r-st.ch
Open in
urlscan Pro
81.18.31.67
Public Scan
Submission Tags: @phishunt_io
Submission: On December 22 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 21st 2022. Valid for: 3 months.
This is the only time r-st.ch was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-206.deploy.static.akamaitechnologies.com
chimpstatic.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-103.dus51.r.cloudfront.net
downloads.mailchimp.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-196.deploy.static.akamaitechnologies.com
mc.us12.list-manage.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
r-st.ch
r-st.ch |
3 MB |
7 |
mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 11610 |
108 KB |
4 |
google-analytics.com
1 redirects
www.google-analytics.com — Cisco Umbrella Rank: 29 ssl.google-analytics.com — Cisco Umbrella Rank: 289 |
37 KB |
4 |
googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 365 |
183 KB |
3 |
google.de
www.google.de — Cisco Umbrella Rank: 6041 |
674 B |
3 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
632 B |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
2 KB |
3 |
adnxs.com
1 redirects
secure.adnxs.com — Cisco Umbrella Rank: 414 |
3 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 73 |
63 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 110 |
203 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149 |
111 KB |
1 |
list-manage.com
mc.us12.list-manage.com — Cisco Umbrella Rank: 92253 |
8 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162 |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51 |
58 KB |
1 |
chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4635 |
2 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 686 |
30 KB |
59 | 16 |
Domain | Requested by | |
---|---|---|
25 | r-st.ch |
r-st.ch
|
7 | downloads.mailchimp.com |
chimpstatic.com
downloads.mailchimp.com |
4 | maps.googleapis.com |
r-st.ch
maps.googleapis.com |
3 | www.google.de |
r-st.ch
|
3 | www.google.com |
1 redirects
r-st.ch
|
3 | secure.adnxs.com |
1 redirects
r-st.ch
|
2 | www.youtube.com |
r-st.ch
www.youtube.com |
2 | www.facebook.com |
r-st.ch
|
2 | stats.g.doubleclick.net |
1 redirects
www.google-analytics.com
|
2 | connect.facebook.net |
r-st.ch
connect.facebook.net |
2 | ssl.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | www.google-analytics.com |
r-st.ch
www.google-analytics.com |
1 | mc.us12.list-manage.com |
downloads.mailchimp.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
r-st.ch
|
1 | www.googletagmanager.com |
r-st.ch
|
1 | chimpstatic.com |
r-st.ch
|
1 | code.jquery.com |
r-st.ch
|
59 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.youtube.com |
www.facebook.com |
www.linkedin.com |
www.instagram.com |
www.verve-seedorf.ch |
www.panoramapark.ch |
ac-i.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
r-st.ch R3 |
2022-12-21 - 2023-03-21 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-15 - 2023-11-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2022-02-11 - 2023-03-14 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-09-30 - 2022-12-29 |
3 months | crt.sh |
downloads.mailchimp.com Amazon |
2022-07-06 - 2023-08-03 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
wildcardsan.list-manage.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-27 - 2023-06-29 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://r-st.ch/
Frame ID: 7CC60A74915F34F282451BFCC94D0E90
Requests: 55 HTTP requests in this frame
Frame:
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Frame ID: 354B6A1A4413F9DD6A9207507CE87E87
Requests: 2 HTTP requests in this frame
Frame:
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Frame ID: F8348CEE3AE6D95DC4A1B46351F0D2D8
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Ramseier + Stucki Architekten AG - Home Instagram-595b40b75ba036ed117d7f85ac-i_chevroniconmonstr-facebook-1iconmonstr-linkedin-3beurkundung-linesendausbau-linesfinanzierung-linesgarantiearbeiten-linesgeneralunternehmerdosier-lineskaufsabsichtserklaerung-linesrohbaubesprechung-linesschluesselebergabe-linesyoutubezoom_iconDetected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- <input[^>]+name="__VIEWSTATE
Akamai Bot Manager (Security) Expand
Detected patterns
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
MailChimp (Marketing Automation) Expand
Detected patterns
- chimpstatic\.com/mcjs-connected
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: YouTube
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: IM DORF ZUHAUSE VERVE Seedorf In der idyllischen Landgemeinde Seedorf entsteht das Neubauprojekt VERVE mit insgesamt 9 Wohneinheiten. Es steht für Lebensfreude und vereint qualitative Architektur mit stimmigem Wohngefühl.
