newcountryrain.ch Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newcountryrain.ch/
Submission: On May 21 via api (May 21st 2024, 1:07:54 am UTC) from CH — Scanned from CH

Summary HTTP 103 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 103 HTTP transactions. The main IP is 2606:4700:90:0:3626:d0ff:6957:de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is newcountryrain.ch.
TLS certificate: Issued by R3 on April 16th 2024. Valid for: 3 months.

This is the only time newcountryrain.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:90:... 2606:4700:90:0:3626:d0ff:6957:de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2606:4700::68... 2606:4700::6812:12d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2600:9000:20a... 2600:9000:20ab:4a00:7:56a2:7e40:21	16509 (AMAZON-02) (AMAZON-02)
4	2a09:8280:1::... 2a09:8280:1::a:6d46	40509 (FLY) (FLY)
11	3.5.252.249 3.5.252.249	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
103	12

16 2606:4700:90:0:3626:d0ff:6957:de1 (United States)

ASN13335 (CLOUDFLARENET, US)

newcountryrain.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700::6812:12d7 (United States)

ASN13335 (CLOUDFLARENET, US)

assets-app-production-pubnet.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-production.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:20ab:4a00:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d10j3mvrs1suex.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a09:8280:1::a:6d46 (United States)

ASN40509 (FLY, US)

stats.zoogletools.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.5.252.249 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

zglseed.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	bndzgl.com assets-app-production-pubnet.bndzgl.com — Cisco Umbrella Rank: 179826 assets-production.bndzgl.com — Cisco Umbrella Rank: 218284	441 KB
16	cloudfront.net d10j3mvrs1suex.cloudfront.net	911 KB
16	newcountryrain.ch newcountryrain.ch	31 KB
11	amazonaws.com zglseed.s3.ca-central-1.amazonaws.com	274 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 64	16 KB
4	zoogletools.net stats.zoogletools.net — Cisco Umbrella Rank: 235669	1 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	972 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	89 KB
1	gstatic.com www.gstatic.com	207 KB
103	10

	Domain	Requested by
33	assets-app-production-pubnet.bndzgl.com	newcountryrain.ch assets-app-production-pubnet.bndzgl.com
16	d10j3mvrs1suex.cloudfront.net	newcountryrain.ch
16	newcountryrain.ch	assets-app-production-pubnet.bndzgl.com
11	zglseed.s3.ca-central-1.amazonaws.com	assets-app-production-pubnet.bndzgl.com
8	assets-production.bndzgl.com	newcountryrain.ch client assets-production.bndzgl.com
4	www.youtube.com	newcountryrain.ch assets-app-production-pubnet.bndzgl.com www.youtube.com
4	stats.zoogletools.net	newcountryrain.ch stats.zoogletools.net
3	www.google.com	assets-app-production-pubnet.bndzgl.com www.gstatic.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	assets-app-production-pubnet.bndzgl.com connect.facebook.net
1	www.gstatic.com	www.google.com
103	11

This site contains links to these domains. Also see Links.

Domain
www.new-country-rain.ch
www.facebook.com
bandzoogle.com

Subject Issuer	Validity	Valid
newcountryrain.ch R3	`2024-04-16` - `2024-07-15`	3 months	crt.sh
bndzgl.com GTS CA 1P5	`2024-04-30` - `2024-07-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
stats.zoogletools.net R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon RSA 2048 M01	`2024-03-28` - `2025-03-11`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://newcountryrain.ch/
Frame ID: 950B9F153523328E49D46E3C0D5D9E0D
Requests: 101 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mQUD37RxXvw?rel=0&wmode=transparent&enablejsapi=1
Frame ID: 657C9DA06A92AA62DD3DED42B897A095
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5_SKXgqTzos?rel=0&wmode=transparent&enablejsapi=1
Frame ID: A4F6817F97AABB570D87BD59AA437B69
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly9uZXdjb3VudHJ5cmFpbi5jaDo0NDM.&hl=de-CH&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=cgos706m75ar
Frame ID: CF5B0E59017942A5B92D9F1F8D47B187
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/video.php?allowfullscreen=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9bc93b89830eec75%26domain%3Dnewcountryrain.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnewcountryrain.ch%252Ff3d23c57ec9d8b42b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fvideo.php%3Fv%3D913928573023936&locale=en_US&sdk=joey&show_text=false&width=
Frame ID: 6FF492A23404C8B149CB148DB2A039D2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/video.php?allowfullscreen=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcc1405093a931f9b%26domain%3Dnewcountryrain.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnewcountryrain.ch%252Ff3d23c57ec9d8b42b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fvideo.php%3Fv%3D965039843988627&locale=en_US&sdk=joey&show_text=false&width=
Frame ID: 9ABF6A448463A76722E9F604092068B6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=8k85QBI-qzxmenDv318AZH30&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ
Frame ID: FF0FBF5146F94737D5D794A887F244F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Country Suisse Switzerland Concert Live Jean-Philippe Pahud Brigitte Arm Werner Fröhlich Jakob Bircher Roger Schaller André Egger live music line dance

