urlscan.io logo urlscan.io
SecurityTrails logo

rheintaler.ch Open in urlscan Pro
5.148.168.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Submission: On March 17 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 21 domains to perform 122 HTTP transactions. The main IP is 5.148.168.157, located in Zurich, Switzerland and belongs to NINE, CH. The main domain is rheintaler.ch.
TLS certificate: Issued by R3 on February 4th 2022. Valid for: 3 months.
This is the only time rheintaler.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 5.148.168.157 29691 (NINE)
1 2 37.252.172.36 29990 (ASN-APPNEX)
4 184.30.20.207 16625 (AKAMAI-AS)
1 18.64.115.68 16509 (AMAZON-02)
10 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.12.193 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
21 2a03:2880:f02... 32934 (FACEBOOK)
1 2600:9000:206... 16509 (AMAZON-02)
1 18.198.109.212 16509 (AMAZON-02)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 18.64.115.105 16509 (AMAZON-02)
8 2600:9000:231... 16509 (AMAZON-02)
2 7 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
122 30
20    5.148.168.157 (Zurich, Switzerland)

ASN29691 (NINE, CH)
PTR: origammirheintaler01.nine.ch
rheintaler.ch
assets.rheintaler.ch
2    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    18.64.115.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-68.txl50.r.cloudfront.net
platform-api.sharethis.com
10    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
s.imgur.com
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:f349 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2600:9000:206f:9a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a03:2880:f006:15:face:b00c:0:2 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    18.64.115.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-105.txl50.r.cloudfront.net
count-server.sharethis.com
8    2600:9000:2315:2800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
9    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
20 rheintaler.ch
rheintaler.ch
assets.rheintaler.ch
652 KB
19 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 635
1 MB
17 googlesyndication.com
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
182 KB
12 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4644
buttons-config.sharethis.com — Cisco Umbrella Rank: 5510
l.sharethis.com — Cisco Umbrella Rank: 4230
count-server.sharethis.com — Cisco Umbrella Rank: 11093
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10630
51 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
171 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
131 KB
8 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 133
www.facebook.com — Cisco Umbrella Rank: 96
69 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1093
4 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
107 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
www.google.de — Cisco Umbrella Rank: 6433
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
84 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 imgur.com
s.imgur.com — Cisco Umbrella Rank: 29299
3 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 359
2 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2180
963 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2051
16 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2038
20 KB
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 4760
357 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2209
892 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251
33 KB
122 21
Domain Requested by
19 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
18 rheintaler.ch rheintaler.ch
10 securepubads.g.doubleclick.net rheintaler.ch
securepubads.g.doubleclick.net
www.googletagservices.com
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
9 s0.2mdn.net e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
s0.2mdn.net
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 platform-cdn.sharethis.com rheintaler.ch
7 www.facebook.com 2 redirects connect.facebook.net
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 pixel.mathtag.com rheintaler.ch
pixel.mathtag.com
3 www.googletagservices.com securepubads.g.doubleclick.net
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
3 www.google.com rheintaler.ch
securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 connect.facebook.net rheintaler.ch
connect.facebook.net
2 www.google-analytics.com rheintaler.ch
www.google-analytics.com
2 s.imgur.com rheintaler.ch
s.imgur.com
2 assets.rheintaler.ch rheintaler.ch
2 secure.adnxs.com 1 redirects rheintaler.ch
1 track.hubspot.com
1 www.google.de rheintaler.ch
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 count-server.sharethis.com platform-api.sharethis.com
1 graph.facebook.com ajax.googleapis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 hello.myfonts.net rheintaler.ch
1 js.hs-scripts.com rheintaler.ch
1 ajax.googleapis.com rheintaler.ch
1 platform-api.sharethis.com rheintaler.ch
122 32
Subject Issuer Validity Valid
rheintaler.ch
R3		 2022-02-04 -
2022-05-05		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
assets.rheintaler.ch
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-24 -
2022-03-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 13 frames:

Primary Page: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Frame ID: B8465B0EF61B6921659BB03B2771D768
Requests: 61 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=1aef6233-3737-4400-9de6-7b2b9ab71171&no_iframe=1&mt_adid=243595&source=mathtag
Frame ID: E9396EC977F15F83F9E453E26D9B9955
Requests: 2 HTTP requests in this frame

Frame: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 75885E80D5462024FD6A661413BE4F2F
Requests: 1 HTTP requests in this frame

Frame: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5FADB021D257D3C64B74BD54ABC181CC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcCSy8An0VaV_itja2zXbzdHr6dL6-kc8pIOSeZhQEplNMfNorZ--qdNx0EjKCRYDCSVppG5mhsoDbbN-ekVguHemE4jwsg8ezmTQUlrWKwm_h8O4ZcDr45GXCosNJ4vY4R_fr7dP9FjzP2--t0UCqq6tbcTzgpm_zMcMpLJdh2Khqm8AMiIPvsj_10-TS7lhgedcUADATZiR2w-aTVTUnDCnPI-23giczeVRNId2s56raOBVmKDNx7mdd_R2PyQb36S2LMqJP2JKIHb0Bx5_oMOfvE4_VlSmKWwxEj5N3PI9EaDqfl4FRkoYF7tYwBFpgELEgXs3zrQ7Oa0E8kc-jSVmA0DmWm_swRA&sai=AMfl-YQG35qI5ZOLLhDrHYmDTsDQXO3o7LS0T80WqTHaGWcz5K3ycSo6v6rq-ALY3SAzuByrGZeazfRmibtMKH1lrdan9kWgtiqNFSISeGmZcuUaRiLJTAJAGnuqJm2C_2E1&sig=Cg0ArKJSzG3asqq_brOFEAE&uach_m=[UACH]&adurl=
Frame ID: 45D56EDC950E63BDCA114FADFE9A0E57
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviPniR-gO8KeGgxT3PbIOrjDp65JgZgRbZShWh9UluxFGQzkT-TNQLMxZrQFPEiW3iGlYIs5bCz67VMW8JON8d98-OD_vf2i7jgAnyk7AB2L-kZtPMAujyGjWrF8TtfCbhusWzQ8Q3-H71ntpLy9MPM-Cj3guhbrIdohQCh55F2DXAuPgM6T5xDA6p8VWcah0jTpy4eCv3SbwlLdyn66McT3MSTfQwkwKOPS2JYzZPdg7knRcLzQknb1_8M8Vhf60UaxtqXlEnjphj4_zGN7fE9NeYDj9YZu-AaevUOmeAprQqw0ZL46cfN4t6BH7pbbKgKyplfb6a15jOcCPQVWf5FOZ1hOBrgYepxN0ntqVxayZdDQQmqb7zcaM&sai=AMfl-YQmDeFURKD_ExPOtHDd69pu-YsEx6HrsEyho_J_XP9qqBTIUY1DwI7WoKbQ4ztiyiLSB6Uj1oFsMFRTLo3a2lrXRtKX_4T_18eQ4ctvbFvpiLIKe31uvIiNev-JzCK8&sig=Cg0ArKJSzB5dS9nnidgREAE&uach_m=[UACH]&adurl=
Frame ID: D19A2FDF335186F3862D93518370D939
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Frame ID: 137B13CA5BC5154E0D4144283607691E
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df259030bb0d573c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Frame ID: 49C2555CC0708A8172A6E114BFBB26DC
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Frame ID: 1C5A28B43D8F00D89BDD17F484622D65
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Frame ID: 4FF39A4D5C13290A1C339858001152A5
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217b78a217be4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Frame ID: 27E060F668C579530623E50B7897EA3A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 379B77227CE9BB8748C00715D100CBF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29C748FA600A94EFD95EC6D1F6D61C4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zwei Wechsel im Vorstand - rheintaler.ch

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

98 %
HTTPS

72 %
IPv6

21
Domains

32
Subdomains

30
IPs

5
Countries

2740 kB
Transfer

7667 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://secure.adnxs.com/seg?add=25417016&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1
Request Chain 88
  • https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Request Chain 89
  • https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 82328
rheintaler.ch/artikel/zwei-wechsel-im-vorstand/ 		36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
6c56c16580cc4d59f3b7c32b59ec586967eb89e0e02b14c739ba30f598f26503

