urlscan.io logo urlscan.io
SecurityTrails logo

www.bill-winterthur.ch Open in urlscan Pro
194.124.232.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bill-winterthur.ch/
Submission: On August 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 40 HTTP transactions. The main IP is 194.124.232.204, located in Switzerland and belongs to SWISSCOM Swisscom (Switzerland) Ltd, CH. The main domain is www.bill-winterthur.ch.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 30th 2020. Valid for: 3 months.
This is the only time www.bill-winterthur.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

29    194.124.232.204 (Switzerland)

ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
PTR: fia2-204.raq.ch
www.bill-winterthur.ch
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
29 www.bill-winterthur.ch www.bill-winterthur.ch
4 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.bill-winterthur.ch
2 www.google.com www.bill-winterthur.ch
www.gstatic.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com www.bill-winterthur.ch
1 fonts.googleapis.com www.bill-winterthur.ch
40 7

This site contains links to these domains. Also see Links.

Domain
www.verit.ch
www.fia.ch
Subject Issuer Validity Valid
bill-winterthur.ch
Let's Encrypt Authority X3		 2020-08-30 -
2020-11-28		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.bill-winterthur.ch/
Frame ID: F6A97A86A7D4274C42E93C8C7673F89B
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lew864ZAAAAAHH0nnevUEZfS-c_fZZPMSuNXYXz&co=aHR0cHM6Ly93d3cuYmlsbC13aW50ZXJ0aHVyLmNoOjQ0Mw..&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=dqid6vribx64
Frame ID: 213CFC5870D6DAD629080506FA1CF36D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
Overall confidence: 100%
Detected patterns
  • script /jquery\.flexslider(?:\.min)?\.js$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
  • script /jquery\.flexslider(?:\.min)?\.js$/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

40
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1338 kB
Transfer

1621 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bill-winterthur.ch/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PHP/7.2.33 PleskLin
Resource Hash
d93d4d666e35d420e35f653ddaae45e3d04bdc06a57477ddb141507fade58e18

Request headers

Host
www.bill-winterthur.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Sun, 30 Aug 2020 13:46:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.33 PleskLin
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7153b64d5dc5d5ecee33370618cde0ba0b29b9b645224e8df3c06bc6960f5393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Aug 2020 13:46:07 GMT
server
ESF
date
Sun, 30 Aug 2020 13:46:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Aug 2020 13:46:07 GMT
style.css
www.bill-winterthur.ch/_css/ 		48 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_css/style.css
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
8d35335b66d0786b8d7fe30659c7dbf674e8a1853fe8e362f56c365088888176

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:09 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf145-bfa9"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49065
cookiebar.css
www.bill-winterthur.ch/_css/ 		812 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_css/cookiebar.css
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
ddccc524127625ab71cfd876dc6b5845e8d0f8d251ca6e4e416d512a8ce91346

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
ETag
"32c-5a94893fc9a93"
Last-Modified
Tue, 30 Jun 2020 08:01:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
812
jquery.fancybox.css
www.bill-winterthur.ch/_js/fancybox/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/fancybox/jquery.fancybox.css
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
74b74fa22d0aebe421cf76f55280b00350e1103dc90161ae6ab7d877632e1890

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:17 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf14d-43ed"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17389
flexslider.css
www.bill-winterthur.ch/_js/flexSlider/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/flexSlider/flexslider.css
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
8efe92f736aa76d0ccc548d76d354e389d3c8193c0a6e17d96483267576204a3

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:25 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf155-11e4"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4580
mixitup.css
www.bill-winterthur.ch/_css/ 		43 B
323 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_css/mixitup.css
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
a4ce76647fe61b014c8adc2194f91d613ada557a0ebf70bb35a8631419591572

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
ETag
"2b-5a94893fb8152"
Last-Modified
Tue, 30 Jun 2020 08:01:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
back-to-top.css
www.bill-winterthur.ch/_js/back-to-top/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/back-to-top/back-to-top.css
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
e197e5cec9eaa496fc2377649fb632c67f41e9b652a012c1b940c0ab84cd14f2

