urlscan.io logo urlscan.io
SecurityTrails logo

www.billblitz.eu Open in urlscan Pro
52.223.52.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://billblitz.eu/
Effective URL: https://www.billblitz.eu/
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is www.billblitz.eu.
TLS certificate: Issued by R3 on April 18th 2024. Valid for: 3 months.
This is the only time www.billblitz.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
billblitz.eu
www.billblitz.eu
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
21    2600:9000:20ae:800:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    18.173.187.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-44.muc50.r.cloudfront.net
events.framer.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    54.230.228.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-12.muc50.r.cloudfront.net
framerusercontent.com
4    2600:9000:237d:800:10:9b9d:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
framer.com
Apex Domain
Subdomains		 Transfer
22 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 48281
562 KB
7 framer.com
events.framer.com — Cisco Umbrella Rank: 58383
framer.com — Cisco Umbrella Rank: 52472
18 KB
4 gstatic.com
fonts.gstatic.com
97 KB
2 billblitz.eu
billblitz.eu
www.billblitz.eu
32 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
98 KB
32 6
Domain Requested by
22 framerusercontent.com www.billblitz.eu
4 framer.com 4 redirects
4 fonts.gstatic.com www.billblitz.eu
3 events.framer.com www.billblitz.eu
events.framer.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.billblitz.eu
1 www.billblitz.eu
1 billblitz.eu 1 redirects
32 8

This site contains links to these domains. Also see Links.

Domain
andrea-montini.lemonsqueezy.com
Subject Issuer Validity Valid
www.billblitz.eu
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.billblitz.eu/
Frame ID: A9C2B50628BAD52F0285C8C770EC2508
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bill Blitz - Easy contract management

Page URL History Show full URLs

  1. https://billblitz.eu/ HTTP 308
    https://www.billblitz.eu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • right\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