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

97 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1971 kB
Transfer

3633 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.new-country-rain.ch/
Title: www.new-country-rain.ch

Search URL Search Domain Scan URL

URL: http://www.facebook.com/newcountryrain.ncr

Search URL Search Domain Scan URL

URL: https://bandzoogle.com/
Title: Site réalisé par Bandzoogle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

103 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newcountryrain.ch/ 66 KB
13 KB 1224ms
837ms Document
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

8da2e52f4dcce11a066f3080f0e37bed07f23548d1270cd430f5c64999f8351d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 01:07:23 GMT
etag: W/"62837567f25674c56021527b2443710d"
last-modified: Tue, 21 May 2024 00:20:16 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=31556952
x-cache: MISS
x-cache-hits: 0
x-clacks-overhead: GNU Terry Pratchett
x-content-digest: aeda091ea49081a6e0af5574e6e920cac039cc3b
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-rack-cache: miss, store
x-request-id: 4de29c4c3b072c0eb7644194d0a8f46d 4de29c4c3b072c0eb7644194d0a8f46d
x-runtime: 0.224425
x-xss-protection: 1; mode=block

GET
H2 200 application-abbe0752f05ddd92154b2a7f2febbefade20ad545e5753294a8329bf2d6f6593.css
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 557 KB
60 KB 102ms
36ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-abbe0752f05ddd92154b2a7f2febbefade20ad545e5753294a8329bf2d6f6593.css

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff63c2fe20deda173545c6cf9dc8e2d0288971bee1a021782793538a83a7250

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2
date: Tue, 21 May 2024 01:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 617099
cf-cache-status: HIT
x-cache: HIT
content-length: 60731
x-xss-protection: 1; mode=block
x-request-id: b68ae5bb50ee96f0a265da46a82d30e7
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 14:39:45 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab592cc10211-ZRH
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 style-195-cba8a334f3a1e8f9528137de3d20c3a79ec6795ee0e6ac3f76d479db7c2bb19d.js Show response
assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/ 118 B
234 B 738ms
672ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-cba8a334f3a1e8f9528137de3d20c3a79ec6795ee0e6ac3f76d479db7c2bb19d.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb296c50d7e43a02ddf51a4ab6324138d9e0b4601f41608ec0333a5826a96598

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 126
x-xss-protection: 1; mode=block
x-request-id: 2587cd3922245d33e469a98742f21b71
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab592a3024be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/ 72 KB
8 KB 233ms
167ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca529831a0657f4828d00d853a21509bd1f9d4d2932dd3289b3441670e638f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
cf-cache-status: HIT
x-cache: MISS
content-length: 8151
x-xss-protection: 1; mode=block
x-request-id: 764ed83cf81ec7cd2eec47451ce9b416
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:39 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab592cc40211-ZRH
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/c56470a8-1a06-4e44-b2ad-360299247937/ 182 B
799 B 99ms
34ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/c56470a8-1a06-4e44-b2ad-360299247937/stylesheet.css

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1505263e80df94b54d56bfee668952cfdcb0204ac67be3980aad0c9e2f65a08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:23 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 256604
content-encoding: gzip
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: a03d4933fa47a9f52f6881ced6a39e8f, a03d4933fa47a9f52f6881ced6a39e8f
pragma
x-runtime: 0.015458
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"a1505263e80df94b54d56bfee668952c"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8870ab592af101db-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 application-8b9ed2269890193cd5796e42f45c14e37fd062804a284ecba75085af832b75c5.js Show response
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 335 KB
106 KB 116ms
51ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-8b9ed2269890193cd5796e42f45c14e37fd062804a284ecba75085af832b75c5.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ef2f393fc0509c4dc48f78b4fd6395e9642f15c4598b8d9ed3ded872db1a8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 617100
cf-cache-status: HIT
x-cache: MISS
content-length: 108153
x-xss-protection: 1; mode=block
x-request-id: a85d0cb5173a1c339e49bcab51f9fa8a
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:44 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab592cc70211-ZRH
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 usersite-13cd2a4cb5ee3e3994f54538d255958fe58ec52fa335a8647fae645a45122304.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 36 KB
11 KB 554ms
488ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite-13cd2a4cb5ee3e3994f54538d255958fe58ec52fa335a8647fae645a45122304.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ddfccbe2eb70d1cba40acb0641c5fe95492b3ffce76cfb22a8b5346db960c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 8
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 10290
x-xss-protection: 1; mode=block
x-request-id: 5db8540c837613f9a91b911eeb70cbc2
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab592a3224be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 usersite-6b7626051fd9b134caf9dae404975c1824f5d32146520de22b065a5c283d9046.css
assets-app-production-pubnet.bndzgl.com/assets/ 12 KB
3 KB 106ms
41ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite-6b7626051fd9b134caf9dae404975c1824f5d32146520de22b065a5c283d9046.css

