urlscan.io logo urlscan.io
SecurityTrails logo

www.bmtheater.ch Open in urlscan Pro
52.209.5.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://baslermarionettentheater.ch/
Effective URL: https://www.bmtheater.ch/
Submission: On May 18 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 52.209.5.8, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.bmtheater.ch.
TLS certificate: Issued by R3 on March 16th 2024. Valid for: 3 months.
This is the only time www.bmtheater.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.213.16.110 16509 (AMAZON-02)
1 52.209.5.8 16509 (AMAZON-02)
4 151.101.194.2 54113 (FASTLY)
2 151.101.66.2 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
12 151.101.130.2 54113 (FASTLY)
4 172.64.146.218 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.72.164.245 16509 (AMAZON-02)
28 10
1    52.213.16.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-16-110.eu-west-1.compute.amazonaws.com
baslermarionettentheater.ch
1    52.209.5.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-5-8.eu-west-1.compute.amazonaws.com
www.bmtheater.ch
4    151.101.194.2 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.jimstatic.com
2    151.101.66.2 (San Francisco, United States)

ASN54113 (FASTLY, US)
u.jimcdn.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
12    151.101.130.2 (San Francisco, United States)

ASN54113 (FASTLY, US)
image.jimcdn.com
4    172.64.146.218 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
fonts.jimstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    54.72.164.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-164-245.eu-west-1.compute.amazonaws.com
a.jimdo.com
Apex Domain
Subdomains		 Transfer
14 jimcdn.com
u.jimcdn.com — Cisco Umbrella Rank: 108214
image.jimcdn.com — Cisco Umbrella Rank: 76987
1 MB
8 jimstatic.com
assets.jimstatic.com — Cisco Umbrella Rank: 101464
fonts.jimstatic.com — Cisco Umbrella Rank: 95581
334 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
ssl.google-analytics.com — Cisco Umbrella Rank: 654
17 KB
1 jimdo.com
a.jimdo.com — Cisco Umbrella Rank: 108792
197 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
72 KB
1 bmtheater.ch
www.bmtheater.ch
13 KB
1 baslermarionettentheater.ch
baslermarionettentheater.ch
338 B
28 7
Domain Requested by
12 image.jimcdn.com www.bmtheater.ch
4 fonts.jimstatic.com u.jimcdn.com
fonts.jimstatic.com
4 assets.jimstatic.com www.bmtheater.ch
2 ssl.google-analytics.com www.bmtheater.ch
2 u.jimcdn.com www.bmtheater.ch
1 a.jimdo.com assets.jimstatic.com
1 www.google-analytics.com www.bmtheater.ch
1 ajax.googleapis.com www.bmtheater.ch
1 www.bmtheater.ch
1 baslermarionettentheater.ch 1 redirects
28 10
Subject Issuer Validity Valid
www.bmtheater.ch
R3		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.jimstatic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.jimcdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
fonts.jimstatic.com
E1		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
prod.jimdo.systems
Amazon RSA 2048 M02		 2023-12-05 -
2025-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.bmtheater.ch/
Frame ID: E0D78C4BE545FCD3F9D3B384961C99E3
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vorhang auf für die Welt der Figuren - Basler Marionetten Theater

Page URL History Show full URLs

  1. https://baslermarionettentheater.ch/ HTTP 301
    https://www.bmtheater.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

1724 kB
Transfer

2658 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://baslermarionettentheater.ch/ HTTP 301
    https://www.bmtheater.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bmtheater.ch/
Redirect Chain
  • https://baslermarionettentheater.ch/
  • https://www.bmtheater.ch/
51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bmtheater.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.209.5.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-5-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2efe465a62c99a694730748e655a1feeb80388a648cc3c9948be2f313ae9eb78
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer
https://www.google.ch/
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 May 2024 05:15:32 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=604800
x-jimdo-instance
i-0064d4399ccc9d2fc
x-jimdo-wid
s8c9c2f2a3dee9daa

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 May 2024 05:15:32 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
no-cache, no-store, must-revalidate
location
https://www.bmtheater.ch/
x-jimdo-instance
i-06f2dc392d5bb6c12
x-jimdo-wid
s8c9c2f2a3dee9daa
ckies.js.0ebea1f10bb1204e4882.js
assets.jimstatic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/ckies.js.0ebea1f10bb1204e4882.js
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7133bda5818238d4560f512e65a9002839f8f27d2a78e8bd7be78c1f0e61709

