11b19aa689a3a341fbca6bf904922acdbbf079fa24ceacb23488
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7
a94554be0803e8f84d2f525e8cf640c11889195630e85a1e2a783a2a2599fc0c
b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d
b74e356be5abb68f25a141556867b0ad6f6fe8b7f05fccab68ce8de9a2eb2789
ced8d52840a0c3d0ef1bb1e52d061689a340e5b9c61ec2b18ecb3e9cfaeab3c7
d1255ee3dadd50a85a1fc6c8d972091e69362d4586e84e122b5e3512eefe331d
de652898a2e49d28e9cd1fa331faaa69ebf82bb8a88cca9e81c4775c8b4734fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58211f8ba0a2ab6a5c2d95027d0d0e963d150133db8a197ad49690c788abe7e
f09bbae5289c9be089e1d23780723db09ebcd57923b456ee6a97d1fb1d41669f
fb2e4d89ed4f587713cf208a58c4b68050b20ba549011a93c2d5bcdb38e6e74a