88 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

805 kB
Transfer

1950 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billblitz.eu/ HTTP 308
    https://www.billblitz.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://framer.com/m/phosphor-icons/ArrowRight.js@0.0.53 HTTP 302
  • https://framerusercontent.com/modules/K3PeUzM4qhL5IiaYcDem/fnIpxnXSBxP70fE0qfoc/ArrowRight.js
Request Chain 28
  • https://framer.com/m/phosphor-icons/ListBullets.js@0.0.50 HTTP 302
  • https://framerusercontent.com/modules/0ggwFL13t432fLiyrwA8/AkJOI7VgQi31on05CSy8/ListBullets.js
Request Chain 29
  • https://framer.com/m/phosphor-icons/Play.js@0.0.50 HTTP 302
  • https://framerusercontent.com/modules/ag2KtnH7tMkIxmuWQxFW/Rvllpr1bWUzPlorj83no/Play.js
Request Chain 30
  • https://framer.com/m/phosphor-icons/Star.js@0.0.50 HTTP 302
  • https://framerusercontent.com/modules/0d6gYUal6P0KhcGqNsjI/QxcVUegJ9tKtywXBdVtb/Star.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.billblitz.eu/
Redirect Chain
  • https://billblitz.eu/
  • https://www.billblitz.eu/
354 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Caddy/c477853 /
Resource Hash
258347f6608b6f352bf5ccfc0798bdcbdc90c1b9b7e4a814da90f63d33112c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
31812
content-type
text/html
date
Thu, 18 Apr 2024 09:43:05 GMT
etag
"1a22dff575ca3d286dad18a3c8e63c6d"
last-modified
Thu, 18 Apr 2024 09:36:39 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Caddy/c477853
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="c477853"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-length
61
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 09:43:05 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
location
https://www.billblitz.eu/
server
Caddy/c477853
strict-transport-security
max-age=31536000
js
www.googletagmanager.com/gtag/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MN1N4FEJL3
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a12d4d5ba08574135af7834aabfd7dad16091df8aef2b90b148c696298498913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:43:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 09:43:06 GMT
chunk-WWEJ6YWX.mjs
framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/ 		564 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/chunk-WWEJ6YWX.mjs
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9187cc7b664428efd75424eb009c53882dc00fb2eda315325d18f3ed52686343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:41:50 GMT
x-amz-version-id
RS1cBe0Zq8Zs.W1smngc1DvVAIB5aslj
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
77
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="SY2E9-zp9tmnG5zXk0NWJ_nR3bB9UZ6MGPWbwwxvb87GACjwDJSiFg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Apr 2024 09:36:39 GMT
server
CloudFront
etag
W/"27b41f8659c9882b8f6c4c8928f1ee9f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
SY2E9-zp9tmnG5zXk0NWJ_nR3bB9UZ6MGPWbwwxvb87GACjwDJSiFg==
chunk-ELYU6EKT.mjs
framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/chunk-ELYU6EKT.mjs
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:41:50 GMT
x-amz-version-id
G2hwOHxrPwfO..kV6Lu.cPPl0LG9D.Rj
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
76
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="DeCQeHWT-UngnFgdk4vc_WeTHVjqvPhk5upRS-XYi45wj-fEy5cPow==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
content-length
447
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Apr 2024 09:36:39 GMT
server
CloudFront
etag
"bac0d5b5f6a61029b51079932ccda746"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DeCQeHWT-UngnFgdk4vc_WeTHVjqvPhk5upRS-XYi45wj-fEy5cPow==
cJSq17FmmNffsh8Z8AY_fgff_mzftcu95W_3-Bzoih0.6ATPH7ER.mjs
framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/ 		278 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/cJSq17FmmNffsh8Z8AY_fgff_mzftcu95W_3-Bzoih0.6ATPH7ER.mjs
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fa50c47c79f9754d5644b30e9300a75a8b96c664b04ea7b01f1573dd75835ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:41:50 GMT
x-amz-version-id
uhrAnPyEGN4W0JeG4GH.1CNJzCERJUKB
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
76
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Vrh7oCeqiV_g1F9a-Hsw_WJnJ7oU8L96833q2-kO5MNkszlD0FZS1w==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=17
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Apr 2024 09:36:39 GMT
server
CloudFront
etag
W/"009bb5072433290dc590a3e2b36e58dc"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
Vrh7oCeqiV_g1F9a-Hsw_WJnJ7oU8L96833q2-kO5MNkszlD0FZS1w==
chunk-C6ZA3PIN.mjs
framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/chunk-C6ZA3PIN.mjs
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e906cc42f7da1c224550fa53e960f6f24b7b687b80a4d872727726fe5f10de3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:41:50 GMT
x-amz-version-id
0QJYL2rOT1Qtb2wYjdO3nbVadhhjae65
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
77
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="4lIh7Tpfo6sW0KXmplo-DmnbuEiZVAtgNF3xaLeVwnCPVSDtTHSpPA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Apr 2024 09:36:39 GMT
server
CloudFront