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 17 Mar 2022 13:27:18 GMT
Server
Apache
Cache-Control
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
rhei-a.8668699d.css
rheintaler.ch/css/ 		159 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/css/rhei-a.8668699d.css
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
ec06fd9e7cdece14e722473b89ffb6edaa7bf385330ce39113643588b06a8bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 10:36:29 GMT
Server
Apache
ETag
"27ad7-5d80c1b225b83-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
22798
rhei-b.dd8c3dc5.css
rheintaler.ch/css/ 		349 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/css/rhei-b.dd8c3dc5.css
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
15017f7f166806cfcef0588034ac1c9a0fa502ff4546dd945d00b4fcb4f54b5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 10:36:30 GMT
Server
Apache
ETag
"575ef-5d80c1b22b943-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
30185
modernizr.92347b80.js
rheintaler.ch/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/js/modernizr.92347b80.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
b1c6b933014858ac8362a84daa391a04d2d7d39c44c9ba67f4291746060ee7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 10:36:30 GMT
Server
Apache
ETag
"2ce6-5d80c1b2326a3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
4973
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=25417016&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1
0
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 13:27:19 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c0375491-01ea-4b29-a4f2-dda20ca7502a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 13:27:19 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2ed6a60-472e-436e-9992-8c07aefc2f27
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1531295&mt_adid=243595&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4256 109297d master cdg-pixel-x3 config:1.0.0 /
Resource Hash
c599619a19a975dd4f1b566c3efac436724dade8181769111a77656b0af3935f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Server
MT3 4256 109297d master cdg-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1411
Expires
Thu, 17 Mar 2022 13:27:18 GMT
sharethis.js
platform-api.sharethis.com/js/ 		184 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-68.txl50.r.cloudfront.net
Software
/
Resource Hash
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:23:58 GMT
content-encoding
gzip
vary
Accept-Encoding
age
201
etag
W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 cb643617ee4bca09492409ac12401bfc.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
TXL50-P4
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
D2udOQS282Jli3nbMuia-dlmUZFENWrLHOYtRBwokrFHxFt4iMgsEA==
close.svg
rheintaler.ch/images/icons/ 		937 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rheintaler.ch/images/icons/close.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
41bc28d3388ccbd4d30955102fe5c3eaba696c9a072849d762e517fa6b1979cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:58 GMT
Server
Apache
ETag
"3a9-5d80c15b5bd7c"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
937
login-overlay.179b3e78.png
rheintaler.ch/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rheintaler.ch/images/login-overlay.179b3e78.png
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
87201145680dbffd0397623ba7cfb3543c0eaa2bee63ec075db0e1d8e23371da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:58 GMT
Server
Apache
ETag
"a65d-5d80c15b5bd7c"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
42589
storydetail_small_ys-0026.JPG
assets.rheintaler.ch/uploads/image/file/187933/933/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.rheintaler.ch/uploads/image/file/187933/933/storydetail_small_ys-0026.JPG
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
0c9005855317efbb20d77d5708bed6c4d4407a57734bf22bc021ba980b9f2b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Fri, 11 Mar 2022 14:53:45 GMT
Server
Apache
ETag
"9c50-5d9f27f5605d3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
40016
207360.jpg
rheintaler.ch/media/printads/2022-03-17/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rheintaler.ch/media/printads/2022-03-17/207360.jpg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
0c3b6f315c96eef816aae45c02790ea6752805301d0842b8352218dcf3fa2e77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Wed, 16 Mar 2022 22:55:02 GMT
Server
Apache
ETag
"2aaef-5da5dcdbcb3c2"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
174831
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f0f3699d9eb9e6b9dcebf7120e14755c1260313352d3ec659963c72b8a507377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27784
x-xss-protection
0
server
sffe
etag
"1160 / 370 of 1000 / last-modified: 1647515325"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Mar 2022 13:27:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 13:16:16 GMT
de_CH.js
rheintaler.ch/_routes/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/_routes/de_CH.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
3e1508907b24563f66afecbb68255184e59bbfeffd9c133113aca0fae9d4c806

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Server
Apache
ETag
"52459f49906f8cf959b37f01aa67eae4"
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, must-revalidate
Connection
close
Expires
Thu, 17 Mar 2022 23:00:00 GMT
main.6a927462.js
rheintaler.ch/js/ 		115 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/js/main.6a927462.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
e967fb8dba7170dbb7c1fcc0d4af7cea34ad464b892df32efc7d7b9629f7929f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 10:36:30 GMT
Server
Apache
ETag
"1cc83-5d80c1b2326a3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
34105
embed.js
s.imgur.com/min/ 		433 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.imgur.com/min/embed.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
via
1.1 varnish
last-modified
Mon, 14 Mar 2022 21:42:00 GMT
age
99
etag
"35a7c25618062b8160cabdc53e2f03a1"
x-served-by
cache-fra19121-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
x-timer
S1647523640.742341,VS0,VE1
content-length
433
x-cache-hits
1
gallery.e02a1b02.js
rheintaler.ch/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/js/gallery.e02a1b02.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
14d38e05ee174b84c0106fd20b544ac6e8cd5e99ac0de746ef885a69544ced21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 10:36:30 GMT
Server
Apache
ETag
"60ab-5d80c1b230763-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
6480
story.2ac009d0.js
rheintaler.ch/js/ 		130 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/js/story.2ac009d0.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
7e918df9b59bf81ca749f47ebc60fd6536bef997388b3cb6dbf250dc4a35e618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 10:36:30 GMT
Server
Apache
ETag
"82-5d80c1b233643-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
115
2906652.js
js.hs-scripts.com/ 		964 B
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2906652.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58a9629521cbe8c45fa38a5d108ef8c8bb248b74a00b74ca7480545f594882a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
5dd0d255-bbb5-4e5a-882c-58a65052d976
last-modified
Thu, 17 Mar 2022 13:25:12 GMT
server
cloudflare
x-trace
2BD5DBC723D70BA999D0B91B7FDDAB0C05F781C544000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://rheintaler.ch
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6ed610bc7bf25bfd-FRA
expires
Thu, 17 Mar 2022 13:28:19 GMT
292d20
hello.myfonts.net/count/ 		0
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/292d20
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
6ed610bbcb195ca4-FRA
content-length
0
expires
Fri, 17 Mar 2023 13:27:19 GMT
2D861B_2_0.woff2
rheintaler.ch/font/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/font/2D861B_2_0.woff2
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
66d6b7da2b114a46449210454bae21ea187d9aeb740a43d7443d800a1bc5da51

Request headers

Referer
https://rheintaler.ch/css/rhei-a.8668699d.css
Origin
https://rheintaler.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
ETag
"fe58-5d80c14c1f6f1"
Content-Length
65112
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6749
date
Thu, 17 Mar 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 17 Mar 2022 13:34:50 GMT
all.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/all.js
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3bc87c7baee6e6e194b09641a29999cc94e7be68a1ad8359ddf643857303132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
e+VaQ0wLfpQUQFBJ2m+3QA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
pKw9cKjcdjpYX/GefNNuBuzT6QU/8816goKX5kPIpfr4eT2Nse445jOQIa+XH7WqBlBCaRKXGv3G92U6SBWtsQ==
x-fb-trip-id
917726464
x-fb-content-md5
fe06f4d4a8b6808a5cfcd1cea9b984f5
x-frame-options
DENY
etag
"fc695af032b0ab978ccba16df1f237d0"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 13:39:44 GMT
general-sf83fb00d9f.png
rheintaler.ch/sprites/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rheintaler.ch/sprites/general-sf83fb00d9f.png
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
32e1e8571cb721a64341b26f46fb3bae53f66e4c42ffbacb141bd88eaa8da2be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/css/rhei-a.8668699d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:35:01 GMT
Server
Apache
ETag
"6090-5d80c15d50d25"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
24720
s_3.70f03c51.png
rheintaler.ch/images/weather/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rheintaler.ch/images/weather/s_3.70f03c51.png
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-b.dd8c3dc5.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
901c190b981667cc2188e641600ddafa208f7400d568a08f8363d288b6246917

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/css/rhei-b.dd8c3dc5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:59 GMT
Server
Apache
ETag
"435-5d80c15b64a1c"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1077
rhei-icons-desktop.ttf
rheintaler.ch/font/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/font/rhei-icons-desktop.ttf
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
34b1438d5293811c4cfd0bfdda84211c7c3e4681d61ff3699e3d52114a985c60

Request headers

Referer
https://rheintaler.ch/css/rhei-a.8668699d.css
Origin
https://rheintaler.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:43 GMT
Server
Apache
ETag
"1d88-5d80c14c1f6f1"
Content-Type
application/font-sfnt
Connection
close
Accept-Ranges
bytes
Content-Length
7560
PublicoHeadline-Roman-Web.woff
rheintaler.ch/font/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/font/PublicoHeadline-Roman-Web.woff
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
12d5906df1c38b0fe50afe3d42c853776616339ca24bd165698405889cd67c01

Request headers

Referer
https://rheintaler.ch/css/rhei-a.8668699d.css
Origin
https://rheintaler.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:43 GMT
Server
Apache
ETag
"fbde-5d80c14c1f6f1"
Content-Type
application/font-woff
Connection
close
Accept-Ranges
bytes
Content-Length
64478
rhei-icons-mobile.ttf
rheintaler.ch/font/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/font/rhei-icons-mobile.ttf
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
856765ebd5b9b928aebd57f2500af4945b809cf2b5c9b9003b01929fc0716d24

