urlscan.io logo urlscan.io
SecurityTrails logo

www.hrs-solenthaler.ch Open in urlscan Pro
52.2.192.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hrs-solenthaler.ch/
Effective URL: https://www.hrs-solenthaler.ch/
Submission: On June 04 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 36 HTTP transactions. The main IP is 52.2.192.9, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.hrs-solenthaler.ch.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on February 6th 2024. Valid for: a year.
This is the only time www.hrs-solenthaler.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    52.2.192.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-192-9.compute-1.amazonaws.com
hrs-solenthaler.ch
www.hrs-solenthaler.ch
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.16.87.87 (None, )

ASN13335 (CLOUDFLARENET, US)
analytics.yolacdn.net
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:400c:c0b::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2606:4700::6810:7e31 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.yola.com
2    2600:1f18:243f:2d00:bebf:47da:5e76:4b22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.sitewit.com
1    2600:9000:20ae:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
14 hrs-solenthaler.ch
hrs-solenthaler.ch
www.hrs-solenthaler.ch
70 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1705
syndication.twitter.com — Cisco Umbrella Rank: 2124
31 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 226
accounts.google.com — Cisco Umbrella Rank: 49
112 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 613
fonts.googleapis.com — Cisco Umbrella Rank: 101
41 KB
2 sitewit.com
analytics.sitewit.com — Cisco Umbrella Rank: 85501
21 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2262
pixel.quantserve.com — Cisco Umbrella Rank: 1583
10 KB
2 gstatic.com
fonts.gstatic.com
33 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 2128
642 B
1 yola.com
pixel.yola.com — Cisco Umbrella Rank: 482880
408 B
1 yolacdn.net
analytics.yolacdn.net — Cisco Umbrella Rank: 484256
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
3 KB
36 12
Domain Requested by
13 www.hrs-solenthaler.ch 1 redirects www.hrs-solenthaler.ch
4 platform.twitter.com www.hrs-solenthaler.ch
platform.twitter.com
3 apis.google.com www.hrs-solenthaler.ch
apis.google.com
2 analytics.sitewit.com analytics.yolacdn.net
www.hrs-solenthaler.ch
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.hrs-solenthaler.ch
1 syndication.twitter.com www.hrs-solenthaler.ch
1 pixel.quantserve.com www.hrs-solenthaler.ch
1 rules.quantcount.com secure.quantserve.com
1 pixel.yola.com analytics.yolacdn.net
1 accounts.google.com apis.google.com
1 secure.quantserve.com www.hrs-solenthaler.ch
1 analytics.yolacdn.net www.hrs-solenthaler.ch
1 www.facebook.com www.hrs-solenthaler.ch
1 cdnjs.cloudflare.com www.hrs-solenthaler.ch
1 fonts.googleapis.com www.hrs-solenthaler.ch
1 hrs-solenthaler.ch 1 redirects
36 17

This site contains no links.

Subject Issuer Validity Valid
*.yolasite.com
RapidSSL TLS RSA CA G1		 2024-02-06 -
2025-03-08		 a year crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.apis.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-13 -
2024-06-11		 3 months crt.sh
yolacdn.net
GTS CA 1P5		 2024-06-02 -
2024-08-31		 3 months crt.sh
quantserve.com
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
yola.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-20 -
2024-08-19		 a year crt.sh
syndication.twitter.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.hrs-solenthaler.ch/
Frame ID: A346859B4C30C7F626873A1F8F68E025
Requests: 31 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?send=false&href=http%3A%2F%2Fwww.hrs-solenthaler.ch%2F&layout=box_count&show_faces=false&action=like&width=74&height=62&locale=de_DE
Frame ID: F7AA1681A69C419735BA71D654845BC5
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&count=false&hl=de&origin=https%3A%2F%2Fwww.hrs-solenthaler.ch&url=https%3A%2F%2Fwww.hrs-solenthaler.ch%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.vSZJUCBxiHc.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q%2Fm%3D__features__
Frame ID: FF7578A2C6D786F27165F0B908BE1216
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.hrs-solenthaler.ch
Frame ID: FE91DF5B46FDC8848D81727410A0C6D1
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.hrs-solenthaler.ch&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.vSZJUCBxiHc.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q%2Fm%3D__features__
Frame ID: AB670DC77CCAC485E7B5D86A8EC2BC16
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.de.html
Frame ID: D099AD0342CDF2BF9E11DAC8DC268280
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Solenthaler HR-Services