etag
W/"e965a5b8514d4e90aeedd63ea7430e75"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
4lIh7Tpfo6sW0KXmplo-DmnbuEiZVAtgNF3xaLeVwnCPVSDtTHSpPA==
script
events.framer.com/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-44.muc50.r.cloudfront.net
Software
/
Resource Hash
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:43:06 GMT
via
1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
15882
x-amz-cf-pop
MUC50-P4
x-amzn-trace-id
Root=1-6620eb2a-364680341abe8df42bc643ea
x-amzn-requestid
5136fe81-7efa-4f39-8645-cfc4ecefcebf
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Thu, 18 Apr 2024 09:41:59 GMT
x-amz-apigw-id
WamuuFASIAMESYw=
content-length
15882
x-amz-cf-id
xc-kmNEYBkdHlDgxDPZNiVMrMc3MoaHQUqoQwhVQjLsr6sEs7MRISQ==
yhSJIuiAYzapkOhQaS1e2ki0z0.jpg
framerusercontent.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/yhSJIuiAYzapkOhQaS1e2ki0z0.jpg
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
01a680760ba22400ce0a82f5ef56931829c41d436cfa8a5d047689a2e708a697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Jan 2024 21:24:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
8684290
x-amzn-requestid
f02aef0a-f568-41cc-a023-a0073dab5d0c
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="R2rDv2lIpZwbrPhsnt9xM7-mEG3JOBJXmZ6HCyYlSBFkpKejSY2hTw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-659c6827-3254c30a4155ed216de4a397;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
R2rDv2lIpZwbrPhsnt9xM7-mEG3JOBJXmZ6HCyYlSBFkpKejSY2hTw==
hRNPHFLXnYpztCrf9w3NgXJEBbg.jpg
framerusercontent.com/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/hRNPHFLXnYpztCrf9w3NgXJEBbg.jpg?scale-down-to=1024
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
99dd2a23efd0050b489df6b36ef5ccbf60c40f32fb7283419917102ea245eb9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Dec 2023 21:58:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
9459884
x-amzn-requestid
4b1dc20f-ab96-478c-b031-56d9a24c9057
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="tlMGMmQ4xwScidEIZhkG_wd3R6oENxKCgSfONlizXkjlwrFWG8HIwg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-6590927e-2e953dd43438b80458fb3b77;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
tlMGMmQ4xwScidEIZhkG_wd3R6oENxKCgSfONlizXkjlwrFWG8HIwg==
3GQw21ejaNWAKEXyA8jvTEww2Q.png
framerusercontent.com/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/3GQw21ejaNWAKEXyA8jvTEww2Q.png
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb0feebe90cc70f03cb981fc1bc692876b7834e6f473df49624fbaa8f4d66cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:05:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
63428
x-amzn-requestid
77588a6d-455c-4f05-8e57-1b3a3cae7375
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="2-VfSyjpht2VD3UXgEQgHUx489TBF0TUYMmUA3j5QeoE3Dtl8UntCg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-661ff366-4f46420c6c3a3dc834ebf75b;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
2-VfSyjpht2VD3UXgEQgHUx489TBF0TUYMmUA3j5QeoE3Dtl8UntCg==
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 06:19:09 GMT
x-content-type-options
nosniff
age
185037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28224
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 06:19:09 GMT
-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 00:52:28 GMT
x-content-type-options
nosniff
age
204638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14988
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:44:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 00:52:28 GMT
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 17:34:38 GMT
x-content-type-options
nosniff
age
230908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38268
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 17:34:38 GMT
ACBYls9MfOtCTtMx8TkBdS6yEp8.png
framerusercontent.com/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/ACBYls9MfOtCTtMx8TkBdS6yEp8.png
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
562ee42143f533a2782d52a869fbdb864797aa7f7a8d755ff3152b8c051705de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:47:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
10534
x-amzn-requestid
b0f0f133-fe18-48e7-a246-29d5e41a489a
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="TL-1THIxa8T9lwbS-5z0v9hfDLZOexPFtkQ2ZRrUKzARxg2pbgs-3A==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620c204-26d455122a38e1135bc09da6;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
TL-1THIxa8T9lwbS-5z0v9hfDLZOexPFtkQ2ZRrUKzARxg2pbgs-3A==
JL0UeWwnzZP0CgUlZyTESos98.png
framerusercontent.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/JL0UeWwnzZP0CgUlZyTESos98.png
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7e9730d243c88b56be8811c6542aa395bce4dea326d224839ec0148c9a364be8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 08:49:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
3216
x-amzn-requestid
7b5c6331-1f31-4a5a-a547-2be53066e424
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="KOJfRMDYgmlnJtICP2JTsTAC3ZCjhSslL6WZtGy3AHETGrWI6zTvwQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620de9a-05a8bf05624e96d6724d1c3f;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