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b6259045aadfb55e622658f2052f26fa8073642062b9113b9e3d3eeb919a1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556952
access-control-request-method: *
x-permitted-cross-domain-policies: none
content-security-policy: frame-ancestors 'self'
age: 617099
cf-cache-status: HIT
x-cache: HIT
content-length: 2702
x-xss-protection: 1; mode=block
x-request-id: fdeee33fdb84e7f87ee352cc9d9e5411
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab592cc50211-ZRH
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 153 KB
154 KB 104ms
42ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6751cc4d (2024-05-14) / Express
Resource Hash: 1524c2183e92245792d1bcfc69d9afd7f68929b52109a8e601e7c391307fad83

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 17:30:57 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYBGWW18D8ZNTYDQK3TAWX5J-fra
server: Fly/6751cc4d (2024-05-14)
x-amz-cf-pop: AMS58-P3
age: 27386
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: VlJcO_aCABOnPoLVCrLAkhJa7iTf1vwjGx3cwCt0BMo4p062LT9TMQ==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/2bdc379458ddd3fef4afe42994d5049e5890c153/original/5baa0afc-8b55-4459-b76d-32be146214a0.jpeg/!!/b%3AW1sicmVzaXplIiwxMDM5XSxbIm1heCJdLFsid2UiXV0%3D/ 78 KB
79 KB 163ms
101ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/2bdc379458ddd3fef4afe42994d5049e5890c153/original/5baa0afc-8b55-4459-b76d-32be146214a0.jpeg/!!/b%3AW1sicmVzaXplIiwxMDM5XSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6751cc4d (2024-05-14) / Express
Resource Hash: cbcf4c19db6dc3b66696aecead1d3f96fcf98f6862085062ef0c9153ce7a4a14

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 17:30:57 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYBGWW16RKMT2CXEM1NAFB08-fra
server: Fly/6751cc4d (2024-05-14)
x-amz-cf-pop: AMS58-P3
age: 27386
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/2bdc379458ddd3fef4afe42994d5049e5890c153/original/5baa0afc-8b55-4459-b76d-32be146214a0.jpeg/!!/b:W1sicmVzaXplIiwxMDM5XSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/2bdc379458ddd3fef4afe42994d5049e5890c153/original/5baa0afc-8b55-4459-b76d-32be146214a0.jpeg","commands":[["resize",1039,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: oDFdX68heMaemSMJsemmCPKcEtU_GtiwZMUB_A4Z5zCpoxacO69XyQ==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/a450e551712db0bc6157fee7301707729de89b20/original/erich-monnaz.jpeg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 122 KB
123 KB 39ms
39ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/a450e551712db0bc6157fee7301707729de89b20/original/erich-monnaz.jpeg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6751cc4d (2024-05-14) / Express
Resource Hash: 8569253597fc713d8ea3a4c3649b006b32402bc8cdcc2b8f34a58cf73b4f4818

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 17:30:57 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYBGWW3SBPHEA58TVE6CK1N7-fra
server: Fly/6751cc4d (2024-05-14)
x-amz-cf-pop: AMS58-P3
age: 27386
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/a450e551712db0bc6157fee7301707729de89b20/original/erich-monnaz.jpeg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/a450e551712db0bc6157fee7301707729de89b20/original/erich-monnaz.jpeg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: yK53ZQB31Xeh-JhNW1aIkBUt1JFkPTe21tkL6DPdHcJRnPlfgo2vvA==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/3c9f4b5b16f307bb1b0b6be8cba2ed86b2969693/original/9dcca85f-94de-4882-a3e9-455e0d5929dd.jpeg/!!/b%3AW1sicmVzaXplIiw5NzddLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 39 KB
40 KB 36ms
36ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/3c9f4b5b16f307bb1b0b6be8cba2ed86b2969693/original/9dcca85f-94de-4882-a3e9-455e0d5929dd.jpeg/!!/b%3AW1sicmVzaXplIiw5NzddLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6751cc4d (2024-05-14) / Express
Resource Hash: 52afbc23a42e507250ebec2f39f75c515b04081fcecd2c2f328e47b276eb9694