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
H8pVv_0nIWZ.47gtGDdSdYP4a5M2CAXu
content-encoding
br
date
Sat, 18 May 2024 05:15:33 GMT
age
2175866
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
934
x-served-by
cache-lcy-eglc8600081-LCY, cache-mxp6950-MXP
x-timer
S1716009333.018870,VS0,VE0
etag
"a6a3f25c925f854fceca26596196e034"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
293852, 5885
cookieControl.js.19a3c1397bfcee31bfb4.js
assets.jimstatic.com/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/cookieControl.js.19a3c1397bfcee31bfb4.js
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5678c2f1f48b05eed423454ef3a502ccaa7d97b79d6415c51f0c2b496cc74b1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5ho2EtmeiPJdTPbK5yN9t1XYUU4HaePD
content-encoding
br
date
Sat, 18 May 2024 05:15:33 GMT
age
3867930
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
8970
x-served-by
cache-lcy-eglc8600053-LCY, cache-mxp6950-MXP
x-timer
S1716009333.018766,VS0,VE0
etag
"96ea391b1e900a2c0c8b4a33e923c9af"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15, 5907
layout.css
u.jimcdn.com/cms/o/s8c9c2f2a3dee9daa/layout/dm_2f130f1cfcf018a52693d7d84dfed423/css/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s8c9c2f2a3dee9daa/layout/dm_2f130f1cfcf018a52693d7d84dfed423/css/layout.css?t=1679479289
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f6fe82e4dfd96dfd41215497cdc38acdb09f7df43fda56be310b2bac5e6ebf6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mxp6943-MXP
date
Sat, 18 May 2024 05:15:33 GMT
content-encoding
gzip
via
1.1 varnish
age
48518
x-timer
S1716009333.023555,VS0,VE1
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=691200
vary
Accept-Encoding
accept-ranges
bytes
content-length
7623
x-cache-hits
0
web.css.6171c4a35b361b9030cb24d6de8164b8.css
assets.jimstatic.com/ 		228 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.css.6171c4a35b361b9030cb24d6de8164b8.css
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cf1a445873e559c98a3a1b4bd4911017a97c5f058adba615f939fc9a4eef9a3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
VJRnXFB93cYfzOhCwsVugiUCDQ1Gkk0h
content-encoding
br
date
Sat, 18 May 2024 05:15:33 GMT
age
2171838
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
63095
x-served-by
cache-lcy-eglc8600044-LCY, cache-mxp6950-MXP
x-timer
S1716009333.019027,VS0,VE0
etag
"cb1792b26d8bd6489d53a4e4b4677877"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
264034, 4463
web.js.30196931e46e05701bed.js
assets.jimstatic.com/ 		696 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.js.30196931e46e05701bed.js
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c8278dfaa34997f4d5b9bb5d02347d688e8d7f7760fae6afaf278d704e6f3ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Zz.qSN0J7iblCZFrLF3JOFceVg2po1ez
content-encoding
br
date
Sat, 18 May 2024 05:15:33 GMT
age
964763
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
235578
x-served-by
cache-lcy-eglc8600064-LCY, cache-mxp6950-MXP
x-timer
S1716009333.158943,VS0,VE0
etag
"9cee83113d63de086aa8a6b684dd976c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
95259, 39
jquery.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		242 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.js
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 05:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 05:36:52 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=193x10000:format=png/path/s8c9c2f2a3dee9daa/image/i26e5957bc15738ff/version/1500975972/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=193x10000:format=png/path/s8c9c2f2a3dee9daa/image/i26e5957bc15738ff/version/1500975972/image.png
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ce84c33c21c44c3f02c8b4db5dcac8d3492d338e1f0a077a27730223ed0d62f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
759643
x-cache
HIT, HIT
fastly-restarts
1
content-length
28276
x-served-by
cache-lcy-eglc8600082-LCY, cache-mxp6921-MXP
x-timer
S1716009333.018877,VS0,VE1
etag
"949be2da3601124c0fcde56c5ec7cb9b7478cf48"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Mon, 15 Jan 2024 22:12:41 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=700x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i887dd88f720d86c0/version/1693322035/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=700x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i887dd88f720d86c0/version/1693322035/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e98f180845c7e6013f48d666c91e19cbadf702a4eeb090e05205cecb69fe686
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
1293959
x-cache
HIT, HIT
fastly-restarts
1
content-length
37017
x-served-by
cache-lcy-eglc8600070-LCY, cache-mxp6921-MXP
x-timer
S1716009333.018854,VS0,VE1
etag
"2b87e2dab832f10bb5db828377f7d06f9dfb5412"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Fri, 24 May 2024 05:09:03 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i3d29de71cab2e555/version/1715519781/ 		652 KB
653 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i3d29de71cab2e555/version/1715519781/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfd07410c7c1f3c44085053fc01f64d3db2357bfdcc25500cccc15335c8e248f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
489545
x-cache
HIT, HIT
fastly-restarts
1
content-length
667991
x-served-by
cache-lcy-eglc8600062-LCY, cache-mxp6921-MXP
x-timer