KOJfRMDYgmlnJtICP2JTsTAC3ZCjhSslL6WZtGy3AHETGrWI6zTvwQ==
6SW80JgM2ULEbVsjPpDO8Wb0rl4.png
framerusercontent.com/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/6SW80JgM2ULEbVsjPpDO8Wb0rl4.png?scale-down-to=512
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
36914d0ba0b950a0472e7aa228f8a1133e03c8b15923e70d93d62f85a9569b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:09:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
2024
x-amzn-requestid
633279f0-3a2e-4abf-84c0-e381ea16f350
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="MNmps_xfiMZwcRP8hyN1P4Q-IPm66qxDG_dmD07fPttWCbwqQutnqQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620e341-503b593818c4d7e5200f6bc8;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
MNmps_xfiMZwcRP8hyN1P4Q-IPm66qxDG_dmD07fPttWCbwqQutnqQ==
V9h1fB52INnL81NPzMW3PdSLBkU.svg
framerusercontent.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/V9h1fB52INnL81NPzMW3PdSLBkU.svg
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5d1c8c625191de25321ca95048d185acd2e61f8927dbc55e18a22b829fdad3c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:13:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1747
x-amzn-requestid
38711595-506a-4525-8c5d-64cc34eb42e8
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="5tV9VDtIyQsm8yniQ-SxSju3rsUHu0m-NaH7XnUD9IDtUNn4bx0z4g==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=12
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620e457-61e71ca97b5bb7506c5aecf2;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5tV9VDtIyQsm8yniQ-SxSju3rsUHu0m-NaH7XnUD9IDtUNn4bx0z4g==
tHhKmaa0xvUxam4M7Rt35c4fQTY.png
framerusercontent.com/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/tHhKmaa0xvUxam4M7Rt35c4fQTY.png?scale-down-to=512
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
553d46416c268295c8cbd83ce39c1de35a1cecf34df26b5b67e77633eb8d6ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:11:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1877
x-amzn-requestid
e8ec5580-d241-4486-9238-e1ad0a1b89b2
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="wRAg-O___aCKeyBBC3PykQAtrOP8S2R5H8xVic3T1WHxnFABxpxSfg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=13
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620e3d4-199cbeac7c5a889f3d6bc439;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
wRAg-O___aCKeyBBC3PykQAtrOP8S2R5H8xVic3T1WHxnFABxpxSfg==
8LBnyC88hoyo2gl3OQfA4lh6Cl4.svg
framerusercontent.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/8LBnyC88hoyo2gl3OQfA4lh6Cl4.svg?scale-down-to=512
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b053b9cd8be44c76c4f0343cd8d295866e704908bf8712cc462ade006890c00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
2088
x-amzn-requestid
6f263f69-38f6-45cd-a313-8c8d62972f5f
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="eZWvlG48VP9HR9s7y4hunx3NFj22RgM4yPZw-_N_kHmhq4zSJTYACQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=12
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620e302-7e92571c17f3739b6af83660;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
eZWvlG48VP9HR9s7y4hunx3NFj22RgM4yPZw-_N_kHmhq4zSJTYACQ==
SnXIJMoNMxHPkatJ8yfffYV50.svg
framerusercontent.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/SnXIJMoNMxHPkatJ8yfffYV50.svg?scale-down-to=512
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f1717b92afd21e8ccb62e6fd8cfe010f092073543da9ca821ad4ed1b4a01a32e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:16:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1623
x-amzn-requestid
5a519620-9076-4ded-a580-6c1c125be184
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="maJnA7UCF3XNlfEx18MOpRuZrS99x4RzALAWtNjjEhEXp_KP3yp_ZA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=12
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620e4d3-1fc550206879a4cc1a1dcc78;parent=5901e6038a65247c;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
maJnA7UCF3XNlfEx18MOpRuZrS99x4RzALAWtNjjEhEXp_KP3yp_ZA==
3GQw21ejaNWAKEXyA8jvTEww2Q.png
framerusercontent.com/images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/3GQw21ejaNWAKEXyA8jvTEww2Q.png?scale-down-to=1024
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8ffb5b6f8af738af123f486cfa35b1748724683064f7d9267ff384c6de6ffa92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:12:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1847
x-amzn-requestid
da748b99-a875-461f-b590-a5ae35f83e51
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="owShvjdI1SGAm7VyFIXMxQdA8ZcTBpfTYW0kzF7ZTx0SACzVyDU-OA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620e3f3-0036700b21290af06b6c2592;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
owShvjdI1SGAm7VyFIXMxQdA8ZcTBpfTYW0kzF7ZTx0SACzVyDU-OA==
default_script0.5ESONTX4.mjs
framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/7efZWz2QR2z1458SY4eyJL/default_script0.5ESONTX4.mjs
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4266dd1a7fa854b83ebd9a1c2aabdcbb59b47528fc5ea078beb08b5cd3bd0d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:41:51 GMT
x-amz-version-id
.brFOKUkWpG.RB7GvedEGWPZb27tS1yz
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
76