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 17:30:57 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYBGWW3Z8HEJG13NSM24PFK6-fra
server: Fly/6751cc4d (2024-05-14)
x-amz-cf-pop: AMS58-P3
age: 27386
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/3c9f4b5b16f307bb1b0b6be8cba2ed86b2969693/original/9dcca85f-94de-4882-a3e9-455e0d5929dd.jpeg/!!/b:W1sicmVzaXplIiw5NzddLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/3c9f4b5b16f307bb1b0b6be8cba2ed86b2969693/original/9dcca85f-94de-4882-a3e9-455e0d5929dd.jpeg","commands":[["resize",977,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: j02JrbMVeJqJa8geyo83D1szawZiRo_Lt3ozhN6vcEWq9V8fxmjj9A==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/09eb569a17848c53de6c327d24ccc1a745e2e143/original/1c459627-eb50-47c9-a582-c9295a042dd4-1-102-o.jpeg/!!/b%3AW1sicmVzaXplIiw5NjFdLFsibWF4Il0sWyJ3ZSJ... 73 KB
74 KB 35ms
35ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/09eb569a17848c53de6c327d24ccc1a745e2e143/original/1c459627-eb50-47c9-a582-c9295a042dd4-1-102-o.jpeg/!!/b%3AW1sicmVzaXplIiw5NjFdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/6751cc4d (2024-05-14) / Express
Resource Hash: 503157f5eafee6d9b906e9fb6a9fd2d8bf935eacb581ff9a86a22843d6f3e774

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 17:30:57 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYBGWW3XZ20T77NN102DKM49-fra
server: Fly/6751cc4d (2024-05-14)
x-amz-cf-pop: AMS58-P3
age: 27386
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/09eb569a17848c53de6c327d24ccc1a745e2e143/original/1c459627-eb50-47c9-a582-c9295a042dd4-1-102-o.jpeg/!!/b:W1sicmVzaXplIiw5NjFdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/09eb569a17848c53de6c327d24ccc1a745e2e143/original/1c459627-eb50-47c9-a582-c9295a042dd4-1-102-o.jpeg","commands":[["resize",961,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: _KSNfaggDiYpdQ5Ff1Ynvcn0GgOUjXrjx_0xUgN3hwYDVVKS5rZLFQ==

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/dca8c247-9277-4024-b4b8-9c5bfaa3d4b0/ 226 B
330 B 518ms
462ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/dca8c247-9277-4024-b4b8-9c5bfaa3d4b0/stylesheet.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b741e055917553539e82644e950f2b85f509c02e14807b8f3e36c6cee711b22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-encoding: gzip
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: e415fa73e6debc192cd51f39a2dcbda9, e415fa73e6debc192cd51f39a2dcbda9
pragma
x-runtime: 0.013146
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"9b741e055917553539e82644e950f2b8"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8870ab592af201db-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/4485cf1e-d293-41e4-a44d-4439b1a57b51/ 215 B
287 B 91ms
36ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/4485cf1e-d293-41e4-a44d-4439b1a57b51/stylesheet.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20119e7faec9749e893c52b303b1dc163eba8bde987e93d4078912e914cb653a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:23 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 611307
content-encoding: gzip
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: 9cbc6e10c3ccd2afcacf52380a73ea47, 9cbc6e10c3ccd2afcacf52380a73ea47
pragma
x-runtime: 0.036337
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"20119e7faec9749e893c52b303b1dc16"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8870ab592af301db-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 stylesheet.css
assets-production.bndzgl.com/assets/3cdc3ab3-d201-4571-b48e-ecc6e9aa114f/ 235 B
283 B 204ms
148ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/3cdc3ab3-d201-4571-b48e-ecc6e9aa114f/stylesheet.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c57001cb4a01053ae5e95741c03b0aaaae8c0a21c03f7401e200cd15b6788d4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:23 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-encoding: gzip
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css
x-xss-protection: 1; mode=block
x-request-id: 2e276f01b2eeeea2468395def4970902, 2e276f01b2eeeea2468395def4970902
pragma
x-runtime: 0.016026
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"c57001cb4a01053ae5e95741c03b0aaa"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8870ab592af401db-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:23 GMT