Request headers

Referer
https://rheintaler.ch/css/rhei-a.8668699d.css
Origin
https://rheintaler.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:43 GMT
Server
Apache
ETag
"1ecc-5d80c14c20691"
Content-Type
application/font-sfnt
Connection
close
Accept-Ranges
bytes
Content-Length
7884
fontawesome-webfont.woff
rheintaler.ch/font/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rheintaler.ch/font/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer
https://rheintaler.ch/css/rhei-a.8668699d.css
Origin
https://rheintaler.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Last-Modified
Tue, 15 Feb 2022 10:34:59 GMT
Server
Apache
ETag
"14730-5d80c15b659bc"
Content-Type
application/font-woff
Connection
close
Accept-Ranges
bytes
Content-Length
83760
iframe
pixel.mathtag.com/sync/ Frame E939 		631 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=1aef6233-3737-4400-9de6-7b2b9ab71171&no_iframe=1&mt_adid=243595&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1531295&mt_adid=243595&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4256 109297d master cdg-pixel-x26 config:1.0.0 /
Resource Hash
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

Content-Type
text/html
Content-Length
631
Access-Control-Allow-Origin
*
Server
MT3 4256 109297d master cdg-pixel-x26 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Thu, 17 Mar 2022 13:27:18 GMT
Date
Thu, 17 Mar 2022 13:27:19 GMT
Connection
keep-alive
img
pixel.mathtag.com/misc/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4256 109297d master cdg-pixel-x1 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Server
MT3 4256 109297d master cdg-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 13:27:18 GMT
5c35c0e6ad0b1400119dbb7d.js
buttons-config.sharethis.com/js/ 		479 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5c35c0e6ad0b1400119dbb7d.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28a1fc0e197e1b69499e33c86c04ce4f38bcd7b5e6acc1a7cdcc8a27186e5763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Thu, 17 Jan 2019 10:28:33 GMT
server
AmazonS3
age
10
etag
"e8fc0588e00c394759318c455f0e1d7a"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
479
x-amz-cf-id
6w__Qr-vK6yVLJve0rcu4C6nXeNRwP9K0zmbYkJJuAj-Kwrto_gvsw==
pview
l.sharethis.com/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=rheintaler.ch&location=%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&product=custom-share-buttons&url=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Zwei%20Wechsel%20im%20Vorstand%20-%20rheintaler.ch&cms=unknown&publisher=5c35c0e6ad0b1400119dbb7d&sop=true&version=st_sop.js&lang=en&description=Die%20Hauptversammlung%20des%20KTV%20Edelweiss%20Kriessern%20fand%20nach%20einem%20schriftlichen%20Intermezzo%20im%20Vorjahr%20wieder%20als%20Treffen%20statt.
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://rheintaler.ch
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
all.js
connect.facebook.net/de_DE/ 		287 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/all.js?hash=e7116179c16f8be287d250601bf16214
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42d5161c303b471c45a274db58e9749651019f9c0243c7e822a11b54c01a3d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rheintaler.ch/
Origin
https://rheintaler.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IRDMLtjst6rG63SkKlHj7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83847
x-fb-rlafr
0
x-fb-debug
aomSB2n5MBP0lh+Vrrm3ubVrDKoQHbphUBqgeY2GJfA7kHG34PnhZjk9Y8B7Orinb6siDOGosn6i9bcK2MPOxw==
x-fb-content-md5
722726175d3537ebd1816d12e71c1087
x-frame-options
DENY
date
Thu, 17 Mar 2022 13:27:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8a4acb435cfc8423c03cff4afa98d500"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 Mar 2023 13:19:44 GMT
embed-controller.js
s.imgur.com/min/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.imgur.com/min/embed-controller.js
Requested by
Host: s.imgur.com
URL: https://s.imgur.com/min/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:19 GMT
via
1.1 varnish
last-modified
Mon, 14 Mar 2022 21:42:00 GMT
age
39
etag
"9ed8fe2752ce22d6cdf0488bd3ad0802"
x-served-by
cache-fra19121-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
x-timer
S1647523640.900900,VS0,VE1
content-length
2809
x-cache-hits
1
/
graph.facebook.com/ 		202 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:15:face:b00c:0:2 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b493e7ad1b8c3816af14b688be823179eb982226193bedeaceaf8b8e8ee2df0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://rheintaler.ch/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1005210771
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
151
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
cF/dNI0LtYFFVIpjRcSvPmhjzbaYDdA2jp+0rcIlvJIELqZEdVkYGcs0bfEnTi8HhWGDASa7RsWSa5tQ6lRdtQ==
x-fb-trace-id
EqiBdJoVhbl
date
Thu, 17 Mar 2022 13:27:20 GMT
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-fb-request-id
AYwwCBCaMvQObETQeZ5gldC
cache-control
no-store
facebook-api-version
v6.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame E939 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1aef6233-3737-4400-9de6-7b2b9ab71171&no_iframe=1&mt_adid=243595&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 4256 109297d master zrh-pixel-x3 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=1aef6233-3737-4400-9de6-7b2b9ab71171&no_iframe=1&mt_adid=243595&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:19 GMT
Server
MT3 4256 109297d master zrh-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 13:27:18 GMT
get_counts
count-server.sharethis.com/v2.0/ 		166 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-105.txl50.r.cloudfront.net
Software
/
Resource Hash
f27ee15d404c0c3d6c0652b3da6ff0bf256be054617937c2b9ba3de36fdcb2be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
via
1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
etag
c3637273af7a30785e489e2f70b46cb3
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
content-length
166
apigw-requestid
PIWQ0jIHoAMEJIw=
x-amz-cf-id
-jM5BpoyYSixrQQ2GfocoWRO983HFFu_7U3PhJ874KVxPc8sXiAreA==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 11 Mar 2022 05:56:32 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
545449
etag
"c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
301
x-amz-cf-id
9e_1TKB5zpoKnrgfVMORx27GVn5T_LH6XMxSX-ufzQw0ux5B4-_l-Q==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Mar 2022 05:21:50 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
288331
etag
"0af2fb38987598376c99e21af17ade45"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
731
x-amz-cf-id
eQtC_Ora1sJTPqsJJvLyw2VWmLo3W86XQgxgEDWgUBfp18Pe5WseFA==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 20 Feb 2022 15:09:29 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2153872
etag
"afe7fc60ed757db39a88d2950fce69c9"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
832
x-amz-cf-id
rCHjzbiJLUSVyE-W4-vl6ie8ZOblfX2nwWmXMaqWcz-xDvvhXqkMUA==
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 01 Mar 2022 05:48:23 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
1409937
etag
"fa43b4ede18498b114fc7185993f6da7"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
456
x-amz-cf-id
tsJ6eGkP0oqVYGwvkBwUkYVKDz7H_kgXLCE7Q8C5eXA7w-DfVP3OoA==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 01 Mar 2022 03:21:49 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
1418732
etag
"5977437466e857c7ddcadda6f6d88c2a"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
343
x-amz-cf-id
DITTDJl73Pa1tPJRfFeyjHEINiW0cfhs9_udS6d6G0SkiKq7LqwPUw==
print.svg
platform-cdn.sharethis.com/img/ 		384 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/print.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 06 Mar 2022 11:51:01 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
956180
etag
"f13e866e7f19263a292ab3997e01fb17"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
384
x-amz-cf-id
b-9jirkoabnTjxgM1apyjcqdUwA8wiy7GF39u9Q_VPSoIpIlcJcmdg==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Mar 2022 06:31:44 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
284137
etag
"b55d8d2b9321e381a3c38a4bddb74037"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
565
x-amz-cf-id
Q5dqWtloWHG5qCG9PpfSsMA4On7qEFMhj-yqshVmCAHQS_0k8E2paA==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 11 Mar 2022 19:45:12 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
495728
etag
"9928d025bd5792b718ee0a185f62e67c"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
565
x-amz-cf-id
jlFAqLTtFnDZo_lIrWbJsNNn4-h_qhU2XlDE_ima_UkVvNhOk9O6cA==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=404932156383110&input_token&origin=1&redirect_uri=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=e7116179c16f8be287d250601bf16214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Eq1Pfl7ozXJDWSg4YmKULEMDRGKuFrbsRd2HU/4oa2Q4MyyvK77VjcmYdwB+0poDKOVYCjoE/ELO5DIT2QUX1w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Thu, 17 Mar 2022 13:27:20 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rheintaler.ch
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2906652.js
js.hs-analytics.net/analytics/1647523500000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1647523500000/2906652.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2906652.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e40fc28c172d144e48ffc2a538b32bcecc442c8898394137cc12c9ee7f8276f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
2S65R5VKFD4D5H81
x-amz-server-side-encryption
AES256
cf-ray
6ed610befe6091d1-FRA
x-amz-id-2
+9oh917VuZgUupibogaUL9csicE1umZ0n6GXgql5pWro5tABCe0jevUoDMAodY3pZqrqwuTuSXc=
last-modified
Thu, 24 Feb 2022 12:10:45 GMT
server
cloudflare
etag
W/"a0c58ce25f6d050ad01efce0c175e77f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 17 Mar 2022 13:32:20 GMT
2906652.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2906652.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2906652.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932ecf71d8b8455a394658fd82ce60544ff6b62f3837b78417d06f814fcba552