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="H1tKG-v5oOPFL3q0LN4qstjtnTwlYa0wKxdY4WvvN85ikCuAw84qfw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=13
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Apr 2024 09:36:39 GMT
server
CloudFront
etag
W/"8c3c99f9debce1d9b5ec3154829cd2bb"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
H1tKG-v5oOPFL3q0LN4qstjtnTwlYa0wKxdY4WvvN85ikCuAw84qfw==
qFda35WCmI96Ajtm83upeyoaX6QPnlo6_PPbPpqK.woff2
fonts.gstatic.com/s/overpass/v13/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v13/qFda35WCmI96Ajtm83upeyoaX6QPnlo6_PPbPpqK.woff2
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28686f7a711699b27dc7c78820214f80f436049ba7c09403022c7a7df0c12d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Origin
https://www.billblitz.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 23:36:47 GMT
x-content-type-options
nosniff
age
468379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16996
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:33:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 23:36:47 GMT
ZJUimmPvaN330oTrbJuc2vycE.png
framerusercontent.com/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/ZJUimmPvaN330oTrbJuc2vycE.png
Requested by
Host: www.billblitz.eu
URL: https://www.billblitz.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9ae1b6e88666f828851af9d13d3ba9039f8532423992f689465e1f99b2c52d68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 a2eaac3682e999c3b0a69ad54d815412.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
10450
x-amzn-requestid
3f35e227-2818-4cc6-8ac2-db0ec4f99f9c
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="Q_IF7_J7Hxry6DnQvPfNo764i5iVhA4LIyzaOwLzthacbdAqaUQOdA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=13
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-6620c258-1f3642ec5f326aa0492dfdee;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Q_IF7_J7Hxry6DnQvPfNo764i5iVhA4LIyzaOwLzthacbdAqaUQOdA==
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MN1N4FEJL3&gtm=45je44f0v9183064141za200&_p=1713433386594&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=856991461.1713433387&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713433386&sct=1&seg=0&dl=https%3A%2F%2Fwww.billblitz.eu%2F&dt=Bill%20Blitz%20-%20Easy%20contract%20management&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MN1N4FEJL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 09:43:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.billblitz.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-44.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Apr 2024 09:43:07 GMT
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-amzn-trace-id
Root=1-6620eb2b-1aa0385933485e8771c60865;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
59277c78-1885-4ebb-ba10-049be1e4bb11
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Wamu1H5roAMEC9w=
content-length
0
x-amz-cf-id
vavfEobHJouKBAyCiDWEMds1G2faCKe5uGfXviwlwsya0H5d_QWvcQ==
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-44.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.billblitz.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 18 Apr 2024 09:43:07 GMT
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
x-amz-apigw-id
WamuyFlhoAMEj4A=
x-amz-cf-id
YNr5PYDGTT5cAr0TmlebljZlqXIV6XEcDvXanMLSqiAHgfLUen2vwA==
x-amz-cf-pop
MUC50-P4
x-amzn-requestid
9ea6908d-78f0-4a90-9fce-6a7d12b32ae6
x-cache
Miss from cloudfront
3EKDFjYAmO9mazSkU6hft6JFlKo.png
framerusercontent.com/images/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/3EKDFjYAmO9mazSkU6hft6JFlKo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-12.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
eb09dcf1a876cba56b357d13f1e6cdeaf55266ff9a50afc33ba194bae40bf6a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.billblitz.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jan 2024 16:52:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
9132643
x-amzn-requestid
595b2f35-8326-45a6-b351-01344e6e6bc9
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="udH757L4nFAV-lNbFH2Se8u8UpYyEQ8pUM5cuCf2VZt2wMXIZomcuw==",cdn-downstream-fbl;dur=1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-659590c7-259fd0f33896c2a3246e6bc0;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
udH757L4nFAV-lNbFH2Se8u8UpYyEQ8pUM5cuCf2VZt2wMXIZomcuw==
ArrowRight.js
framerusercontent.com/modules/K3PeUzM4qhL5IiaYcDem/fnIpxnXSBxP70fE0qfoc/
Redirect Chain
  • https://framer.com/m/phosphor-icons/ArrowRight.js@0.0.53
  • https://framerusercontent.com/modules/K3PeUzM4qhL5IiaYcDem/fnIpxnXSBxP70fE0qfoc/ArrowRight.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/K3PeUzM4qhL5IiaYcDem/fnIpxnXSBxP70fE0qfoc/ArrowRight.js
Protocol
H2
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d0602000985acc4449c95ab9173734cf44e775fd176c48769d8e6a4c247ddb89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 08:22:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
436834
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="9n0DBAbQt-BXyXQAXGqpODYK_zhlhR_9hiPsNXTTjXPv1gaYbmFQlw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
9n0DBAbQt-BXyXQAXGqpODYK_zhlhR_9hiPsNXTTjXPv1gaYbmFQlw==