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:19 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf14f-4f6"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1270
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-172020007-1
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2ee6de4e5db0f0afcaadc2680041c874be4184c62e0f7b92d7703f8b6c12b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 13:46:07 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35819
x-xss-protection
0
last-modified
Sun, 30 Aug 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Aug 2020 13:46:07 GMT
down.svg
www.bill-winterthur.ch/_images/ 		643 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/down.svg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
702a91439388fbf869aacfa8b7bd6f4f837b52bc07b5cff08940aab481b8c6e2

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
ETag
"283-5a94894161a04"
Last-Modified
Tue, 30 Jun 2020 08:01:10 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643
pfeil.png
www.bill-winterthur.ch/_images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/pfeil.png
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
1c2d09fdafe6042c7d67e6e7bd6e2ed9c6131d59cd02f0e168fd141409674bf9

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-40c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1036
urban.jpg
www.bill-winterthur.ch/_images/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/urban.jpg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
954b6b154e81d2a213626da9f919d47fb99181a8e13e7b32a3290388ddb8da21

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-1194e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72014
thumb.svg
www.bill-winterthur.ch/_images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/thumb.svg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
085a3132895488affdbcba250bb71c072880e30c88054e9492941ed8e1bc97b2

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-a85"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2693
classic.jpg
www.bill-winterthur.ch/_images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/classic.jpg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
be85ce01c397d1563904f842df2f2c129893d1fa24f0e418863bfd9bd619d862

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-ec31"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60465
api.js
www.google.com/recaptcha/ 		708 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lew864ZAAAAAHH0nnevUEZfS-c_fZZPMSuNXYXz
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03a2963abed6973f46bb8c570a45262ccb56634ed6d38e650f428842f8b179e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 13:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
477
x-xss-protection
1; mode=block
expires
Sun, 30 Aug 2020 13:46:07 GMT
mobiliar.png
www.bill-winterthur.ch/_images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/mobiliar.png
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
3521dc0231693ce78efac867d444ca60e1f96568257b0fb0435e142f606627d7

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-13ba"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5050
verit_logo.svg
www.bill-winterthur.ch/_images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/verit_logo.svg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
80be479ac5c053caee78d7451d766979fd03ebd559fb24b51d1412382a800ebb

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-10c5"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4293
jquery-3.3.1.min.js
www.bill-winterthur.ch/_js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/jquery-3.3.1.min.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:17 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf14d-1538e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86926
js.cookie.js
www.bill-winterthur.ch/_js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/js.cookie.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
5058fbd6437900d51f062ce718cbda1bc0dcacdb399d55fc54859233afd84894

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:19 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf14f-f2a"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3882
smoothscroll.js
www.bill-winterthur.ch/_js/ 		541 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/smoothscroll.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
d0df5037576c8820c7509631cbf06428630f2d1eec8751fb78bad07766b5996e

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
ETag
"21d-5a9489476206b"
Last-Modified
Tue, 30 Jun 2020 08:01:17 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
541
jquery.fancybox.min.js
www.bill-winterthur.ch/_js/fancybox/ 		67 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/fancybox/jquery.fancybox.min.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
c787a5704661491a0877721ca934b66aa26ac70f8a8eab8ccc48c86c86a41556

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:17 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf14d-10a64"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68196
jquery.flexslider.js
www.bill-winterthur.ch/_js/flexSlider/ 		55 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/flexSlider/jquery.flexslider.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
9e7a1412730fc4c5b0f5722472d217ec2e106e0756fe6d97a37b0ea89db35960

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:43 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf167-dbfe"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56318
jquery.mixitup.min.js
www.bill-winterthur.ch/_js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/jquery.mixitup.min.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
2f997fb2aa587217fbed484d1cadf3beb4da0b75ee390488eecf834b98895b5f

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:18 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf14e-6eac"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28332
custom.mixitup.js
www.bill-winterthur.ch/_js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/custom.mixitup.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
ca0a2b282dd5ec21969fbb66328e5cc91415d371a603641b08b4d6e2fd294d72

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:02:24 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf190-c86"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3206
back-to-top.js
www.bill-winterthur.ch/_js/back-to-top/ 		879 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/back-to-top/back-to-top.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
3454b1b6131b225059c5c24c891b9b9121005005240e912ce22954deba2812dc