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
br
cf-cache-status
HIT
age
222
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
K5MAWDS8YWGRSQG5
x-amz-id-2
rSxaVunPrWbJeZbUvCK9pKq3yM6TvZVK093cDFadKeVYeel6A8PxUymk7WXJy3w4DluuEq7C/rk=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 20:52:48 GMT
server
cloudflare
etag
W/"97f788299879e456308e89d3fd5bf141"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
.NsdPS7O5aU445b1dg03ivrTK7bVL1S3
access-control-allow-origin
https://rheintaler.ch
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6ed610befc4f9b43-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 17 Mar 2022 13:28:38 GMT
pubads_impl_2022030901.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123713
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 09:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 11:14:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		35 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rheintaler.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b4a008a7f1785ba6a362ed50f9aba9f1377638cfad9c7941e4663ab4832ed85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49
x-xss-protection
0
expires
Thu, 17 Mar 2022 13:27:20 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=53941530&t=pageview&_s=1&dl=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&ul=en-us&de=UTF-8&dt=Zwei%20Wechsel%20im%20Vorstand%20-%20rheintaler.ch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1515427160&gjid=1973100889&cid=2052521433.1647523639&tid=UA-49355853-1&_gid=1974087536.1647523639&_r=1&_slc=1&z=1829069357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rheintaler.ch/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rheintaler.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
storydetail_large_ys-0026.JPG
assets.rheintaler.ch/uploads/image/file/187933/933/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.rheintaler.ch/uploads/image/file/187933/933/storydetail_large_ys-0026.JPG
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
origammirheintaler01.nine.ch
Software
Apache /
Resource Hash
8b5c60aa4d9735fec152c8a84eb3bcbae9b7a6decc723a4b9f5125f653c62017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 13:27:20 GMT
Last-Modified
Fri, 11 Mar 2022 14:53:45 GMT
Server
Apache
ETag
"98b8-5d9f27f5605d3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
39096
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-49355853-1&cid=2052521433.1647523639&jid=1515427160&gjid=1973100889&_gid=1974087536.1647523639&_u=IEBAAAAAAAAAAC~&z=141193807
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rheintaler.ch/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Mar 2022 13:27:20 GMT
content-type
text/plain
access-control-allow-origin
https://rheintaler.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rheintaler.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rheintaler.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		80 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=663647169618249&correlator=2294529823766703&eid=31065649%2C31063247&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=21822988163%2Crht_website%2Crht_display%2Crht_display_topbanner%2Crht_display_sidebanner%2Crht_display_partnerschaften_rectangle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%2C728x90%2C160x600%7C300x600%2C300x250&ifi=1&adks=3308085761%2C1004724611%2C2399039619%2C4085974150&sfv=1-0-38&ecs=20220317&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1647523639539&lmt=1647523639&dlt=1647523638845&idt=655&biw=1600&bih=1200&oid=2&adxs=436%2C-12245933%2C1120%2C1050&adys=0%2C-12245933%2C199%2C305&ucis=1%7C2%7C3%7C4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1%7C0x0%7C399x212%7C399x212&msz=1600x0%7C0x0%7C379x82%7C379x82&fws=4%2C132%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=2052521433.1647523639&ga_sid=1647523640&ga_hid=53941530&ga_fc=true&btvi=0%7C-1%7C0%7C0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
88b27d8ff1abbc1955aba9732ca4c54a57829ace819b177f91207ca26dc918ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22286
x-xss-protection
0
google-lineitem-id
5947017563,5943581269,-2,5679870162
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138384307527,138383794941,-2,138383269197
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rheintaler.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7588 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Mar 2022 13:27:20 GMT
expires
Fri, 17 Mar 2023 13:27:20 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49355853-1&cid=2052521433.1647523639&jid=1515427160&_u=IEBAAAAAAAAAAC~&z=675792043
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49355853-1&cid=2052521433.1647523639&jid=1515427160&_u=IEBAAAAAAAAAAC~&z=675792043
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5FAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 13:27:20 GMT
expires
Fri, 17 Mar 2023 13:27:20 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 45D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcCSy8An0VaV_itja2zXbzdHr6dL6-kc8pIOSeZhQEplNMfNorZ--qdNx0EjKCRYDCSVppG5mhsoDbbN-ekVguHemE4jwsg8ezmTQUlrWKwm_h8O4ZcDr45GXCosNJ4vY4R_fr7dP9FjzP2--t0UCqq6tbcTzgpm_zMcMpLJdh2Khqm8AMiIPvsj_10-TS7lhgedcUADATZiR2w-aTVTUnDCnPI-23giczeVRNId2s56raOBVmKDNx7mdd_R2PyQb36S2LMqJP2JKIHb0Bx5_oMOfvE4_VlSmKWwxEj5N3PI9EaDqfl4FRkoYF7tYwBFpgELEgXs3zrQ7Oa0E8kc-jSVmA0DmWm_swRA&sai=AMfl-YQG35qI5ZOLLhDrHYmDTsDQXO3o7LS0T80WqTHaGWcz5K3ycSo6v6rq-ALY3SAzuByrGZeazfRmibtMKH1lrdan9kWgtiqNFSISeGmZcuUaRiLJTAJAGnuqJm2C_2E1&sig=Cg0ArKJSzG3asqq_brOFEAE&uach_m=[UACH]&adurl=
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Mar 2022 13:27:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame 45D5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 13:16:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45D5 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 13:27:20 GMT
14071756250571549423
tpc.googlesyndication.com/simgad/ Frame 45D5 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14071756250571549423
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edfb76cb333acfa7d4a27e180b7f699d75f6d05e335ccf59e7b30656a2f4c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 02:27:54 GMT
x-content-type-options
nosniff
age
298766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18026
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:39:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 Mar 2023 02:27:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D19A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviPniR-gO8KeGgxT3PbIOrjDp65JgZgRbZShWh9UluxFGQzkT-TNQLMxZrQFPEiW3iGlYIs5bCz67VMW8JON8d98-OD_vf2i7jgAnyk7AB2L-kZtPMAujyGjWrF8TtfCbhusWzQ8Q3-H71ntpLy9MPM-Cj3guhbrIdohQCh55F2DXAuPgM6T5xDA6p8VWcah0jTpy4eCv3SbwlLdyn66McT3MSTfQwkwKOPS2JYzZPdg7knRcLzQknb1_8M8Vhf60UaxtqXlEnjphj4_zGN7fE9NeYDj9YZu-AaevUOmeAprQqw0ZL46cfN4t6BH7pbbKgKyplfb6a15jOcCPQVWf5FOZ1hOBrgYepxN0ntqVxayZdDQQmqb7zcaM&sai=AMfl-YQmDeFURKD_ExPOtHDd69pu-YsEx6HrsEyho_J_XP9qqBTIUY1DwI7WoKbQ4ztiyiLSB6Uj1oFsMFRTLo3a2lrXRtKX_4T_18eQ4ctvbFvpiLIKe31uvIiNev-JzCK8&sig=Cg0ArKJSzB5dS9nnidgREAE&uach_m=[UACH]&adurl=
Requested by
Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Mar 2022 13:27:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame D19A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 13:16:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D19A 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 13:27:20 GMT
l
www.google.com/ads/measurement/ Frame D19A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQPPm-H1QjcTBH1_0zvbtof7TiDAmYzVpugH_dWRQlRczMwX9tx6PGRRMDoII-GKdF-LkT_rSJQ-1XSvcZzVWQL1RM5w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
5478144954959037394
tpc.googlesyndication.com/simgad/ Frame D19A 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5478144954959037394
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fdc53eee418c5d8a6c785e7b44230d8d94e0a8146934f1efbcd9a0b63d2da37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:01:32 GMT
x-content-type-options
nosniff
age
15948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106534
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 08:43:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 09:01:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D19A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBTHedfSUIe-kQ4Ut6me4NMVYv7Hd2FT0xaQEFT60sqEZvw8rlzo_SGVYPcD12VqD-FeXNCFfkWERGCMZjOzq9H0nd-nORVX1nkWZrzE2NSirNshwFB8qI0wBavO4-zekukv_ccXISVIjAnR8X2L_EqqeDtaHqSKXa9ZJC3teWNqlrB_yyE4jcGWFWpwvaBsSNrCEk2ufwpUo3u1MwkvdV-M_FbLBn7EPxpbg3jj9nQqjcK2_4lgsaxIwygip0zYjvSOmdyU40ytjPjiabBAjVqmzcE-KykYkPG1YOrmLi85O9DCeDqP0Bc8UU24gVd2RlttJaCxLSw0GZmmQY91o6acjH7IkyosHLFn28DxC3J8ypFcV6hiteZFQhvQ&sai=AMfl-YSHROPys4QoL8xO44yecNrTB8E_cNmt1vciOKkLCtON2laekyMtTbXoRLlw4lgHme54CiFbEVI5PpyqxtdNOenOdvT7zH8CUNip0licpwSfDGctR85Cvnxt6NHiAKPj&sig=Cg0ArKJSzBOiQlOo2fWDEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Mar 2022 13:27:20 GMT
truncated