Search URL Search Domain Scan URL
Title: Aussichtsreich wohnen PanoramaPark Grenchen In Grenchen entsteht das Wohnbauprojekt PanoramaPark mit einer harmonischen, parkähnlichen Umgebung und Weitsicht auf die Alpen. Der PanoramaPark ist pure Wohnidylle, elegant eingebettet in ein ruhiges Wohnquartier.
Search URL Search Domain Scan URL
Title: ac-i
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://secure.adnxs.com/seg?add=5251762&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5251762%26t%3D1
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1040676309&utmhn=r-st.ch&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ramseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home&utmhid=1686488663&utmr=-&utmp=%2F&utmht=1671693435112&utmac=UA-26703297-38&utmgtm=2wgbu0N9G6MQR&utmcc=__utma%3D213644823.1939018776.1671693435.1671693435.1671693435.1%3B%2B__utmz%3D213644823.1671693435.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1588134557&utmredir=1&utmu=qmAgAABAAAGBAAAAAgABAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309&slf_rd=1&random=1481516686
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
r-st.ch/ |
102 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.0.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
161 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/ |
342 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.axd
r-st.ch/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
r-st.ch/ |
87 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
r-st.ch/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
abbe96f21906f70e5c8905318.js
chimpstatic.com/mcjs-connected/js/users/af7fd1997ca127c761e4ea733/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
169 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
505-Tannenbaume-2022_1.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Unternehmen/News/ |
111 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Verve_Aussen_Garten.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/VERVE%20Seedorf/Slideshow/Visualisierungen/ |
125 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
berufstage_zukunftstag-2022_1.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Unternehmen/News/ |
374 KB 375 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Raumwerk-Slide-3.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Dienstleistungsprojekte/1004%20-%20Raumwerk/ |
114 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aci.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/img/logos/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seg
secure.adnxs.com/ |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/js/ |
418 KB 163 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 45 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirLTStd-Light.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/avenir-light/ |
15 KB 15 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AvenirLTStd-Heavy.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/avenir-heavy/ |
15 KB 15 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rst_Startseite-Header-Moon.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Header_Teaser/Header_Startseite/ |
340 KB 341 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Header-PanoSuite-2.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Diessenberg%20Boll-Vechigen/Header/ |
146 KB 146 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rst_Startseite-Image-2.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Header_Teaser/Header_Startseite/ |
246 KB 247 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Panorama-Rubigen-Header.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Innenarchitektur/ |
216 KB 216 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rst-web-karriere-header-collage.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Employer%20branding%20renderer/ |
263 KB 263 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Verve_Aussen_Garten_Teaser.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/VERVE%20Seedorf/Slideshow/Visualisierungen/ |
130 KB 130 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Teaser-Wohnung.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Panoramapark%20Grenchen/Teaser/ |
106 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Teaser-Diessenberg-Bett.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Diessenberg%20Boll-Vechigen/Teaser/ |