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
ETag
"36f-5a948949777b4"
Last-Modified
Tue, 30 Jun 2020 08:01:19 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
879
jquery.rwdImageMaps.min.js
www.bill-winterthur.ch/_js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/jquery.rwdImageMaps.min.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:20 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf150-468"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1128
jquery.cookie.js
www.bill-winterthur.ch/_js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_js/jquery.cookie.js
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:02:29 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf195-c43"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3139
home01.jpg
www.bill-winterthur.ch/_images/ 		316 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/home01.jpg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
f7db585d2f538b136ca6e8e371f86d503473c78d612a98aee9dd9e33d08be154

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-4f1fa"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
324090
logo_bill.png
www.bill-winterthur.ch/_images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/logo_bill.png
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
d97bf47181db991abf127dee4d389ca5897e4eed6d476bc9bdee07e4906336d6

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-a3ad"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41901
bg.png
www.bill-winterthur.ch/_images/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/bg.png
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/_css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
04885c4ad304ee8a5cc65d742529bc9a0a83ac3d43ba830aa7dbe8f59829346d

Request headers

Referer
https://www.bill-winterthur.ch/_css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf147-2eb37"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191287
sun_valley_webfont.woff2
www.bill-winterthur.ch/_fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bill-winterthur.ch/_fonts/sun_valley_webfont.woff2
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/_css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
0029106da4d652c901bf6380fcb3e61a1c7be4076b3836df1a7ed56fb8ec2ef1

Request headers

Origin
https://www.bill-winterthur.ch
Referer
https://www.bill-winterthur.ch/_css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
Last-Modified
Tue, 30 Jun 2020 08:01:10 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5efaf146-12344"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74564
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bill-winterthur.ch
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:03:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
535335
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:03:52 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bill-winterthur.ch
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:03:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
535335
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:03:52 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bill-winterthur.ch
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:03:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
535333
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:03:54 GMT
vm8vdRfvXFLG3OLnsO15WYS5DG74wNJVMJ8b.woff2
fonts.gstatic.com/s/kaushanscript/v8/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kaushanscript/v8/vm8vdRfvXFLG3OLnsO15WYS5DG74wNJVMJ8b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1929dab7d2cb32760115d8f0ae635b45c22e8329cbb224b149c81bd9b752f51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.bill-winterthur.ch
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Kaushan+Script&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:12:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:52:15 GMT
server
sffe
age
534802
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23792
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:12:45 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/ 		337 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lew864ZAAAAAHH0nnevUEZfS-c_fZZPMSuNXYXz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
919ce225464d5e8d79944356fcaa74323a12f8fc847eec6c7a877f9e752f7fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 21:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Aug 2020 04:38:28 GMT
server
sffe
age
490150
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135073
x-xss-protection
0
expires
Tue, 24 Aug 2021 21:36:57 GMT
up_weiss.svg
www.bill-winterthur.ch/_images/ 		722 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bill-winterthur.ch/_images/up_weiss.svg
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/_js/back-to-top/back-to-top.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.124.232.204 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
fia2-204.raq.ch
Software
nginx / PleskLin
Resource Hash
157908d0991aadf789e43c3980df1e72a21f62d78c4fd682b6feccac44766fd8

Request headers

Referer
https://www.bill-winterthur.ch/_js/back-to-top/back-to-top.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 13:46:07 GMT
ETag
"2d2-5a948941a57f8"
Last-Modified
Tue, 30 Jun 2020 08:01:11 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/svg+xml
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
722
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172020007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1827
date
Sun, 30 Aug 2020 13:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sun, 30 Aug 2020 15:15:40 GMT
collect
www.google-analytics.com/r/ 		35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1026442339&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bill-winterthur.ch%2F&ul=en-us&de=UTF-8&dt=We%20like%20Bill%20-%20Winterthur&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1275858937&gjid=808379778&cid=256366895.1598795168&tid=UA-172020007-1&_gid=63792276.1598795168&_r=1&gtm=2ou8j2&z=1982580311
Requested by
Host: www.bill-winterthur.ch
URL: https://www.bill-winterthur.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bill-winterthur.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Aug 2020 13:46:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 213C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lew864ZAAAAAHH0nnevUEZfS-c_fZZPMSuNXYXz&co=aHR0cHM6Ly93d3cuYmlsbC13aW50ZXJ0aHVyLmNoOjQ0Mw..&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=dqid6vribx64
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LpZ//04FupqNfXaV0Oebww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lew864ZAAAAAHH0nnevUEZfS-c_fZZPMSuNXYXz&co=aHR0cHM6Ly93d3cuYmlsbC13aW50ZXJ0aHVyLmNoOjQ0Mw..&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=dqid6vribx64
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bill-winterthur.ch/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bill-winterthur.ch/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 Aug 2020 13:46:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-LpZ//04FupqNfXaV0Oebww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9305
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| $ function| jQuery function| Cookies object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData object| closure_lm_742915