/ Frame D19A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adab2385de2d97ea86b4bbf10fa2648b6b5300445feae19c430b3a619fd5271d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 45D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuofGdua-t-stlgyOP7xoAJz6p4jcyEhjecrAF_a8kRZ0Gm_-fMNYJ_VknhD77iUkUvHfulvojHMxGIWzzkXIVookExOwusmJb_j-gSW-8q4tGJly9RxKxFM-QVOryYdJTCpfKkjubZ8zX1czmmviv7bqMCZWJvODp7nijYClUq7UDfEdjHv8wKcL8nXKJVCOicvVrcSgWsbQU7t_nuWOiqKXxfZnIz6xx175ZZh0nwP9iz-g2JTbftaQU4kouN_UcEnBqZB14uw6epq2V63AvMCkleEA3TCaAXXWwEStu3oE9g-dQbIFqgMNEED3FTdS6BTWqiDGjPaZ9RnrcSdWlt0egZiZmCuksXCB-N&sai=AMfl-YTgnx_XY_Bzc3Giu8Kc7BjCNap4kOqa2OFPSulsXLlyNXsUK14mhhhHfOQp-Bfz4fANKzl4cqcIkcZzwiZcY4DN7CObZEf9-UeOxyDRBOHqVWQ3KDW-xIA06U7Ddrkv&sig=Cg0ArKJSzGl1cCOdQ1nOEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Mar 2022 13:27:20 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/ Frame 5FAD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/abg_lite_fy2019.js
Requested by
Host: e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
URL: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 13:20:02 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5FAD 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
URL: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 11:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Mar 2023 11:48:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FAD 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
URL: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 13:27:20 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 5FAD 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
URL: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
Origin
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 11:47:57 GMT
728x90.html
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/ Frame 137B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6941bfc49f25d2aba8d4f3bbea319f5aa3b1e337e7067093ea712b5195d2a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1425
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 15:37:44 GMT
expires
Thu, 17 Mar 2022 15:37:44 GMT
cache-control
public, max-age=86400
age
78577
last-modified
Fri, 11 Mar 2022 15:16:32 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 5FAD 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0Sye4ZuOD_bI8Mf8iftL5tjxCENEC1x1kG59VxIQYVbpL8j8n8L_6xkC-xXVivUN6dMdnyvi91_xHDwGi1t3TkwP7ZAJUkHOplIPlAMyV-I7NXK9wW5njwIt27n084zUnyDBU0mwOOLVvqj_ErwuzAOMH_77NdI9Y8TkFu7b12qxH2vRtgHpGvgcjYPBRXxLcWgGBoI4P6_4c69zUpA1I_2jA_wj1Ht6EonX723P4aMNUPTLpGkqrbmCaXiDh-WvqE0kaKraNyxSBh3u2IYtyO4KHt7KKCIKgCg_P04bMb-0P9ZIqMhHJ2y4_KUnBZ1L3DOh2kuQP-qcjNa7D8Xrk0gm1qwvHJuyPmw&sai=AMfl-YSG_5FB_DvUlwfNroPf5yNFL3tB2rcGhODjA0wCSaElrv2D_9S2hUA9VGgyCcYEF8nWTpFqIpOGtrsioqhEYZYpXnOpImRPoFv2tS1COuFGeogAjOH7w0Mobmel8gLA&sig=Cg0ArKJSzExnsqn_3Np2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
URL: https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame D19A 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvukmzLDYXeg4b9QmlnjKFh5QZ7YSvHBfg9PpVSC8EPnKxgSaydslFpxSUndUB25FVVAf-kDh2D-aasFoh4zfLXpNSL6l0YDJClzEfIeue7ms0q5MAS&sig=Cg0ArKJSzOdLFo9BFlsUEAE&id=lidar2&mcvt=1000&p=289,1050,539,1350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4085974150&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647523639705&rpt=259&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 13:27:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90_hype_generated_script.js
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/728x90_hype_generated_script.js?28172
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64a5dc4a840c29926dc8c1b3b3437cc18561c0b874a2c04c671bf4107b4b3ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 15:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2777
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 15:37:44 GMT
HYPE-736.full.min.js
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/HYPE-736.full.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/728x90_hype_generated_script.js?28172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1790fc57c23620256ce678503596bc153249c9b7214e19b244067ced81d72ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 15:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39954
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 15:37:44 GMT
cursor.png
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		1014 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/cursor.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9751a70da29e7b48d5a45a08d4c14a74314ea4c9edf79c04dbadc8436995ad7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:31:17 GMT
x-content-type-options
nosniff
age
53764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1014
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 22:31:17 GMT
sk-logo.jpg
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/sk-logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b82b3469e0011c26d007f15fadf7da25ab00e11803509513b40be5c8a1dca2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:31:17 GMT
x-content-type-options
nosniff
age
53764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24718
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 22:31:17 GMT
rodeln-130h.jpg
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/rodeln-130h.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a927011db8f3f40473dbcadabd9faf1b585a78063b4e249a227d3659cf1e4711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:31:17 GMT
x-content-type-options
nosniff
age
53764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 22:31:17 GMT
ski-130h.jpg
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ski-130h.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36785d73319ac0f6ea29901a1883546f7a1c583a800d0d5d67186f6f269375ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:31:17 GMT
x-content-type-options
nosniff
age
53764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7563
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 22:31:17 GMT
cards.png
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 137B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/cards.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6b430fe5ddb36be884a16d3c16bd6a4cf8397af71d7f5f9bb9e78d9b459b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 22:31:17 GMT
x-content-type-options
nosniff
age
53764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11637
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 15:16:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 22:31:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5FAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXvgjpHe_YszKNyAat65deDAsvy7kZNSXCLZPtng8bBdktKPsRlIPO-rPhfujbNmIx1k33oYL7I-vdA7zp_Pbz6cMRbv51srNPXL3kNRblcgffj-UQ7cOKQfxo40s53ul-QsL2D5X1vRarEao8WOupux_rbxoDqNsU-TpC7m0iBMzafJrjRObm_RgBJsYLS2n_L1umhPpRHmNBnKkNsjL25-UTRv84MiI3hJcL8J3XyNA6Xsw_x3KLC8oRjE8CYzev3YDbpAwj6lqUaJn9JeIUzgij_e6a7NkzTEtu3c0ArHV6weNBRLdV8mQfwrMIFfRbg3whpTgM6VyUZ9a5msT0P_kUL_0Qdc5A7-Zr&sai=AMfl-YQo6U1DY6mI96zE7YhPMfT9UkMjPodFVGH099PjqprFgvbAzenvoaRrGZIFMRkCVispEC2-56NFouYuIOWE5GK6sKWvssueg3qVmjVO5xniYUtxTawHIvsz7IOqqXAa&sig=Cg0ArKJSzMIBjdclBkFOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Mar 2022 13:27:21 GMT
login_button.php
www.facebook.com/plugins/ Frame 49C2 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df259030bb0d573c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=e7116179c16f8be287d250601bf16214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1190a57542f4bac52ac4e892bf758f9b93b2d16bf571059b99a10514ddc52664
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
b/y6UlfH6cgXYurmH3K6PPtSS4EfJ7cRl6wGCaRe0LX4Qf5OvN4wFyWsteBxW4xFsPTRI4hZnkFfaUuXmZLZvw==
date
Thu, 17 Mar 2022 13:27:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
feedback.php
www.facebook.com/plugins/ Frame 1C5A
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drhein...
  • https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drhein...
41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=e7116179c16f8be287d250601bf16214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c78e04cefcf11f6fa9918a5b9b69ec6d25a11d87045f9ca30eb198d536be3981
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
pG9EeD67c484u3ZYZyJs+5VBfxUziETI1sa3ZLK25odXNcc6dsGK0ASBC67OQKYNSbNbjvWB9tD/3sX0ykE5+A==
date
Thu, 17 Mar 2022 13:27:22 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
yX6614eEccPjg/7YvZdHmN9MH3m1o2W+cwaYDTBypahm9eJgpvR0Edn0pKNVj4fwzt3v7O2ekcVr8xK6NXuUsA==
content-length
0
date
Thu, 17 Mar 2022 13:27:22 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
feedback.php
www.facebook.com/plugins/ Frame 4FF3
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drhein...
  • https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drhein...
135 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=e7116179c16f8be287d250601bf16214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f134d3aefa39f3f1a5de0551ed9a2cfee42864f38a65921a80d11ceafd556c4
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
MwDMB1D6tYpLq6OW+3NQ7lRAJuSN7vHgXK92PPLeNnpDPZHV2uHO0j58Nbmm+lMNqk/h8C0qWxy03ccOSPeNFQ==
date
Thu, 17 Mar 2022 13:27:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0