GET
H2 200 usersite_print-54751968beb622ee3de912bc218d2b9ac3a8d135d26a0cf1beb003bfc0870409.css
assets-app-production-pubnet.bndzgl.com/assets/ 202 B
325 B 35ms
35ms Stylesheet
text/css 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersite_print-54751968beb622ee3de912bc218d2b9ac3a8d135d26a0cf1beb003bfc0870409.css

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d08208ef815ac4e4afdc1a43f546d1b7e9fe5aa2eca720977104c53b75cb92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
age: 356170
x-cache: HIT
content-length: 148
x-xss-protection: 1; mode=block
x-request-id: 0bd9c50f094a6a13b568f3dee193ec92
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:43 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c2fe10211-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 stats.js Show response
stats.zoogletools.net/ 2 KB
1 KB 312ms
200ms Script
application/javascript 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/stats.js?v=1
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) /
Resource Hash: 061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:24 GMT
content-encoding: zstd
via: 2 fly.io
last-modified: Thu, 09 May 2024 15:17:24 GMT
server: Fly/7452e847 (2024-05-20)
fly-request-id: 01HYCB0NGEKCEZWY1ND0JH9EYW-ams
etag: W/"6b7-663ce904.0"
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
fly-cache-status: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK page-bg-repeat.jpg
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 17 KB
18 KB 352ms
119ms Image
image/jpeg 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/page-bg-repeat.jpg
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 015642f30828d36af6a8df0e401db55343bebe4dfc0c6e93313d23ef18d91480

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: _e4czhMEc_jbm7pxP_0g9M3VbMcAkwvV
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF0EEPRDNSZYABZ
ETag: "b4f8f08aae8148a575d4cf5fc450eece"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 17790
x-amz-id-2: FU6s4WKOWe9k7BSP3VRT0twp9rEZDVO35ei4xRXG19HPQqAi5twveIHJFac+tr/JJzEe4XzHD0NOwfepzELwhIMmOjXMryli

GET
H/1.1 200
OK top-bar.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 135 KB
136 KB 372ms
139ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/top-bar.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e0e250c8a0ccb9b531c205b9d412eb166c6b2d8a12a927e410d3d5f16357e3ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: I1NBtOQ.SppcsFqwdIhXVJItQWMWfvft
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF8SVV2PHRB1V7J
ETag: "607887bdd3a1caaa0198061413cab1b0"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 138743
x-amz-id-2: cO5M3MCaftqLLq4momN1XnE8RKzTEL459ypTsuJfFuwFO7XYgplmGfsfgrRmbsXObY2OgZbS0ugA+zVZi97zM5bTpmPLOpVn

GET
H/1.1 200
OK background.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/header/ 4 KB
4 KB 386ms
153ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/header/background.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6ea5be4567ecf11a8dd70f299280cc4e351e8c4ffae46bd4b891c4dc0422515

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: vtoM_y6XEHauAXgvMkQFG.5aROgsUuD7
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJFAGQ6K80SRXBGF
ETag: "1fbe6a0cb4f0855230b1ccd016d58816"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3860
x-amz-id-2: 9cJyLYMUxfpmbGYvSHJOoZtvGXON9KFbR6Y/xzSQg6zu02HGiDTqsnaSwMfOrxX3GJ7PpOG62Z4fCmmez7gAtrnEVuVmRybf

GET
H/1.1 200
OK frame.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/header/ 80 KB
80 KB 495ms
142ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/header/frame.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 332df081c9fda8c341f66e3505c748187a81e03a736ceb5ef0e43f431d02f8c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: 4KNUZdx95YrnwfZpzKsinNY_xyFBJ4Mf
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJFA4E24HYS7G2EZ
ETag: "f13c6f75bbf7e5c334e7ff0362592d39"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 81667
x-amz-id-2: NpYU5Yp5itVTkLroTu3UtzQBuB38JaqSnp/5/pVlDAFl7r0vbmYEcQT2zlYMC1psP2WF5xddTZ+dfxfv/8M8gRR4tYh1smXN

GET
H/1.1 200
OK title-background.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/header/ 24 KB
25 KB 480ms
120ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/header/title-background.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dbcdf8238b74d8cb129f2ae50f31bcdc81b78b804b44cedb0c635288d3d01bea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: UiylCOXUFWXEwLhkNSiZ_7P29g.sfwvL
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF9GE1H1Y88CYFW
ETag: "aac3702ee5a900357f789892bb84778c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 24936
x-amz-id-2: mXg0y6+Xnuemgrx76EyT16lc8KeE7bTpP+JkAuAfe3aJqOa6wTw1GWj3D7BBMJUytR390fsYgr4FTSrsPezwFybCBmCCumQ+