Redirect headers

date
Thu, 18 Apr 2024 09:01:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
2490
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
116
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/K3PeUzM4qhL5IiaYcDem/fnIpxnXSBxP70fE0qfoc/ArrowRight.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
DnXbf1fWYU-C4-WPVCnUkmzl6jaaPbcigWAB8GhVQeaZn1-UQdUY5Q==
ListBullets.js
framerusercontent.com/modules/0ggwFL13t432fLiyrwA8/AkJOI7VgQi31on05CSy8/
Redirect Chain
  • https://framer.com/m/phosphor-icons/ListBullets.js@0.0.50
  • https://framerusercontent.com/modules/0ggwFL13t432fLiyrwA8/AkJOI7VgQi31on05CSy8/ListBullets.js
7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/0ggwFL13t432fLiyrwA8/AkJOI7VgQi31on05CSy8/ListBullets.js
Protocol
H2
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
20152264ebe8c42eda5a2cb5f044bcba05c079c4f39d7495fe913424c11b502c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Apr 2024 19:32:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
137417
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="yIpnfhlWfvwDlUd_0hCLXs9r2jBgajRRRt6pGbO6fANCXWBp_mMA1g==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
yIpnfhlWfvwDlUd_0hCLXs9r2jBgajRRRt6pGbO6fANCXWBp_mMA1g==

Redirect headers

date
Thu, 18 Apr 2024 08:46:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
3369
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
117
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/0ggwFL13t432fLiyrwA8/AkJOI7VgQi31on05CSy8/ListBullets.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
l0WRp93yDZoeDYS9eQh_sAT-nVh5d741IQLXyJqZNjdKaEArxNcliQ==
Play.js
framerusercontent.com/modules/ag2KtnH7tMkIxmuWQxFW/Rvllpr1bWUzPlorj83no/
Redirect Chain
  • https://framer.com/m/phosphor-icons/Play.js@0.0.50
  • https://framerusercontent.com/modules/ag2KtnH7tMkIxmuWQxFW/Rvllpr1bWUzPlorj83no/Play.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/ag2KtnH7tMkIxmuWQxFW/Rvllpr1bWUzPlorj83no/Play.js
Protocol
H2
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de93109f857fa5826cc40baf3855622adc9c2a3d7780834f15177a3571e94295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Apr 2024 07:23:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
526760
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="du-6qPAjTX9RrCHKFe6kA1ez5gRcQPgs54cJD0NjLpgmQb9LCxN7KQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
du-6qPAjTX9RrCHKFe6kA1ez5gRcQPgs54cJD0NjLpgmQb9LCxN7KQ==

Redirect headers

date
Thu, 18 Apr 2024 09:36:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
419
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
110
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/ag2KtnH7tMkIxmuWQxFW/Rvllpr1bWUzPlorj83no/Play.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
GJOXpMr1pJig-uebqdAUPdPW7SITYYGa4Zc6-qHP4LXjOn2S7CZkiQ==
Star.js
framerusercontent.com/modules/0d6gYUal6P0KhcGqNsjI/QxcVUegJ9tKtywXBdVtb/
Redirect Chain
  • https://framer.com/m/phosphor-icons/Star.js@0.0.50
  • https://framerusercontent.com/modules/0d6gYUal6P0KhcGqNsjI/QxcVUegJ9tKtywXBdVtb/Star.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/0d6gYUal6P0KhcGqNsjI/QxcVUegJ9tKtywXBdVtb/Star.js
Protocol
H2
Server
2600:9000:20ae:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dee58c44e0dcf1463c881a3b94801bbd07702c39a5278c9264a2b02d7b5b3ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Apr 2024 09:36:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
86778
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="dU12tcNKCpSDmWPU0_ghhjiVbS6_L4gwgXqueQfdipiJ0Bv5vaQqnQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
vary
Accept-Encoding
timing-allow-origin
*
x-amz-cf-id
dU12tcNKCpSDmWPU0_ghhjiVbS6_L4gwgXqueQfdipiJ0Bv5vaQqnQ==