133 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Teaser-1.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Zwischen%20den%20Giessen%20M%c3%bcnsingen/Teaser/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonticons.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/ |
3 KB 3 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FreightDispProBook-Italic.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/freight-book-italic/ |
92 KB 92 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052501056/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ |
217 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1052501056/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1052501056/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 436 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
132069252287765
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-settings
mc.us12.list-manage.com/subscribe/ |
15 KB 8 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/ |
102 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame 354B |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame 354B |
1005 B 867 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame F834 |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame F834 |
1 KB 898 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modal.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
992 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-widgetapi.js
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/ |
184 KB 62 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 18 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/ |
249 KB 68 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
util.js
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/ |
166 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
174 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontentvisibilityautostatechange object| dataLayer function| $ function| jQuery object| Modernizr object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView string| GoogleAnalyticsObject function| ga object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| PM_Postback function| PM_Callback function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| CMS object| sorttable object| SCRK object| classie function| requestAnimFrame function| cancelAnimFrame function| filterMapInit object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| callBackFrameUrl string| requireName object| validator object| currentView object| google_tag_manager object| _gaq function| onYouTubeIframeAPIReady string| eventType function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| $mcSite object| _gat function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm object| parts object| ytTracker function| wrap function| setEvent function| setListeners object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
r-st.ch/ | Name: CMSPreferredCulture Value: de-CH |
|
r-st.ch/ | Name: CMSCsrfCookie Value: LRn5S4BBKtAYtPl6DCM/VazXL8VmLaWf2hXhEVGL |
|
r-st.ch/ | Name: ASP.NET_SessionId Value: krgzodyuobminlkbgjtnnahr |
|
.adnxs.com/ | Name: uuid2 Value: 8383347708537235922 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8D>6NRF']wIg2IlbniyKz!fss0=Ir4A3KL9D3I?-mT:+P8 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.r-st.ch/ | Name: _ga Value: GA1.2.1939018776.1671693435 |
|
.r-st.ch/ | Name: _gid Value: GA1.2.1021422591.1671693435 |
|
.r-st.ch/ | Name: _gat Value: 1 |
|
.r-st.ch/ | Name: __utma Value: 213644823.1939018776.1671693435.1671693435.1671693435.1 |
|
.r-st.ch/ | Name: __utmc Value: 213644823 |
|
.r-st.ch/ | Name: __utmz Value: 213644823.1671693435.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.r-st.ch/ | Name: __utmt_UA-26703297-38 Value: 1 |
|
.r-st.ch/ | Name: __utmb Value: 213644823.1.10.1671693435 |
|
.r-st.ch/ | Name: _fbp Value: fb.1.1671693435277.300199180 |
|
.list-manage.com/ | Name: _abck Value: D2E264A3E71FFF0A00F213232B57362E~-1~YAAQVVtgaIR31zWFAQAA2ISxOAn7YXCwpvmUirKb00AtKHetW54MmX8VHcdFdMc386Fdo8NqY4S6FXIanOw+svtDZc425BcAuhVvHQAWIM49pxVRBDWjYWKi9t/0K3yg+34Qk1vKQC2gcp7L2tZDUpFt2sDrE/c3Jlt6Xs3DDSnX3C1oNjbslSmueOvVnchTlopFw2QGNa544klxqvLDSTpjk+2jWa/iyzOIZph/12ihgeOpkqlkL5hMO8OAhaPVDZBJ0aMjgrNt1hDE1GDnbloQlByWT1cYv08hTHHHzvumH1HmBdKfIfWpysvXIsW+2QjRf5m4J/z4y80eiFLlAkYBFCOEcTeir+ieDNdNR3EOWg6+/1J+EYCfGQMiy4fsrA==~-1~-1~-1 |