GET
H/1.1 200
OK nav-repeat.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 1 KB
2 KB 514ms
129ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/nav-repeat.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 708b1af351371fcd901882767c135528b891e2e1bf579b8f9d50520935c0e76d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: Mp2cB6S3uZIwUoqOqO0BqoU8Pt8hw9qO
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF1XMHTKN40ZBS8
ETag: "8e05a98865bc2469afc7ae6f61e167a8"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1105
x-amz-id-2: GG2QF4j0wu1esByNnn5GpFDrUQCfTFon879OugGHylZOsl4OHG6JeqsUVECUhdCWv2KvPnUF/BJZ5Btdxl3Amzw7JSWk+Irj

GET
H/1.1 200
OK nav-endpiece-left.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 1 KB
2 KB 370ms
150ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/nav-endpiece-left.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8c52d07e6ac8a295ebf2e56179e4833424525d8338cef1246007c7762b1350ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: oEQhimXL007TqEwqp5JhriRw7NSeCXI2
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF1WKDRPS0NRPH8
ETag: "fa4dea84d3496c05ddf4af767b41227c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1249
x-amz-id-2: 1aHiIeI/C7IzfCemSdguXQWjayIptNdXQpvMhQ5OboKHOSG47vV8NkFJ+nglpkJbTyax31e4pQoDow3In0dsjPCJchqU/agE

GET
H/1.1 200
OK nav-endpiece-right.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 1 KB
2 KB 346ms
126ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/nav-endpiece-right.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17fcf7fd823a6744ddef40de44120983630fd092934005997786e848a45651f1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: OrJotmH_uipm3OOanJio2VvLXtsC4zDz
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF5Y456QC2PR0H7
ETag: "7e71d26b8b783cc563850f4541b3b874"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1269
x-amz-id-2: ixccN8MDOVE7wiDuhUTC8W2z+VLeta7G7Dor+RoLxQ1eX+a7sUFwzWXNE6Y2445gT6bWBdan80XVO3P4i2D2KaVe05aKuv5D

GET
H/1.1 200
OK subheader-repeat.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 1 KB
2 KB 357ms
138ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/subheader-repeat.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0970b8eec372a07bf813b9870e6fad367cbbafd5c1fbd7be8486a8f8ba1b91b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: qcYfBJKGDTlH2AJ5eBjaKwT1VfCYrow4
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF02R7F07NBZ7K5
ETag: "976f15c02a211e5ac0a2fdc18ff6424b"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1077
x-amz-id-2: nih2BZM+YG0f70N7K813WemyYr8iT1xHt8mukurwQDirXxQnsl5CT3oieiiGPC0RRj6vL6gAh1zWQ3TrKrFnZ8KcLvqAPE36

GET
H/1.1 200
OK subheader-left.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 1 KB
2 KB 502ms
128ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/subheader-left.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd449b39d270ab27d574abb1b8c9c108df7d8ba18b2ae94fcac9e75af27c6fa2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: QrucYzsGRRhyhtPU7LhVWrAtDJM.lCiN
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJF71MA4EWDMEX5R
ETag: "6336f8488e81b44dcc64ce4370eeefb6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1213
x-amz-id-2: +U5qhNquJ682EF2LSpK/McIR7yOVFbws6vOfWSisx2ypxKhOoBlkmcw9vdBmgcX9DiNn2R6z/mo/Ot55JQlewAjselN0OGQ2

GET
H/1.1 200
OK subheader-right.png
zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/ 3 KB
3 KB 479ms
120ms Image
image/png 3.5.252.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zglseed.s3.ca-central-1.amazonaws.com/usersite/themes/153/a/subheader-right.png
Requested by: Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/themes/style-195-3fb4220e73a2e98f516b2aa816f433faee618ca58b11cac790a7e5e50110718a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.252.249 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be73064fa4ad817ae84258ee2add58de9d937a496144ac820804c4bddf69f4f8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 01:07:25 GMT
x-amz-version-id: Ztw56HikVnFo.gQq7N_mw7nVwsgxKhXj
Last-Modified: Mon, 03 Oct 2022 16:18:09 GMT
Server: AmazonS3
x-amz-request-id: ZJFF4GRQ3VZZ2VYG
ETag: "fb03934a7809c6f206de5c1d4b2cc3f2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2681
x-amz-id-2: sk4kQgg9SEptuaeeFuxnWbpNrELf3uqxFMUhvF/dLbb/YB/JYtP21XJlGOvMzFC3D7z9QIvoQIdKwqBUnPzSX5rHEGlIP257