Page URL History Show full URLs

  1. https://hrs-solenthaler.ch/ HTTP 301
    https://www.hrs-solenthaler.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

64 %
HTTPS

73 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

326 kB
Transfer

712 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hrs-solenthaler.ch/ HTTP 301
    https://www.hrs-solenthaler.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.hrs-solenthaler.ch/favicon.ico HTTP 301
  • https://www.hrs-solenthaler.ch/favicon.ico.php

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hrs-solenthaler.ch/
Redirect Chain
  • https://hrs-solenthaler.ch/
  • https://www.hrs-solenthaler.ch/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
e54b4873aae03290167f2b716c3dc4c251bbce7a57d89e5924c364a12383d428

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 10:33:41 GMT
last-modified
Wed, 02 Nov 2016 14:40:14 GMT
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-hrouter
hrouter4
x-hstore
hstore8

Redirect headers

age
0
content-length
166
content-type
text/html
date
Tue, 04 Jun 2024 10:33:41 GMT
location
https://www.hrs-solenthaler.ch/
x-cache
MISS
x-cache-hits
0
x-hrouter
hrouter3
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.2/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 15:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6918
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 15:51:58 GMT
css
fonts.googleapis.com/ 		2 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Allerta|Crimson+Text
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e43c66a65fb6737e47215313f1f0e9ca3a1507897f72327e53816a9eadc8921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 10:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 10:33:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 10:33:41 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 09:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jun 2025 09:07:03 GMT
flyoutmenu.css
www.hrs-solenthaler.ch/classes/commons/resources/flyoutmenu/ 		2 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hrs-solenthaler.ch/classes/commons/resources/flyoutmenu/flyoutmenu.css
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
8fab8908c0e00afdbda7b7650a1691bbf3a58e2537bc2c12eb77ae1405a4cbf8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:41 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2016 22:37:10 GMT
age
0
etag
W/"5771aa96-8d4"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
transfer-encoding
chunked
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter4
x-cache-hits
0
flyoutmenu.js
www.hrs-solenthaler.ch/classes/commons/resources/flyoutmenu/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hrs-solenthaler.ch/classes/commons/resources/flyoutmenu/flyoutmenu.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
a97912bc4fdc1530a1b23246106b706e1ca91d322b84d793b5c126df341e31f5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2016 22:37:29 GMT
age
0
etag
W/"5771aaa9-e11"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
transfer-encoding
chunked
lookup-cache-hit
1
x-hstore
hstore9
accept-ranges
bytes
x-hrouter
hrouter3
x-cache-hits
0
global.css
www.hrs-solenthaler.ch/classes/commons/resources/global/ 		969 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hrs-solenthaler.ch/classes/commons/resources/global/global.css
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
23750febfc516242a42c64e41801ad5692a672bbdcd3fd1ccbf3a5c027b60bf9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:41 GMT
last-modified
Mon, 27 Jun 2016 22:37:10 GMT
age
0
etag
"5771aa96-3c9"
x-cache
MISS
content-type
text/css
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter4
content-length
969
x-cache-hits
0
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 10:33:41 GMT
Content-Encoding
gzip
Age
1113
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/67C0)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
plusone.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01959fa50240a3988af2cf90e369268557b73f8c0f755a626e12a191385e38eb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 10:33:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"b8c5d00a5c655469"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jun 2024 10:33:41 GMT
fastclick.min.js
cdnjs.cloudflare.com/ajax/libs/fastclick/1.0.3/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fastclick/1.0.3/fastclick.min.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eea65f2779554b49d066e5c81d96481c1c42ae541074500d5a0e54c1e1f0f24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
391966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2094
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-1f54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BG5pG684XyLVlp3p8l4gbmZWeHn%2B0nKAIz8ZlC%2FQJIGAaAjIu5jFh5irRZk%2FCLrgv8XPLKUFRqK6zsyK8wa4ZCqCeQl8%2FhGc432fQ9dg01cLH%2FLlBhYKJkGxkwP6SNrIbm87g2P0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88e74424298abab8-MXP
expires
Sun, 25 May 2025 10:33:41 GMT
background.jpg
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/background.jpg
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
7e440940e87a0f7bec97518d727f9dcff7aea5da65f84e72c7b358684079e456