S1716009333.057772,VS0,VE1
etag
"6cc9140e8bd4966c840480f57fe97e211bc11aab"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Wed, 12 Jun 2024 13:16:28 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i80a1928b9500cb34/version/1715519770/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i80a1928b9500cb34/version/1715519770/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68adb561a08104e80640e907420fd3d4c7078ae4e40b9cee4e0322fb202addc5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
489545
x-cache
HIT, HIT
fastly-restarts
1
content-length
15680
x-served-by
cache-lcy-eglc8600043-LCY, cache-mxp6921-MXP
x-timer
S1716009333.063381,VS0,VE1
etag
"817c90489abdf91ed3b105d2c69967dd71a63aa0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Wed, 12 Jun 2024 13:16:28 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=png/path/s8c9c2f2a3dee9daa/image/i387e381c2784f693/version/1715519761/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=png/path/s8c9c2f2a3dee9daa/image/i387e381c2784f693/version/1715519761/image.png
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8dde7ac86c2c655a00253641c1fc08ab0be08cbe1beea3076cbcf964bbef404
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
304705
x-cache
HIT, HIT
fastly-restarts
1
content-length
66447
x-served-by
cache-lcy-eglc8600046-LCY, cache-mxp6921-MXP
x-timer
S1716009333.123176,VS0,VE1
etag
"c00d02846c11e0c0400b905fe06620d76ea92a06"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Wed, 12 Jun 2024 13:16:28 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=png/path/s8c9c2f2a3dee9daa/image/id570f911f9dc0b0f/version/1715519747/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=png/path/s8c9c2f2a3dee9daa/image/id570f911f9dc0b0f/version/1715519747/image.png
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d0443d88db8bb93aa399587d0bcb62bc085487e6192dbc5d8f9888640294ee4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
489545
x-cache
HIT, HIT
fastly-restarts
1
content-length
87290
x-served-by
cache-lcy-eglc8600093-LCY, cache-mxp6921-MXP
x-timer
S1716009333.161458,VS0,VE1
etag
"1038d60273a27e283ca51d1a3c50509ad1a8330c"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Wed, 12 Jun 2024 13:16:28 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i015c793bee8482bf/version/1710512390/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i015c793bee8482bf/version/1710512390/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5faae4311136d23346f8e658456fa2b9f21bfd7fcd256a75978fb45e7ec79628
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
2665125
x-cache
HIT, HIT
fastly-restarts
1
content-length
55963
x-served-by
cache-lcy-eglc8600055-LCY, cache-mxp6921-MXP
x-timer
S1716009333.169713,VS0,VE1
etag
"f1532cf71eac59d945aa47e78058706d978ad0d2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Mon, 15 Apr 2024 14:37:22 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=png/path/s8c9c2f2a3dee9daa/image/i8101b59556ac5e9c/version/1714555270/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=png/path/s8c9c2f2a3dee9daa/image/i8101b59556ac5e9c/version/1714555270/image.png
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f41d85721e52f3ab9a238d73901dbcfbcb6e7ba04f60f0ce0346da848df18b51
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
1453876
x-cache
HIT, HIT
fastly-restarts
1
content-length
203242
x-served-by
cache-lcy-eglc8600043-LCY, cache-mxp6921-MXP
x-timer
S1716009333.169692,VS0,VE1
etag
"5b71441694bff8b4f97c5904a2f635edfa84d928"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Sat, 01 Jun 2024 09:24:16 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i5bdd620c1c014baa/version/1713949176/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=338x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i5bdd620c1c014baa/version/1713949176/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ccb6e6b32de7103ebb5fa1ffd4a8a2ab9d5fe17e096d8a7ec341c6b38d0332f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
946391
x-cache
HIT, HIT
fastly-restarts
1
content-length
36626
x-served-by
cache-lcy-eglc8600085-LCY, cache-mxp6921-MXP
x-timer
S1716009333.169997,VS0,VE1
etag
"df698b1ab9879f9f7e1e03f3d31965ddc360d690"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Sat, 25 May 2024 08:59:40 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=123x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i572683eb49a0b2c8/version/1647619927/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=123x10000:format=jpg/path/s8c9c2f2a3dee9daa/image/i572683eb49a0b2c8/version/1647619927/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2cbf0d169ae968234778f68f14bf4c08943da5836b24f74e0bb78ffc736b75e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
age
2080608
x-cache
HIT, HIT
fastly-restarts
1
content-length
14645
x-served-by
cache-lcy-eglc8600042-LCY, cache-mxp6921-MXP
x-timer
S1716009333.169995,VS0,VE1
etag
"365b16c1de02586ec80173c90c2bd68b2b8b02d7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Thu, 02 May 2024 14:29:52 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s8c9c2f2a3dee9daa/image/ide115c395489eaed/version/1649094459/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s8c9c2f2a3dee9daa/image/ide115c395489eaed/version/1649094459/image.jpg
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
730103d7cd7664517847bbfb4bb0f79ab20920779290f488faf66597564a9534