GET
H2 200 facebook-e980e12915dabc6d9edab1a8d4d071e596a2de291b035c30fb491e08072ca13f.png
assets-app-production-pubnet.bndzgl.com/assets/shared/icons/my_sites/color_large/ 2 KB
2 KB 38ms
37ms Image
image/png 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/shared/icons/my_sites/color_large/facebook-e980e12915dabc6d9edab1a8d4d071e596a2de291b035c30fb491e08072ca13f.png

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-abbe0752f05ddd92154b2a7f2febbefade20ad545e5753294a8329bf2d6f6593.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a2fbe92df9fb04a0ba4a7a5a7df5f0f05199f258a0206a87f8ecf2485fd80b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 589806
x-cache: MISS
content-length: 2275
x-xss-protection: 1; mode=block
x-request-id: b293d1fecc47ed5890e628d09745e747
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:42 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c28030211-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 josefinslab-bold.woff2
assets-production.bndzgl.com/assets/dca8c247-9277-4024-b4b8-9c5bfaa3d4b0/ 10 KB
11 KB 170ms
170ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/dca8c247-9277-4024-b4b8-9c5bfaa3d4b0/josefinslab-bold.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/dca8c247-9277-4024-b4b8-9c5bfaa3d4b0/stylesheet.css#Josefin%20Slab-bold

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e87c63d82f0a195659465790cf9f25f9bcb516c0b82d6bb8faf1c3746008fa8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="josefinslab-bold.woff2"; filename*=UTF-8''josefinslab-bold.woff2
content-length: 10708
x-xss-protection: 1; mode=block
x-request-id: babb4f7dc7534b14e1d967cb4fe44754, babb4f7dc7534b14e1d967cb4fe44754
pragma
x-runtime: 0.018739
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"0e87c63d82f0a195659465790cf9f25f"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5dc924be-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 josefinslab-regular.woff2
assets-production.bndzgl.com/assets/3cdc3ab3-d201-4571-b48e-ecc6e9aa114f/ 11 KB
11 KB 160ms
160ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/3cdc3ab3-d201-4571-b48e-ecc6e9aa114f/josefinslab-regular.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/3cdc3ab3-d201-4571-b48e-ecc6e9aa114f/stylesheet.css#Josefin%20Slab-regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2d3cc5916438fde8f5e1360a5515b11edd7c8e7f00c8be2f7bc8a80fa26904e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="josefinslab-regular.woff2"; filename*=UTF-8''josefinslab-regular.woff2
content-length: 11008
x-xss-protection: 1; mode=block
x-request-id: 40367314d00397f95eb170dd4278f92d, 40367314d00397f95eb170dd4278f92d
pragma
x-runtime: 0.010854
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"a2d3cc5916438fde8f5e1360a5515b11"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5dc424be-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 ptsans-regular.woff2
assets-production.bndzgl.com/assets/4485cf1e-d293-41e4-a44d-4439b1a57b51/ 100 KB
100 KB 2309ms
2309ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/4485cf1e-d293-41e4-a44d-4439b1a57b51/ptsans-regular.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/4485cf1e-d293-41e4-a44d-4439b1a57b51/stylesheet.css#PT%20Sans-regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

333a78c5fad517f2b39536b36ec003effa1d9e497bec992988f9ace03fc3c62f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:26 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="ptsans-regular.woff2"; filename*=UTF-8''ptsans-regular.woff2
content-length: 102136
x-xss-protection: 1; mode=block
x-request-id: 95256c09af101222b32f888ef326e9b8, 95256c09af101222b32f888ef326e9b8
pragma
x-runtime: 0.021146
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"333a78c5fad517f2b39536b36ec003ef"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5dc624be-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:26 GMT

GET
H2 200 font-icons-50892f71d62f1e92fa3c4dfc6e00e1b097fa3a3d4eda394bf5dee51b3d92df7b.woff
assets-app-production-pubnet.bndzgl.com/assets/ 33 KB
17 KB 1264ms
1264ms Font
application/font-woff 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/font-icons-50892f71d62f1e92fa3c4dfc6e00e1b097fa3a3d4eda394bf5dee51b3d92df7b.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
content-encoding: gzip
x-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: 6b2bff59efc2787572d865fc6875b0b1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:43 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8870ab5c5dc824be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 4466548.html Show response
newcountryrain.ch/698504/deferred_features/ 292 B
906 B 1227ms
1223ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/4466548.html

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-8b9ed2269890193cd5796e42f45c14e37fd062804a284ecba75085af832b75c5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