Redirect headers

location
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
KEIyYaYvoh83mxP9jn3sFWU+DwEvEz1PumjKy6CtuWGzpzDbg7kJ85MoDZ97WVGRsSi9LFzj9i5tURURfmhyYQ==
content-length
0
date
Thu, 17 Mar 2022 13:27:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
login_button.php
www.facebook.com/plugins/ Frame 27E0 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217b78a217be4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=e7116179c16f8be287d250601bf16214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
432b5ba3f91b9581de0496a8ba52673f25f0a0608ef99e6cc041515f8e990e08
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
rmMAI+7d4N20Z/Vosfvh3HiMiInOzQojpE5lEsUR2/+boIA8c2sTEvfLU5w8NUEnxFGRIj6miPKtmWoZUjJMTw==
date
Thu, 17 Mar 2022 13:27:22 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a0efab1b1c63c59520795a302e8931bedb7a3a22eee09446fd906d7f8ec018c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10561
x-xss-protection
0
__ptq.gif
track.hubspot.com/ 		45 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=2906652&pu=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&t=Zwei+Wechsel+im+Vorstand+-+rheintaler.ch&cts=1647523641283&vi=d7b5658fd787a8f4d879831b64cb9ecc&nc=true&u=100392705.d7b5658fd787a8f4d879831b64cb9ecc.1647523641279.1647523641279.1647523641279.1&b=100392705.1.1647523641280&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
468c2ab3-9adf-4d80-8de9-4c1f52152881
cf-ray
6ed610cbe83c9bfa-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEz%2FRulahH%2FYtZqAlyrCH4oaLHnkDDpbGiwoiFv0HbzkiqiQn56skSpyoJS7E7dsp87oZJgADuZ2C7%2Bg3i5vXeftyfPFOpJu%2BdNTIPTQ4K%2BDRtiqkhzKXBq9rlhN9tkRKtyTOsKRrPabfxaqiIJ2"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065649
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 13:27:22 GMT
qYG_pvNhLC1.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 27E0 		371 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/qYG_pvNhLC1.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217b78a217be4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
x-content-type-options
nosniff
content-md5
ApFuUU9EOpmqxGomIy3eug==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
371
x-fb-rlafr
0
x-fb-debug
aXzxD8LNsLaxHHlxb7EH1DOwfkUA7xq836X4Ua65wsgwU6tceNqs2XWbYd4oUimMMRIGc8Yn5A1/yh5Xx0Prvw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Mar 2023 18:27:32 GMT
iqVGY7gYXlg.gif
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 27E0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217b78a217be4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
x-content-type-options
nosniff
content-md5
xus77tDlZhUxDt48lJn72A==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1056
x-fb-rlafr
0
x-fb-debug
+SoGXM6+1hEShVx/eZk81gZ1BOowrr3B6rWrMX79vwAkG3F4JzbyUVT7x5aBRKnEtz7YQ08yNO8AR6K4nMxQuA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=6
expires
Thu, 09 Mar 2023 00:05:55 GMT
qYG_pvNhLC1.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 49C2 		371 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/qYG_pvNhLC1.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df259030bb0d573c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
x-content-type-options
nosniff
content-md5
ApFuUU9EOpmqxGomIy3eug==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
371
x-fb-rlafr
0
x-fb-debug
aXzxD8LNsLaxHHlxb7EH1DOwfkUA7xq836X4Ua65wsgwU6tceNqs2XWbYd4oUimMMRIGc8Yn5A1/yh5Xx0Prvw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Mar 2023 18:27:32 GMT
iqVGY7gYXlg.gif
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 49C2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df259030bb0d573c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
x-content-type-options
nosniff
content-md5
xus77tDlZhUxDt48lJn72A==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1056
x-fb-rlafr
0
x-fb-debug
+SoGXM6+1hEShVx/eZk81gZ1BOowrr3B6rWrMX79vwAkG3F4JzbyUVT7x5aBRKnEtz7YQ08yNO8AR6K4nMxQuA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=6
expires
Thu, 09 Mar 2023 00:05:55 GMT
JvUUDH-PoUa.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/ Frame 27E0 		524 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/JvUUDH-PoUa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df217b78a217be4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c962d2f3c6d6f0150576560d1dac2d564b09d604ef3aa6a13ecd8d63216eb68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uxuNmcjyXoMvj+YOW5QNkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
141107
x-fb-rlafr
0
x-fb-debug
KJZSUEaQ/avzGFd1e29yIRDJb+tyBn2JbWmCUl6jJD84YXPGlYgmQPF4UosmRtn1nudkmT8msjWD+lLZzqEBUA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 17 Mar 2023 08:34:29 GMT
JvUUDH-PoUa.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/ Frame 49C2 		524 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/JvUUDH-PoUa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df259030bb0d573c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c962d2f3c6d6f0150576560d1dac2d564b09d604ef3aa6a13ecd8d63216eb68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uxuNmcjyXoMvj+YOW5QNkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
141107
x-fb-rlafr
0
x-fb-debug
KJZSUEaQ/avzGFd1e29yIRDJb+tyBn2JbWmCUl6jJD84YXPGlYgmQPF4UosmRtn1nudkmT8msjWD+lLZzqEBUA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 17 Mar 2023 08:34:29 GMT
ZcEEO3vVIk7.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame 1C5A 		778 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ZcEEO3vVIk7.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
frqfMJ6oaa+P17vesUCn7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
404
x-fb-rlafr
0
x-fb-debug
a/61h6R1J27SSX2B6MBy0BC4nzCK7IRLd85JDoXHRLKm3/mpbd+q7VKPLiR3G1DGcK7enPYRQpKRjR3YWMGbNw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Mar 2023 21:23:55 GMT
V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 1C5A 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DaMRuE+YoIxDIzGIPbrOjw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20378
x-fb-rlafr
0
x-fb-debug
az8vC/cqnUAEQ6sajP3QOR3Wa/WOiPPk2SMhW8qHHkeakf1D4d7ORx6E9ghtq/crEW53vfM8qmVnqjUOKijw8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Wed, 08 Mar 2023 19:15:56 GMT
Yb0gveej7nV.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 1C5A 		307 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/Yb0gveej7nV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45a68bb9220716fcb332c302d3dc235742aea8cc76018efbf0f702d020691761
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kuEibdsVDuSXULzMqzsIbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84398
x-fb-rlafr
0
x-fb-debug
PU9wETZQVioWQeOoMdtz/DxCU80rnh6fZSJ8JkqQhfn792M1twOIjz7Zs3VUqeSljDgY88qB6LX99v8e5pR+eQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 Mar 2023 00:28:59 GMT
SEL4f826Zb8.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/ Frame 1C5A 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/SEL4f826Zb8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1d96225a7734a52ae43f75b708e8bf8d34bfd3b1d1891b4333d10d908375e48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H8zMw9SQtmyF1XIURj6M8w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
44483
x-fb-rlafr
0
x-fb-debug
W7zXxxGnG4VaMs/w0mNmGhXBd2LOXZ3qf9sPmGLfjZRjGQxffZUmxLcb7yGux2pzTgiU+4E2V4at25hXnnHuLA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Fri, 17 Mar 2023 02:07:12 GMT
NhvSSrc56J2.js
static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/ Frame 1C5A 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/NhvSSrc56J2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22e643b014671c%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8266ed2708ada787994cb1d2bed707a2d9c311283973bfc2673412551e9aa0b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5xj0quwx7OkL6MKldnAqLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12298
x-fb-rlafr
0
x-fb-debug
LBePI5S15/LuwRirSpshXQ1M6qA5JWed2A64PamOK2Rk4nYs2PqcpF/nbr9MoLvReaOIgBeXCDIzXU3VedpzXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Mar 2023 21:13:27 GMT
ZcEEO3vVIk7.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame 4FF3 		778 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ZcEEO3vVIk7.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
frqfMJ6oaa+P17vesUCn7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
404
x-fb-rlafr
0
x-fb-debug
a/61h6R1J27SSX2B6MBy0BC4nzCK7IRLd85JDoXHRLKm3/mpbd+q7VKPLiR3G1DGcK7enPYRQpKRjR3YWMGbNw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Mar 2023 21:23:55 GMT
V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 4FF3 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DaMRuE+YoIxDIzGIPbrOjw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20378
x-fb-rlafr
0
x-fb-debug
az8vC/cqnUAEQ6sajP3QOR3Wa/WOiPPk2SMhW8qHHkeakf1D4d7ORx6E9ghtq/crEW53vfM8qmVnqjUOKijw8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Wed, 08 Mar 2023 19:15:56 GMT