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Mon, 02 May 2016 19:21:47 GMT
age
0
etag
"5727a8cb-27b1"
x-cache
MISS
content-type
image/jpeg
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter3
content-length
10161
x-cache-hits
0
nav-menu-bckg.png
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		911 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/nav-menu-bckg.png
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
03b3095347a4eb6fc8376de14bac6b2eb8b79b40118da6170afa9861a5f959de

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Mon, 02 May 2016 19:21:47 GMT
age
0
etag
"5727a8cb-38f"
x-cache
MISS
content-type
image/png
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter3
content-length
911
x-cache-hits
0
selected-menu-bckg.png
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		877 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/selected-menu-bckg.png
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
254eb67b6f7d6dc89813555b0cbe00e2e13899a2ec550658908f6e16b60fdc04

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Mon, 02 May 2016 19:21:47 GMT
age
0
etag
"5727a8cb-36d"
x-cache
MISS
content-type
image/png
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter3
content-length
877
x-cache-hits
0
banner.jpg
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/banner.jpg
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
fa1cbb11e6a0daf9668f4a4edcd5df35cf5fe10fe92d699ba2fe040826c5f395

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Tue, 03 May 2016 07:29:43 GMT
age
0
etag
"57285367-a194"
x-cache
MISS
content-type
image/jpeg
lookup-cache-hit
1
x-hstore
hstore9
accept-ranges
bytes
x-hrouter
hrouter3
content-length
41364
x-cache-hits
0
banner-drop-shadow.png
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/banner-drop-shadow.png
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
96036da0021ad72f37a93d0e006763a425ba7131752e4dfe46e94e1e499b1c17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Mon, 02 May 2016 19:21:47 GMT
age
0
etag
"5727a8cb-101b"
x-cache
MISS
content-type
image/png
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter4
content-length
4123
x-cache-hits
0
TwMO-IAHRlkbx940YnYXSA.woff2
fonts.gstatic.com/s/allerta/v18/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allerta|Crimson+Text
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.hrs-solenthaler.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:04:30 GMT
x-content-type-options
nosniff
age
293352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:20:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 01:04:30 GMT
like.php
www.facebook.com/plugins/ Frame F7AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?send=false&href=http%3A%2F%2Fwww.hrs-solenthaler.ch%2F&layout=box_count&show_faces=false&action=like&width=74&height=62&locale=de_DE
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.hrs-solenthaler.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Tue, 04 Jun 2024 10:33:42 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1208, tbw=2771, tp=-1, tpl=-1, uplat=99, ullat=0
x-fb-debug
AhQSerkLe1CkolL/GCeOrGiepJp3FNDfmqfoaQdJNFi7dzi5TN2fZo7m7DOOxbFJPH498i493ILkOmnuB8LP+Q==
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/ 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51e17947ca9f8f6ea57ed44f274ab879a8d135fb63bdc99d3660c060229938dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 16:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56673
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 May 2025 16:50:29 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/ 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23bd3593d73c054c5a1cae5f5407191050d658057cfdd116f0e62a826cb46e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 02:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35061
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jun 2025 02:08:33 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame FF75 		0
0
wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v19/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allerta|Crimson+Text
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.hrs-solenthaler.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 17:46:06 GMT
x-content-type-options
nosniff
age
319656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25184
x-xss-protection
0
last-modified
Tue, 24 May 2022 18:26:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 May 2025 17:46:06 GMT
tracking.js
analytics.yolacdn.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.yolacdn.net/tracking.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7a1a3441bc03a2e53d2ae586672aa277845f970cff10899b8a97b2bf54680b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 26 Jun 2023 14:00:24 GMT
server
cloudflare
age
5476
etag
W/"649999f8-342e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200, public
cf-ray
88e744273ebbbb1d-MXP
alt-svc
h3=":443"; ma=86400
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 11 Jun 2024 10:33:42 GMT
footer-background.jpg
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		309 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/footer-background.jpg
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
0ad807d36b97e384aab33ce9a3535bf0682a71b3586530dc20e806e50f48879e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Mon, 02 May 2016 19:21:47 GMT
age
0
etag
"5727a8cb-135"
x-cache
MISS
content-type
image/jpeg
lookup-cache-hit
1
x-hstore
hstore8
accept-ranges
bytes
x-hrouter
hrouter3
content-length
309
x-cache-hits
0
shadow-footer.png
www.hrs-solenthaler.ch/templates/Accountants/resources/images/ 		118 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrs-solenthaler.ch/templates/Accountants/resources/images/shadow-footer.png
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
f4b99cf72b56bef8d2ab23793867dc2653e1462b59fec2b7d2b16be104961690