Redirect headers

date
Thu, 18 Apr 2024 09:17:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
1514
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
110
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/0d6gYUal6P0KhcGqNsjI/QxcVUegJ9tKtywXBdVtb/Star.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
JqCmmwzWM0PuvDpWDrqB4X3RRMQE8NL5y4BnGY2Z5rZE4QW0oyiHsw==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| animator function| HandoffAppearAnimations undefined| HandoffCancelAllAnimations object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __framer_importFromPackage object| process object| __framer_events function| __send_framer_event boolean| HandoffComplete

2 Cookies

Domain/Path Name / Value
.billblitz.eu/ Name: _ga_MN1N4FEJL3
Value: GS1.1.1713433386.1.0.1713433386.0.0.0
.billblitz.eu/ Name: _ga
Value: GA1.1.856991461.1713433387

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billblitz.eu
events.framer.com
fonts.gstatic.com
framer.com
framerusercontent.com
region1.google-analytics.com
www.billblitz.eu
www.googletagmanager.com
18.173.187.44
2001:4860:4802:32::36
2600:9000:20ae:800:d:ada1:a280:93a1
2600:9000:237d:800:10:9b9d:b9c0:93a1
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
52.223.52.2
54.230.228.12
01a680760ba22400ce0a82f5ef56931829c41d436cfa8a5d047689a2e708a697
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
20152264ebe8c42eda5a2cb5f044bcba05c079c4f39d7495fe913424c11b502c
258347f6608b6f352bf5ccfc0798bdcbdc90c1b9b7e4a814da90f63d33112c0f
28686f7a711699b27dc7c78820214f80f436049ba7c09403022c7a7df0c12d10
36914d0ba0b950a0472e7aa228f8a1133e03c8b15923e70d93d62f85a9569b67
4266dd1a7fa854b83ebd9a1c2aabdcbb59b47528fc5ea078beb08b5cd3bd0d77
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
553d46416c268295c8cbd83ce39c1de35a1cecf34df26b5b67e77633eb8d6ad2
562ee42143f533a2782d52a869fbdb864797aa7f7a8d755ff3152b8c051705de
5d1c8c625191de25321ca95048d185acd2e61f8927dbc55e18a22b829fdad3c3
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
7e9730d243c88b56be8811c6542aa395bce4dea326d224839ec0148c9a364be8
8ffb5b6f8af738af123f486cfa35b1748724683064f7d9267ff384c6de6ffa92
9187cc7b664428efd75424eb009c53882dc00fb2eda315325d18f3ed52686343
99dd2a23efd0050b489df6b36ef5ccbf60c40f32fb7283419917102ea245eb9b
9ae1b6e88666f828851af9d13d3ba9039f8532423992f689465e1f99b2c52d68
a12d4d5ba08574135af7834aabfd7dad16091df8aef2b90b148c696298498913
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
b053b9cd8be44c76c4f0343cd8d295866e704908bf8712cc462ade006890c00b
bb0feebe90cc70f03cb981fc1bc692876b7834e6f473df49624fbaa8f4d66cd7
d0602000985acc4449c95ab9173734cf44e775fd176c48769d8e6a4c247ddb89
de93109f857fa5826cc40baf3855622adc9c2a3d7780834f15177a3571e94295
dee58c44e0dcf1463c881a3b94801bbd07702c39a5278c9264a2b02d7b5b3ab9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e906cc42f7da1c224550fa53e960f6f24b7b687b80a4d872727726fe5f10de3e
eb09dcf1a876cba56b357d13f1e6cdeaf55266ff9a50afc33ba194bae40bf6a3
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
f1717b92afd21e8ccb62e6fd8cfe010f092073543da9ca821ad4ed1b4a01a32e
fa50c47c79f9754d5644b30e9300a75a8b96c664b04ea7b01f1573dd75835ec5