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 20 May 2024 04:22:25 GMT
x-amz-version-id
J.BoUzPgepHAYPRzRjtLrf2k3tUjTD.T
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
x-amz-request-id
RHZEDJRP7JEA77NX
age
261526
x-cache
HIT, HIT
content-disposition
inline; filename*=UTF-8''1649094459.jpg
fastly-restarts
1
x-amz-id-2
QcvgNwkisIyaYsXrGJn6Xc6LQf2mnlNRgFQFW6PyENhGm31OUMcGorqDN2SNO2WtU1Ro/Ax+Ah8=
x-served-by
cache-lcy-eglc8600056-LCY, cache-mxp6921-MXP
content-length
16069
last-modified
Mon, 04 Apr 2022 17:46:51 GMT
server
AmazonS3
x-timer
S1716009333.169994,VS0,VE1
etag
"11095f05553c5d1f523386bf24fad5a8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 0
css
fonts.jimstatic.com/ 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Roboto:400
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s8c9c2f2a3dee9daa/layout/dm_2f130f1cfcf018a52693d7d84dfed423/css/layout.css?t=1679479289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.218 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a63e8b95a1b8d16b134f37c0cb9f3ae94e5000895de2f7b4ba89d787d660a3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 05:15:33 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
last-modified
Sat, 18 May 2024 04:29:21 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
cf-ray
88595ebbbd7e24c4-ZRH
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
timing-allow-origin
*
expires
Sat, 18 May 2024 05:15:33 GMT
css
fonts.jimstatic.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Roboto%3Aregular%7CRoboto%20Slab%3Aregular%7CRoboto%20Slab%3Aregular%7CRoboto%20Slab%3Aregular%7CRoboto%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular%7CRoboto%3Aregular%7CMerriweather%3Aregular%7CRoboto%20Slab%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular&subset=latin
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s8c9c2f2a3dee9daa/layout/dm_2f130f1cfcf018a52693d7d84dfed423/css/layout.css?t=1679479289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.218 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e6e31bd2bdd5aa966fc21352bd3cedc4224473927b8f62fc9e546ec6997cd9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 05:15:33 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
last-modified
Sat, 18 May 2024 05:15:33 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
cf-ray
88595ebbbd7a24c4-ZRH
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
timing-allow-origin
*
expires
Sat, 18 May 2024 05:15:33 GMT
ga.js
www.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 May 2024 04:53:48 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1305
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 18 May 2024 06:53:48 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff54b9b6fe3d926d1d9a03e79000322dd5fa6896137f390660ac609d4c37898a