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
last-modified
Tue, 03 May 2016 07:29:43 GMT
age
0
etag
"57285367-76"
x-cache
MISS
content-type
image/png
lookup-cache-hit
1
x-hstore
hstore9
accept-ranges
bytes
x-hrouter
hrouter3
content-length
118
x-cache-hits
0
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame FE91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.hrs-solenthaler.ch
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.hrs-solenthaler.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6157980
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 04 Jun 2024 10:33:42 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
postmessageRelay
accounts.google.com/o/oauth2/ Frame AB67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.hrs-solenthaler.ch&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.vSZJUCBxiHc.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KCn3kq9j0m__YBjMZCjIEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.hrs-solenthaler.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KCn3kq9j0m__YBjMZCjIEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Tue, 04 Jun 2024 10:33:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
LoggingAgent
pixel.yola.com/LoggingAgent/ 		12 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yola.com/LoggingAgent/LoggingAgent?url=//www.hrs-solenthaler.ch/&pagename=index&siteid=8a4986c93cf21c77013d0cbb04356648&resolution=1600x1200&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=CAC49E54-4CD0-0001-62B0-18601F3D36B0&visitId=CAC49E54-4DB0-0001-C35A-1913C0301A32&user_id=2c4261e75eb14460ac71f3b2a51f5fb6&partner_id=WL_SWITCHPLUS&LoggingAgentReturnType=script
Requested by
Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 10:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
cf-ray
88e74428889e0a5f-AMS
expires
-1
sw.js
analytics.sitewit.com/partner/yola/8a4986c93cf21c77013d0cbb04356648/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/partner/yola/8a4986c93cf21c77013d0cbb04356648/sw.js
Requested by
Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d00:bebf:47da:5e76:4b22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bfd718ce4f64bb5207b25cc82a8b9b74455acd2a80121f94a3b851bccde8b8d8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript; charset=utf-8
date
Tue, 04 Jun 2024 10:33:42 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
20128
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
rules-p-b8x17GqsQ_656.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-b8x17GqsQ_656.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47af3d8bf9a6829c236e1941372015d8134c2bf6d52c3438d2819e55a3203ef4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:42 GMT
via
1.1 3909cd34f904454f54cf78c975b2c198.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:23:33 GMT
server
AmazonS3
etag
"c1c31c78be743444fcdde67a047bd8d0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
8d0UV-a6UH3JKJ9QR5u7CCa2g4CeXHnnTCwpSZL1_2M8E4FkaOiF0g==
pixel;r=638895297;rf=0;a=p-b8x17GqsQ_656;url=https%3A%2F%2Fwww.hrs-solenthaler.ch%2F;uht=2;fpan=1;fpa=P0-1238518807-1717497222400;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=h...
pixel.quantserve.com/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=638895297;rf=0;a=p-b8x17GqsQ_656;url=https%3A%2F%2Fwww.hrs-solenthaler.ch%2F;uht=2;fpan=1;fpa=P0-1238518807-1717497222400;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=hrs-solenthaler.ch;dst=1;et=1717497222493;tzo=-120;ogl=;ses=5cfcf597-e96c-4641-a99c-a5733b40023b;mdl=
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 10:33:42 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 10:33:42 GMT
Content-Encoding
gzip
Age
6164872
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/67C0)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.de.html
platform.twitter.com/widgets/ Frame D099 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.de.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.hrs-solenthaler.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6164857
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12665
Content-Type
text/html; charset=utf-8
Date
Tue, 04 Jun 2024 10:33:42 GMT
Etag
"b71765fbac0839ce6ea737fbde6f8963+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6762)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.hrs-solenthaler.ch%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22de%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1717497222663%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=06279c58744024df134ebef88b13cce02debb55c
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
110
date
Tue, 04 Jun 2024 10:33:42 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Jun 2024 10:33:42 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
76bbfeb472e4ceb8
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
e95c2ed690f9da5576e01ce14e143d7a567bce59ff7ea527ec12a33636e77bb7
content-length
43
cq_blank.gif
analytics.sitewit.com/images/ 		35 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=8A4986C93CF21C77013D0CBB04356648&_sw_uid=44182948-d8ca-4600-b221-c0b92f11d085&_sw_fp=81078f3e10508b88e847906bfeb785d272fdd7ec&_sw_pl=660&_sw_pc=5&_sw_dat=MXx3d3cuaHJzLXNvbGVudGhhbGVyLmNofGh0dHBzOi8vd3d3Lmhycy1zb2xlbnRoYWxlci5jaC98ZGUtQ0h8MTYwMHwxMjAwfDI0fENocm9tZS8xMjUuMC4wLjB8eDY0fDF8MHwxfDB8LXx8LXwtfC18MmEwMjo2ZWEwOmQ0MTg6MDo1Yjc6OjF8MA==&to=982
Requested by
Host: www.hrs-solenthaler.ch
URL: https://www.hrs-solenthaler.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d00:bebf:47da:5e76:4b22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hrs-solenthaler.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:33:43 GMT
last-modified
Thu, 24 Jun 2010 20:21:15 GMT
server
Microsoft-IIS/10.0
etag
"9f8deacbda13cb1:0"
content-type
image/gif
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control
no-cache
accept-ranges
bytes
content-length
35
favicon.ico.php
www.hrs-solenthaler.ch/
Redirect Chain
  • https://www.hrs-solenthaler.ch/favicon.ico
  • https://www.hrs-solenthaler.ch/favicon.ico.php
586 B
614 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hrs-solenthaler.ch/favicon.ico.php
Protocol
HTTP/1.1
Server
52.2.192.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-192-9.compute-1.amazonaws.com
Software
/
Resource Hash
2ac47693ade677565c3e584a5a29899be8a72905f2fb36198a7cfba8b4172dc9