|
.us12.list-manage.com/ | Name: ak_bmsc Value: DE3B9D2CD2ADE0C29C83BDCFDB454518~000000000000000000000000000000~YAAQVVtgaIV31zWFAQAA2ISxOBLUxWOWmvizZU+RDVW1AyujIcusBBXzxYjoczO1ESFca4MYIvBgHAiWw0sHuRCB3GzxBWWvXfWilHT1Vz86Btk2NF/FM7djA6M5Rz4Mv/FLagHF3IZpLlnLwmcrrmJ2GowdqPbpQu+c7H15WA+9qX1iuIuYebn8RDL+p4hdhARHiXBU9c3QFZBB5BVTWiYcbkLxfW9gjwMyI60JVCHWvR8+VOn+pu+7XtSHF6dA0GQIsEuD3aM6yi4cPSESNIA65Y7A0uLdqByae+HfNtYVA5d/5W5ZdKGsDdxHXYo+CBewLIdx6QeQjWyPG+38K/MoDn1XyszA601cVWuwsLNWHaqjyYYKGlE/FBw2bxABlsuInMsJg5TzENtFcpkxHS2lbQ== |
|
.list-manage.com/ | Name: bm_sz Value: 80FB3FC32ACA35EA4CA4E4D14CEADEEB~YAAQVVtgaIZ31zWFAQAA2ISxOBKDUela9TvIdsvCnS6jRuKb/LOG/8lOPZRrelL8MfcA7DP/UwEKP8qMZ3gxzGSeg+CsJVLiOGT7kx7+upeM3Rl7yfjyD+RRJ+A02sfmjbbiAw7H9UHf9vkI7KKGTcdLGbFJOnVyAFtTkWit57rzPTvSEIAjjwankxYirxKtHSBGhGcm5oCsZQpaHeeIL/fdFJ4ARnLP+64lAdxDhXGSZYDV9oMfr398OJLQX9Em0IGGNkS7sghNlY/KzYFDubdLNnpuhSeN0/AvQ6oleA2IBATgFuyLqw==~3752752~3552577 |
|
.youtube.com/ | Name: YSC Value: ze01LeE2Peo |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: SNR9p1yy4Tg |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
chimpstatic.com
code.jquery.com
connect.facebook.net
downloads.mailchimp.com
googleads.g.doubleclick.net
maps.googleapis.com
mc.us12.list-manage.com
r-st.ch
secure.adnxs.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.96.147.196
13.226.153.103
172.217.18.2
185.89.211.12
2001:4de0:ac18::1:a:2a
23.32.243.206
2a00:1450:4001:800::2003
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9d
2a00:1450:400d:80c::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
81.18.31.67
0f4336b18d1b9a8402ad1517386b7b31df3d4f9c634b0ab7d8f3b2491c8d016e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982
214f60bed8810c2abd13d1e5301c4f01057ccafcfc057b9127bb71862de311b7
21c39b72deca45db774545698991ed398adc5ba5a07a2389e57091349ed01f70
278f1c6a055c77529b2595fb4d59d53e217038144ebfc36b33dc80351c593fdf
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45421db3bf5aea05e01065d0bc6f1ec09cf72d286f4629e1e4c2361042c3bf3e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4dc7796301c5e57de84d15b6318bb529bb787967847109d3262bf822f67eb700
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5643b1b66ce0d2d3ef396d6e92a77208e6472d09bb9fb49dc0d5053c0f411f02
6aeb297681bc2dffbe15004825a44e6bb6d816e8fb961b0c08f10e6a8492f891
702716d15dc8e82fadd07062f66b835ed791d80397bbbd87c77958b77b0086cd
76122faf47d255fd60932e5622a544bfdcce25df344859391a0b4f3f2f4faeed
7c3462e08cae14f17859256ff75ce56369c4c63c28f84bc978e85a305a81eba2
7ed448edc4945ff2f50f53ab4fd3a5be686177eab6cbddcf15cde59e072dd4f1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b6b9460628f90ea3198218e3960a034c3078088dd324864708c48c5810e1b28
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4
a783363c2523763b1f674c5429f4efc9a939a2c983d7208f0019461d4e25284c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0755de9edee41abdef304a877ee3174f92c3429feaf7c06437822970addbb4f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b90214a15f5ce01b00608c50804c3172bdc358b4a33f920b1b65f5af78e97d61
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc
bbec5af50b5792e7757610f172c61d3d15889196528a97192f5aa52a59824f63
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c235bb7e875bc88612a3efb177ec3015480c40874c1d1df2f5fcda792e6db218
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb25ee3c525f591ccfa1ba752dd41fff2b63467b225f420fa8812c4349832f35
cd0d802d3ca07bebbbe93e7655f12cc3bb0c9e29fe268404900a1f393377b962
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d55a962669cde606819bba2d750550203b5f3c439b59f41a0e6a1e76a6517901
d5e219ec316300a4b8d54b92a13157b2096828435bd9305d9addb0a84b0ffefd
d86e99094c4449ce8da931cc659f8304e2c2b3866d9fe105f0ac7295e3598e48
da6745c0d45918534c73566127b6ce457b4cc8f8bbf50b4caf3711651acbfd92
e3658754d484229f9701566d518df7380df06a38bff164d6268262b4a9de02ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
ea55e6b60f385b0ebea350a7a37b845efa10187d88eb78f36af80cb2bcb0bc94
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9d17f63c86263545b9ffb4cf1771ba3d6dbb13517390c8e60d6927231a9877
f053808e6762f53af3bc5e652b3b774ebf3db35c9db67dab08099bc9da2b80db
f17e033e06b27cceed36cab68eae394f0746947ef0d03617ab0c6224cb345df4
ff20053401d8818607d7ea646cfc1e1b7db863d9800d597510ef55e6a08cff57