Yb0gveej7nV.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 4FF3 		307 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/Yb0gveej7nV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45a68bb9220716fcb332c302d3dc235742aea8cc76018efbf0f702d020691761
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kuEibdsVDuSXULzMqzsIbA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84398
x-fb-rlafr
0
x-fb-debug
PU9wETZQVioWQeOoMdtz/DxCU80rnh6fZSJ8JkqQhfn792M1twOIjz7Zs3VUqeSljDgY88qB6LX99v8e5pR+eQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 Mar 2023 00:28:59 GMT
SEL4f826Zb8.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/ Frame 4FF3 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/SEL4f826Zb8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1d96225a7734a52ae43f75b708e8bf8d34bfd3b1d1891b4333d10d908375e48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H8zMw9SQtmyF1XIURj6M8w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
44483
x-fb-rlafr
0
x-fb-debug
W7zXxxGnG4VaMs/w0mNmGhXBd2LOXZ3qf9sPmGLfjZRjGQxffZUmxLcb7yGux2pzTgiU+4E2V4at25hXnnHuLA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Fri, 17 Mar 2023 02:07:12 GMT
H6F6P2y97Sv.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 4FF3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/H6F6P2y97Sv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40d82d62cfb160d556344e39325f94e4779037d881c32a95e02d92b1fdf4b457
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bxSIDQzM4yk5nDKEg3PlZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10319
x-fb-rlafr
0
x-fb-debug
65ayS4/crFX4Y63K992Elzn19gMhf9GSmRmPXteYzNMnLMegg2GQYYuTBjz9eGl2FKhTsMdRkos4LvVn2TNyKA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 16 Mar 2023 20:59:05 GMT
bo5RAEUMs8d.js
static.xx.fbcdn.net/rsrc.php/v3iObv4/yh/l/de_DE/ Frame 4FF3 		1 MB
333 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iObv4/yh/l/de_DE/bo5RAEUMs8d.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fffca3d7efda3c386f1d8721bb673c6e9b6105b719fd547909f55d416a5cbd32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GLZ/UQc2hQE/TdP0hDzrXg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
340680
x-fb-rlafr
0
x-fb-debug
YR6wuCtfmklHEV77/D2eXD4aGb9lJ8VWoAXwrsm20lqP/mnobsphAX0ye1RIK9y67h9MNRF/oUziwV8MPutH2A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 17 Mar 2023 08:50:22 GMT
NhvSSrc56J2.js
static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/ Frame 4FF3 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/NhvSSrc56J2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ae90fa5e7f4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ffd94b10e086afc%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fzwei-wechsel-im-vorstand%2F82328&locale=de_DE&numposts=5&sdk=joey&width=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8266ed2708ada787994cb1d2bed707a2d9c311283973bfc2673412551e9aa0b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5xj0quwx7OkL6MKldnAqLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12298
x-fb-rlafr
0
x-fb-debug
LBePI5S15/LuwRirSpshXQ1M6qA5JWed2A64PamOK2Rk4nYs2PqcpF/nbr9MoLvReaOIgBeXCDIzXU3VedpzXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Mar 2023 21:13:27 GMT
VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 4FF3 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
x-content-type-options
nosniff
content-md5
VO922XrIvf6dPbMlbETwCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
257139
x-fb-rlafr
0
x-fb-debug
8xz6/p6MXqzch2yJjspYml7+w6lLMaYZ9Jq4Bd0EnSceBmUXTx2kMWTs9RhBeM4sswg/O6jGQ7TNLHUe+zZDaQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Mar 2023 18:04:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 379B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 13:15:45 GMT
expires
Fri, 17 Mar 2023 13:15:45 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
697
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 29C7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25da52a327b782bb043fea0d6bf32dda0d479037e657d8d949cd8b4512ecf70b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nXnY01FBXQOyeYilxKjgyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 13:27:22 GMT
date
Thu, 17 Mar 2022 13:27:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nXnY01FBXQOyeYilxKjgyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame 379B 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
227518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:15:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 29C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=663647169618249&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 379B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?242Slw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:27:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5FAD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPlsB_UVXWJCwhQDXxXF7vbAkQq_wnibjNIWkI3dH4ej9ZFv6ew20ZehngfgTVgOe3PZVu2yup7wDXAY8oyIcNKncBmJ6CMR21aqY8eGVXRO5T1wkV&sig=Cg0ArKJSzCOciAZf1OFdEAE&id=lidar2&mcvt=1007&p=0,436,90,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3308085761&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647523639693&rpt=1542&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 13:27:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=663647169618249&bg=!PT6lPnrNAAba2mK92to7ACkAdvg8Wu0Tv2cmphdc7nleMBgOKj6qIGQY7LpKR_REjF4FDgE28wU5yQIAAABoUgAAAAJoAQeZAuxD7a7T7cRsgHV0fZ5LcNBpiYkK1gl-E8F4WBP40Dc8eIKKurhlHHxi-HQF3aAF438VGlMdiXEz39Sa_WrqSkbNhfCx1PjBR1t3s2yzW6-JOT0OooKtxzusOeh3VIhxblC6LPZW_jypAaDqFvcAfYBTAYpGr4OWDacCD6F4lX9rGwc6N_2p3gy37Ajydtc7nI2YHbBKMMwz1U4eiRaUIsxOtAdkF3zvcB7xhmzjsYb7M48cs2ZaFThXyJHCDPPo5RyxuOE-ZtB0-bnZAB2jkkTS9Up-Glww4vLYPVzfewgp219LkJ9l6i2NDnqFuX8W5ZDHa6GdKIzj24NS19fxrCWZF4u7L957UJiXuzRkgl3Vog3IckiyMRAcyKYXJl5uy-OWDUqTUL_8V9hmebtucKCEuweiyxaOvNZw43Whi7Q60GkONZtovtQju7YLmpHWR0_jTzdLYb5mt6sVNExGVsVY7SwAbt1OibmT1ckwoBuECw4z8nlrCapowESlyVu5xITYxIBmqWIlUq7j0aul87rbFrGApFbpyB9rwPUgqg8sKPU8tcK-dnGM4Se6-8CnSKb5fnwxLm6a6wI46a8ZoyBUjqWNBXxl5RXCUbLNtt8aPHcN1kMEfvjyc6GFoDHeYSqKi1WJ5jQBQDVL61t13_TmR4mG0DKxglOxkM9rhjU75EOtWzJ_h2FEy6499qjbR3Q2l0ygJBnsQxfVng1JsO0u1JLgBvLyOgNyfPLWBg6csTkWQ9Sk1AXokXiA91xrcVE1Zf_dEbHrqtzK-lQrTg3fU9pDgssWFfDB84KHll86vA5gJGwB8p2UUkCwns-YWOzyCgdJ8Q2uRvMzxWesUoHkNlIc5i6WyESyMGXXLb_s5QrpRnk2xjyM2U8lzDJuEeI9wZqVKxjHa0g7p9tGtl_KDaOzE4XICyRlmFdYcakvqAdPBbPgYECqen0k6x0E3HVkdA1_McQqyh32r_hKoutDJMtRtCy5wyrQ-hu5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rheintaler.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 13:27:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone object| oncontextlost object| oncontextrestored object| rhei object| Modernizr object| html5 function| yepnope object| googletag object| rheiAds string| GoogleAnalyticsObject function| ga function| fb_login function| fbAsyncInit function| metric object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| FB function| $ function| jQuery object| Astina object| Astina_Router function| loadTweetCount function| loadFacebookShareCount function| libFuncName object| TimeAgo function| animateMessages string| TWITTER_API_URL string| TWEET_URL function| beforePrint function| afterPrint object| mediaQueryList function| printAd function| printArticle object| enquire function| Snap object| jQuery110206079750918482234 function| Headroom object| Foundation function| moment function| RheiGallery object| eventie function| EventEmitter function| imagesLoaded string| host string| source object| script object| imgurEmbed object| _hsp object| ggeac object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| _hspb_loaded object| ampInaboxIframes object| ampInaboxPendingMessages object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
rheintaler.ch/ Name: PHPSESSID
Value: neh0ra3kp0seg9c5htkq6dlvd3
.adnxs.com/ Name: uuid2
Value: 3133008849960486433
.myfonts.net/ Name: __cf_bm
Value: lQlBK2mHrTx.PgwxFGYvzxgnhWl3s9XSECFadYBRmoE-1647523639-0-AddMAF+uDRqSBqJngTAcC+I8/MAvCLQKPNU/+y+NGliACziPM8JKroW8CIzEQTBeL+TUcd9wO55jywC1yYX1oME=
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In@hLS9n!]tbP6j2F-XstGt!@Df9$m2mW
.mathtag.com/ Name: uuid
Value: 1aef6233-3737-4400-9de6-7b2b9ab71171
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.rheintaler.ch/ Name: _ga
Value: GA1.2.2052521433.1647523639
.rheintaler.ch/ Name: _gid
Value: GA1.2.1974087536.1647523639
.rheintaler.ch/ Name: _gat
Value: 1
.rheintaler.ch/ Name: __gads
Value: ID=e40867214f549e30-222d44875fcd00ed:T=1647523640:S=ALNI_MbNj4gHUjiwBOXlktPwMDP8OO_VCw
.doubleclick.net/ Name: IDE
Value: AHWqTUnXNloK1Omdr3Ifbh45whIGZgqEP2WTWvx2vy_tMG804xgs-xd7203eOvPvX50
.rheintaler.ch/ Name: __hstc
Value: 100392705.d7b5658fd787a8f4d879831b64cb9ecc.1647523641279.1647523641279.1647523641279.1
.rheintaler.ch/ Name: hubspotutk
Value: d7b5658fd787a8f4d879831b64cb9ecc
.rheintaler.ch/ Name: __hssrc
Value: 1
.rheintaler.ch/ Name: __hssc
Value: 100392705.1.1647523641280
.hubspot.com/ Name: __cf_bm
Value: cVXq0X1V4Etj5dgF651Rc36A.SRUVMEJm9g4YgQK0oI-1647523642-0-AWwbp/HBncw/A3HGe2eeq68Mf7y5RyDFp7wQ7mC/vRDGOnNTIeRpcUYUOsQZLMVG0PM7Z92GfmOMtCQGrD35JhE=