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.hrs-solenthaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 10:33:43 GMT
content-encoding
gzip
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=utf-8
transfer-encoding
chunked
lookup-cache-hit
1
x-cache-hits
0

Redirect headers

date
Tue, 04 Jun 2024 10:33:43 GMT
age
0
transfer-encoding
chunked
x-cache
MISS
content-type
text/html; charset=UTF-8
location
https://www.hrs-solenthaler.ch/favicon.ico.php
lookup-cache-hit
1
x-hstore
hstore8
x-hrouter
hrouter3
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apis.google.com
URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&count=false&hl=de&origin=https%3A%2F%2Fwww.hrs-solenthaler.ch&url=https%3A%2F%2Fwww.hrs-solenthaler.ch%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.vSZJUCBxiHc.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| Ha object| webfont object| WebFont function| $ function| jQuery object| flyoutMenu object| swRegisterManager function| swPostRegister object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl function| FastClick boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget boolean| deviceIsBlackBerry10 object| _yts object| tracking_tag object| _qevents object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| UUID function| createCookie function| readCookie function| getPageName function| pmv_getUrlStat function| _pmv_src function| _pmv_log_sync function| load_script function| _ysw object| swfobject string| visitorId object| uuid string| visitId string| pmv_jav string| pmv_cookie string| pmv_fla object| pmv_do string| pmv_rtu string| pmv_logging_location object| x function| quantserve function| __qc object| ezt object| _qoptions object| _sw_b6 function| _swInitPageRegister function| _sw_analytics function| _sw_cookie function| _sw_user_info function| _sw_hit_info function| _sw_item function| _sw_transaction function| _sw_crypto object| sw object| uapl string| enctype object| oa string| vers string| osv number| c2 number| c1