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.jimstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Roboto:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.218 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Origin
https://www.bmtheater.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 05:15:33 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
age
170874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88595ebc8efa0204-ZRH
expires
Fri, 09 May 2025 06:46:02 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.jimstatic.com/s/robotoslab/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Roboto%3Aregular%7CRoboto%20Slab%3Aregular%7CRoboto%20Slab%3Aregular%7CRoboto%20Slab%3Aregular%7CRoboto%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular%7CRoboto%3Aregular%7CMerriweather%3Aregular%7CRoboto%20Slab%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular%7CMerriweather%3Aregular&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.218 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Origin
https://www.bmtheater.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 05:15:33 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13992
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:45 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88595ebc8f040204-ZRH
expires
Thu, 15 May 2025 12:04:17 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=61008224&utmhn=www.bmtheater.ch&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-ch&utmje=0&utmfl=-&utmdt=Vorhang%20auf%20f%C3%BCr%20die%20Welt%20der%20Figuren%20-%20Basler%20Marionetten%20Theater&utmhid=865824396&utmr=-&utmp=%2F&utmht=1716009333263&utmac=UA-54490822-1&utmcc=__utma%3D254800923.424047114.1716009333.1716009333.1716009333.1%3B%2B__utmz%3D254800923.1716009333.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=535911032&utmredir=1&utmu=qAQgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 18 May 2024 05:15:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=532045727&utmhn=www.bmtheater.ch&utme=8(websiteid)9(s8c9c2f2a3dee9daa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-ch&utmje=0&utmfl=-&utmdt=Vorhang%20auf%20f%C3%BCr%20die%20Welt%20der%20Figuren%20-%20Basler%20Marionetten%20Theater&utmhid=865824396&utmr=-&utmp=%2F&utmht=1716009333265&utmac=UA-24230794-84&utmcc=__utma%3D254800923.424047114.1716009333.1716009333.1716009333.1%3B%2B__utmz%3D254800923.1716009333.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1399333278&utmredir=1&utmmt=1&utmu=qxQgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.bmtheater.ch
URL: https://www.bmtheater.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 18 May 2024 05:15:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
loginstate
a.jimdo.com/app/web/ 		64 B
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jimdo.com/app/web/loginstate?callback=jQuery112005159449288705074_1716009333209&owi=s8c9c2f2a3dee9daa&_=1716009333210
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.30196931e46e05701bed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.164.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-164-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
20641e1b7c77e5f9eb9878b2790853d63dbe25a46ef320fd9890d914a40e1bfb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 05:15:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
content-type
application/javascript
image.png
image.jimcdn.com/app/cms/image/transf/none/path/s8c9c2f2a3dee9daa/backgroundarea/iafa67ef5b0b3240c/version/1500969275/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s8c9c2f2a3dee9daa/backgroundarea/iafa67ef5b0b3240c/version/1500969275/image.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3e46a0ad85994ed3771e087c24883c9dd3b742e61c5e4a95d422ec30eeca63e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 18 May 2024 05:09:34 GMT
x-amz-version-id
Q.40S0c2tYoYLMFATGHENeTWH7SwIAJu
via
1.1 varnish, 1.1 varnish
date
Sat, 18 May 2024 05:15:33 GMT
x-amz-request-id
ZK0M0JSFE54R87B1
age
0
x-cache
HIT, HIT
content-disposition
inline; filename*=UTF-8''1500969275.png
fastly-restarts
1
x-amz-id-2
mpfciF0JZHvsk9/prjgwEngRncvhmImm84wzF8kcBBMWiJdOUMxEdS4JTMwxOlhoIX/ZqZN50H0=
x-served-by
cache-lcy-eglc8600020-LCY, cache-mxp6921-MXP
content-length
75718
last-modified
Tue, 25 Jul 2017 07:54:36 GMT
server
AmazonS3
x-timer
S1716009333.395747,VS0,VE157
etag
"bc6cecc4762c5bf448442a91d73d2be7"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 0
favicon.png
u.jimcdn.com/cms/o/s8c9c2f2a3dee9daa/img/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s8c9c2f2a3dee9daa/img/favicon.png?t=1476450106
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfb49c6350b38850de33c995be8d50d0a89677353118e89c3c5220bc734348ca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mxp6943-MXP
date
Sat, 18 May 2024 05:15:33 GMT
via
1.1 varnish
last-modified
Thu, 16 May 2024 05:06:55 GMT
age
173318
x-timer
S1716009333.396623,VS0,VE1
etag
"6645946f-b63"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-length
2915
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ckies object| __core-js_shared__ object| CookieControlSet object| CookieControl function| loadCss function| loadCSS function| onloadCSS object| jimdoData object| __regModuleBuffer function| regModule function| $ function| jQuery object| _gaq function| loadJimdoWebJsonp object| picturefillCFG function| picturefill function| jimdoGen002 object| Mustache object| Modernizr object| _jimBlob function| _jmdlg object| jQuery112005159449288705074 object| ModalWindow function| changeCaptcha object| ModernizrVideo function| _ function| $f function| Froogaloop function| _onLoadGooglePlus object| jsonCallback string| PAYMILL_PUBLIC_KEY object| _jimDoge function| setSrcSetImgWidth function| gaOptOut object| _gat object| gaGlobal