1 Console Messages

Source Level URL
Text
network error URL: https://graph.facebook.com/?id=https://rheintaler.ch/artikel/zwei-wechsel-im-vorstand/82328
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.rheintaler.ch
buttons-config.sharethis.com
connect.facebook.net
count-server.sharethis.com
e851bc4203faebed6d2bf49f50b11e5d.safeframe.googlesyndication.com
graph.facebook.com
hello.myfonts.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
l.sharethis.com
pagead2.googlesyndication.com
pixel.mathtag.com
platform-api.sharethis.com
platform-cdn.sharethis.com
rheintaler.ch
s.imgur.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.186.66
151.101.12.193
18.198.109.212
18.64.115.105
18.64.115.68
184.30.20.207
2600:9000:206f:9a00:c:abe:f440:93a1
2600:9000:2315:2800:1d:85c3:6640:93a1
2606:4700::6811:46b0
2606:4700::6811:d6cc
2606:4700::6811:f349
2606:4700::6812:14bf
2606:4700::6813:9a53
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9a
2a03:2880:f006:15:face:b00c:0:2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.252.172.36
5.148.168.157
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c3b6f315c96eef816aae45c02790ea6752805301d0842b8352218dcf3fa2e77
0c9005855317efbb20d77d5708bed6c4d4407a57734bf22bc021ba980b9f2b48
0edfb76cb333acfa7d4a27e180b7f699d75f6d05e335ccf59e7b30656a2f4c14
1190a57542f4bac52ac4e892bf758f9b93b2d16bf571059b99a10514ddc52664
12d5906df1c38b0fe50afe3d42c853776616339ca24bd165698405889cd67c01
14d38e05ee174b84c0106fd20b544ac6e8cd5e99ac0de746ef885a69544ced21
15017f7f166806cfcef0588034ac1c9a0fa502ff4546dd945d00b4fcb4f54b5c
1790fc57c23620256ce678503596bc153249c9b7214e19b244067ced81d72ce9
1a0efab1b1c63c59520795a302e8931bedb7a3a22eee09446fd906d7f8ec018c
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
25da52a327b782bb043fea0d6bf32dda0d479037e657d8d949cd8b4512ecf70b
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061
28a1fc0e197e1b69499e33c86c04ce4f38bcd7b5e6acc1a7cdcc8a27186e5763
2e40fc28c172d144e48ffc2a538b32bcecc442c8898394137cc12c9ee7f8276f
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
32e1e8571cb721a64341b26f46fb3bae53f66e4c42ffbacb141bd88eaa8da2be
34b1438d5293811c4cfd0bfdda84211c7c3e4681d61ff3699e3d52114a985c60
36785d73319ac0f6ea29901a1883546f7a1c583a800d0d5d67186f6f269375ca
3e1508907b24563f66afecbb68255184e59bbfeffd9c133113aca0fae9d4c806
40d82d62cfb160d556344e39325f94e4779037d881c32a95e02d92b1fdf4b457
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
41bc28d3388ccbd4d30955102fe5c3eaba696c9a072849d762e517fa6b1979cd
42d5161c303b471c45a274db58e9749651019f9c0243c7e822a11b54c01a3d04
432b5ba3f91b9581de0496a8ba52673f25f0a0608ef99e6cc041515f8e990e08
45a68bb9220716fcb332c302d3dc235742aea8cc76018efbf0f702d020691761
4b493e7ad1b8c3816af14b688be823179eb982226193bedeaceaf8b8e8ee2df0
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a5dc4a840c29926dc8c1b3b3437cc18561c0b874a2c04c671bf4107b4b3ce9
66d6b7da2b114a46449210454bae21ea187d9aeb740a43d7443d800a1bc5da51
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6c56c16580cc4d59f3b7c32b59ec586967eb89e0e02b14c739ba30f598f26503
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6fdc53eee418c5d8a6c785e7b44230d8d94e0a8146934f1efbcd9a0b63d2da37
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7c962d2f3c6d6f0150576560d1dac2d564b09d604ef3aa6a13ecd8d63216eb68
7e918df9b59bf81ca749f47ebc60fd6536bef997388b3cb6dbf250dc4a35e618
7f134d3aefa39f3f1a5de0551ed9a2cfee42864f38a65921a80d11ceafd556c4
8266ed2708ada787994cb1d2bed707a2d9c311283973bfc2673412551e9aa0b5
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856765ebd5b9b928aebd57f2500af4945b809cf2b5c9b9003b01929fc0716d24
87201145680dbffd0397623ba7cfb3543c0eaa2bee63ec075db0e1d8e23371da
88b27d8ff1abbc1955aba9732ca4c54a57829ace819b177f91207ca26dc918ef
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b5c60aa4d9735fec152c8a84eb3bcbae9b7a6decc723a4b9f5125f653c62017
901c190b981667cc2188e641600ddafa208f7400d568a08f8363d288b6246917
932ecf71d8b8455a394658fd82ce60544ff6b62f3837b78417d06f814fcba552
9751a70da29e7b48d5a45a08d4c14a74314ea4c9edf79c04dbadc8436995ad7c
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58a9629521cbe8c45fa38a5d108ef8c8bb248b74a00b74ca7480545f594882a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a927011db8f3f40473dbcadabd9faf1b585a78063b4e249a227d3659cf1e4711
adab2385de2d97ea86b4bbf10fa2648b6b5300445feae19c430b3a619fd5271d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c6b933014858ac8362a84daa391a04d2d7d39c44c9ba67f4291746060ee7fa
b3bc87c7baee6e6e194b09641a29999cc94e7be68a1ad8359ddf643857303132
b4a008a7f1785ba6a362ed50f9aba9f1377638cfad9c7941e4663ab4832ed85a
b6941bfc49f25d2aba8d4f3bbea319f5aa3b1e337e7067093ea712b5195d2a94
b82b3469e0011c26d007f15fadf7da25ab00e11803509513b40be5c8a1dca2ad
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9
c599619a19a975dd4f1b566c3efac436724dade8181769111a77656b0af3935f
c78e04cefcf11f6fa9918a5b9b69ec6d25a11d87045f9ca30eb198d536be3981
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cd6b430fe5ddb36be884a16d3c16bd6a4cf8397af71d7f5f9bb9e78d9b459b2b
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e1d96225a7734a52ae43f75b708e8bf8d34bfd3b1d1891b4333d10d908375e48
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e967fb8dba7170dbb7c1fcc0d4af7cea34ad464b892df32efc7d7b9629f7929f
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ec06fd9e7cdece14e722473b89ffb6edaa7bf385330ce39113643588b06a8bb6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3699d9eb9e6b9dcebf7120e14755c1260313352d3ec659963c72b8a507377
f27ee15d404c0c3d6c0652b3da6ff0bf256be054617937c2b9ba3de36fdcb2be
fffca3d7efda3c386f1d8721bb673c6e9b6105b719fd547909f55d416a5cbd32