7 Cookies

Domain/Path Name / Value
www.hrs-solenthaler.ch/ Name: synthasiteVisitorId
Value: CAC49E54-4CD0-0001-62B0-18601F3D36B0
www.hrs-solenthaler.ch/ Name: synthasiteVisitId
Value: CAC49E54-4DB0-0001-C35A-1913C0301A32
.quantserve.com/ Name: mc
Value: 665eed86-845e8-6be91-2d74e
.hrs-solenthaler.ch/ Name: __qca
Value: P0-1238518807-1717497222400
.yola.com/ Name: __cf_bm
Value: KCdKsRO3WkWSBHCVOwk6U_sg2PeYoc8Q3U1WvT4pSN8-1717497222-1.0.1.1-oQ_JzhK8eXOocl54MezZb_5hKG_fpZfJCiQM.rYVwqnJhIIopUnDuIz0ra_8jwYh0kJxk43sJzEHGLFWlG27D6FLj15b0rkkPxuOVv_rBs8
.hrs-solenthaler.ch/ Name: _swa_u
Value: 44182948-d8ca-4600-b221-c0b92f11d085
analytics.sitewit.com/ Name: AWSALBCORS
Value: YiUlf4NdaOSY9GKfvV1+ks0kvUKrGQPeF/7MfoVWbLI/PtiEpvA5ucUHsoUv2Kg/c9AhCZEQI/OUkKxLZO0XCoscaAmCzZtljxnCYY2MQUuO0UkMvEDUmlDjkjeR

7 Console Messages

Source Level URL
Text
security error URL: https://apis.google.com/js/plusone.js(Line 62)
Message:
Mixed Content: The page at 'https://www.hrs-solenthaler.ch/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1717497222119&_gfid=I0_1717497222119&parent=https%3A%2F%2Fwww.hrs-solenthaler.ch&pfname=&rpctoken=29417194'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://www.hrs-solenthaler.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hrs-solenthaler.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hrs-solenthaler.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hrs-solenthaler.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hrs-solenthaler.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.hrs-solenthaler.ch/favicon.ico.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
analytics.sitewit.com
analytics.yolacdn.net
apis.google.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hrs-solenthaler.ch
pixel.quantserve.com
pixel.yola.com
platform.twitter.com
rules.quantcount.com
secure.quantserve.com
syndication.twitter.com
www.facebook.com
www.hrs-solenthaler.ch
apis.google.com
104.16.87.87
104.17.24.14
104.244.42.72
2600:1f18:243f:2d00:bebf:47da:5e76:4b22
2600:9000:20ae:f400:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:7e31
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c0b::54
2a03:2880:f177:83:face:b00c:0:25de
52.2.192.9
01959fa50240a3988af2cf90e369268557b73f8c0f755a626e12a191385e38eb
03b3095347a4eb6fc8376de14bac6b2eb8b79b40118da6170afa9861a5f959de
0ad807d36b97e384aab33ce9a3535bf0682a71b3586530dc20e806e50f48879e
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
23750febfc516242a42c64e41801ad5692a672bbdcd3fd1ccbf3a5c027b60bf9
23bd3593d73c054c5a1cae5f5407191050d658057cfdd116f0e62a826cb46e0d
254eb67b6f7d6dc89813555b0cbe00e2e13899a2ec550658908f6e16b60fdc04
2ac47693ade677565c3e584a5a29899be8a72905f2fb36198a7cfba8b4172dc9
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47af3d8bf9a6829c236e1941372015d8134c2bf6d52c3438d2819e55a3203ef4
4e43c66a65fb6737e47215313f1f0e9ca3a1507897f72327e53816a9eadc8921
51e17947ca9f8f6ea57ed44f274ab879a8d135fb63bdc99d3660c060229938dd
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6eea65f2779554b49d066e5c81d96481c1c42ae541074500d5a0e54c1e1f0f24
7e440940e87a0f7bec97518d727f9dcff7aea5da65f84e72c7b358684079e456
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c7a1a3441bc03a2e53d2ae586672aa277845f970cff10899b8a97b2bf54680b
8fab8908c0e00afdbda7b7650a1691bbf3a58e2537bc2c12eb77ae1405a4cbf8
96036da0021ad72f37a93d0e006763a425ba7131752e4dfe46e94e1e499b1c17
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a97912bc4fdc1530a1b23246106b706e1ca91d322b84d793b5c126df341e31f5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bfd718ce4f64bb5207b25cc82a8b9b74455acd2a80121f94a3b851bccde8b8d8
e54b4873aae03290167f2b716c3dc4c251bbce7a57d89e5924c364a12383d428
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
f4b99cf72b56bef8d2ab23793867dc2653e1462b59fec2b7d2b16be104961690
fa1cbb11e6a0daf9668f4a4edcd5df35cf5fe10fe92d699ba2fe040826c5f395