10 Cookies

Domain/Path Name / Value
.bmtheater.ch/ Name: __utma
Value: 254800923.424047114.1716009333.1716009333.1716009333.1
.bmtheater.ch/ Name: __utmc
Value: 254800923
.bmtheater.ch/ Name: __utmz
Value: 254800923.1716009333.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bmtheater.ch/ Name: __utmt_a
Value: 1
.bmtheater.ch/ Name: __utmb
Value: 254800923.1.10.1716009333
www.bmtheater.ch/ Name: __utmt_b
Value: 1
www.bmtheater.ch/ Name: __utma
Value: 254800923.424047114.1716009333.1716009333.1716009333.1
www.bmtheater.ch/ Name: __utmb
Value: 254800923.2.10.1716009333
www.bmtheater.ch/ Name: __utmc
Value: 254800923
www.bmtheater.ch/ Name: __utmz
Value: 254800923.1716009333.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jimdo.com
ajax.googleapis.com
assets.jimstatic.com
baslermarionettentheater.ch
fonts.jimstatic.com
image.jimcdn.com
ssl.google-analytics.com
u.jimcdn.com
www.bmtheater.ch
www.google-analytics.com
151.101.130.2
151.101.194.2
151.101.66.2
172.64.146.218
2a00:1450:4001:81d::2008
2a00:1450:4001:827::200e
2a00:1450:4001:830::200a
52.209.5.8
52.213.16.110
54.72.164.245
0c8278dfaa34997f4d5b9bb5d02347d688e8d7f7760fae6afaf278d704e6f3ab
0e98f180845c7e6013f48d666c91e19cbadf702a4eeb090e05205cecb69fe686
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1cf1a445873e559c98a3a1b4bd4911017a97c5f058adba615f939fc9a4eef9a3
20641e1b7c77e5f9eb9878b2790853d63dbe25a46ef320fd9890d914a40e1bfb
2cbf0d169ae968234778f68f14bf4c08943da5836b24f74e0bb78ffc736b75e4
2efe465a62c99a694730748e655a1feeb80388a648cc3c9948be2f313ae9eb78
2f6fe82e4dfd96dfd41215497cdc38acdb09f7df43fda56be310b2bac5e6ebf6
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
53e6e31bd2bdd5aa966fc21352bd3cedc4224473927b8f62fc9e546ec6997cd9
5678c2f1f48b05eed423454ef3a502ccaa7d97b79d6415c51f0c2b496cc74b1a
5ccb6e6b32de7103ebb5fa1ffd4a8a2ab9d5fe17e096d8a7ec341c6b38d0332f
5faae4311136d23346f8e658456fa2b9f21bfd7fcd256a75978fb45e7ec79628
68adb561a08104e80640e907420fd3d4c7078ae4e40b9cee4e0322fb202addc5
730103d7cd7664517847bbfb4bb0f79ab20920779290f488faf66597564a9534
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ce84c33c21c44c3f02c8b4db5dcac8d3492d338e1f0a077a27730223ed0d62f
92a63e8b95a1b8d16b134f37c0cb9f3ae94e5000895de2f7b4ba89d787d660a3
9d0443d88db8bb93aa399587d0bcb62bc085487e6192dbc5d8f9888640294ee4
9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806
a3e46a0ad85994ed3771e087c24883c9dd3b742e61c5e4a95d422ec30eeca63e
b7133bda5818238d4560f512e65a9002839f8f27d2a78e8bd7be78c1f0e61709
bfb49c6350b38850de33c995be8d50d0a89677353118e89c3c5220bc734348ca
bfd07410c7c1f3c44085053fc01f64d3db2357bfdcc25500cccc15335c8e248f
d8dde7ac86c2c655a00253641c1fc08ab0be08cbe1beea3076cbcf964bbef404
f41d85721e52f3ab9a238d73901dbcfbcb6e7ba04f60f0ce0346da848df18b51
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff54b9b6fe3d926d1d9a03e79000322dd5fa6896137f390660ac609d4c37898a