3 Cookies

Domain/Path Name / Value
.bill-winterthur.ch/ Name: _gat_gtag_UA_172020007_1
Value: 1
.bill-winterthur.ch/ Name: _gid
Value: GA1.2.63792276.1598795168
.bill-winterthur.ch/ Name: _ga
Value: GA1.2.256366895.1598795168

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.bill-winterthur.ch
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
194.124.232.204
2a00:1450:4001:801::200e
2a00:1450:4001:809::2004
2a00:1450:4001:817::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:820::2008
0029106da4d652c901bf6380fcb3e61a1c7be4076b3836df1a7ed56fb8ec2ef1
03a2963abed6973f46bb8c570a45262ccb56634ed6d38e650f428842f8b179e8
04885c4ad304ee8a5cc65d742529bc9a0a83ac3d43ba830aa7dbe8f59829346d
085a3132895488affdbcba250bb71c072880e30c88054e9492941ed8e1bc97b2
157908d0991aadf789e43c3980df1e72a21f62d78c4fd682b6feccac44766fd8
1929dab7d2cb32760115d8f0ae635b45c22e8329cbb224b149c81bd9b752f51c
1c2d09fdafe6042c7d67e6e7bd6e2ed9c6131d59cd02f0e168fd141409674bf9
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b
2f997fb2aa587217fbed484d1cadf3beb4da0b75ee390488eecf834b98895b5f
3454b1b6131b225059c5c24c891b9b9121005005240e912ce22954deba2812dc
3521dc0231693ce78efac867d444ca60e1f96568257b0fb0435e142f606627d7
5058fbd6437900d51f062ce718cbda1bc0dcacdb399d55fc54859233afd84894
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7
702a91439388fbf869aacfa8b7bd6f4f837b52bc07b5cff08940aab481b8c6e2
7153b64d5dc5d5ecee33370618cde0ba0b29b9b645224e8df3c06bc6960f5393
74b74fa22d0aebe421cf76f55280b00350e1103dc90161ae6ab7d877632e1890
80be479ac5c053caee78d7451d766979fd03ebd559fb24b51d1412382a800ebb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d35335b66d0786b8d7fe30659c7dbf674e8a1853fe8e362f56c365088888176
8efe92f736aa76d0ccc548d76d354e389d3c8193c0a6e17d96483267576204a3
919ce225464d5e8d79944356fcaa74323a12f8fc847eec6c7a877f9e752f7fb9
954b6b154e81d2a213626da9f919d47fb99181a8e13e7b32a3290388ddb8da21
9e7a1412730fc4c5b0f5722472d217ec2e106e0756fe6d97a37b0ea89db35960
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4ce76647fe61b014c8adc2194f91d613ada557a0ebf70bb35a8631419591572
be85ce01c397d1563904f842df2f2c129893d1fa24f0e418863bfd9bd619d862
c2ee6de4e5db0f0afcaadc2680041c874be4184c62e0f7b92d7703f8b6c12b62
c787a5704661491a0877721ca934b66aa26ac70f8a8eab8ccc48c86c86a41556
ca0a2b282dd5ec21969fbb66328e5cc91415d371a603641b08b4d6e2fd294d72
d0df5037576c8820c7509631cbf06428630f2d1eec8751fb78bad07766b5996e
d93d4d666e35d420e35f653ddaae45e3d04bdc06a57477ddb141507fade58e18
d97bf47181db991abf127dee4d389ca5897e4eed6d476bc9bdee07e4906336d6
ddccc524127625ab71cfd876dc6b5845e8d0f8d251ca6e4e416d512a8ce91346
e197e5cec9eaa496fc2377649fb632c67f41e9b652a012c1b940c0ab84cd14f2
f7db585d2f538b136ca6e8e371f86d503473c78d612a98aee9dd9e33d08be154
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955