19c9d9a05b0df511490de271632576118a00ec4ddea63f98e8e16d24d58ccf9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
content-length: 292
x-xss-protection: 1; mode=block
x-request-id: 5eaf5b77d7386650e5bb91c3a14891f3, 5eaf5b77d7386650e5bb91c3a14891f3
x-runtime: 0.071122
x-content-digest: 4ae7b5dd4c037225ed1ff1d3546f7a93dfcae533
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"19c9d9a05b0df511490de27163257611"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 0

GET
H2 200 4855310.html Show response
newcountryrain.ch/698504/deferred_features/ 275 B
889 B 1105ms
1100ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/4855310.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

b78f6ba5b94c41f5a3a06492d50dfebd5373e91cf6ad726f4e477b97885defd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 6359
x-cache: HIT
content-length: 275
x-xss-protection: 1; mode=block
x-request-id: b67d41e55125a00cb60f81427c3bca6a, 804e63ef3921ad0a9c44a0862b6d37cc
x-runtime: 0.069185
x-content-digest: 41eea71d42ef509e81ac3dd60508549740132b3c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"b78f6ba5b94c41f5a3a06492d50dfebd"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 2

GET 5154416.html
newcountryrain.ch/698504/deferred_features/ 0
0

GET
H2 200 14837341.html Show response
newcountryrain.ch/698504/deferred_features/ 1 KB
1 KB 1105ms
1101ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/14837341.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

c9c318b0ea59a21e10d802d79114e28d0f40a518295d63bcd86ce2c9e5bab706

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 2828
x-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: de0a8182337bf52b450cac03e1ce046a, 46db79f5685c817b8a297b0878656dd4
x-runtime: 0.053122
x-content-digest: 0c110a37ccd5727e55444814b7401a6f2cc4e8b9
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"c9c318b0ea59a21e10d802d79114e28d"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-rack-cache: miss, store
x-cache-hits: 1

GET
H2 200 8958812.html Show response
newcountryrain.ch/698504/deferred_features/ 632 B
1 KB 170ms
165ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/8958812.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

f6c31e89f04846ad88c6806a0aa5ea1a55e4d2b4e0adede267a426ae772a0bbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 6358
x-cache: HIT
content-length: 632
x-xss-protection: 1; mode=block
x-request-id: fa2fc45c8a8acfd6adde2d642c8da4a2, 2d1895eecf26c016e2850275565d57cb
x-runtime: 0.063714
x-content-digest: 015ea361b218fd82f02f5d4cb492572586dc1b53
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"f6c31e89f04846ad88c6806a0aa5ea1a"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 1

GET
H2 200 8958927.html Show response
newcountryrain.ch/698504/deferred_features/ 257 B
870 B 1226ms
1221ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/8958927.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

9d7afb8d55319000e700c0530098d7f8e8f0f8aaca533b2b3934369287e0bb14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 1
x-cache: MISS
content-length: 257
x-xss-protection: 1; mode=block
x-request-id: 0a9fc865300fd16e7cfd957e733ed1c6, 0a9fc865300fd16e7cfd957e733ed1c6
x-runtime: 0.043279
x-content-digest: 82bea030562327742835316e2048eacf98ff9af8
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"9d7afb8d55319000e700c0530098d7f8"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 0

GET
H2 200 9012643.html Show response
newcountryrain.ch/698504/deferred_features/ 632 B
1 KB 170ms
166ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/9012643.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

7c29d9c46be4fbe6076d778d12dc2230501ef753280880a085524c3fdd580912

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 5347
x-cache: HIT
content-length: 632
x-xss-protection: 1; mode=block
x-request-id: f172c1706268e1ed3a93dfddf8f361b9, 7fcb22b2b13bb9d5f6d22d2b6a84e7dd
x-runtime: 0.061697
x-content-digest: ba076f1caaa8bc7edf44a5248111b2efdb48133c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"7c29d9c46be4fbe6076d778d12dc2230"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 1

GET 15322091.html
newcountryrain.ch/698504/deferred_features/ 0
0

GET
H2 200 15525488.html Show response
newcountryrain.ch/698504/deferred_features/ 524 B
1 KB 1224ms
1220ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/15525488.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

6ff8d741b2b23c0edc0e28f69e7043b292a6298a3202cad4cd83f5a63d071f31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
content-length: 524
x-xss-protection: 1; mode=block
x-request-id: 7fcbad718ce3a9a1fdd2bd31b2993f9a, 7fcbad718ce3a9a1fdd2bd31b2993f9a
x-runtime: 0.054155
x-content-digest: 26a02e4d599ab112ecaf43a0776401ad3b2ddd94
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"6ff8d741b2b23c0edc0e28f69e7043b2"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 0

GET
H2 200 17095084.html Show response
newcountryrain.ch/698504/deferred_features/ 167 B
781 B 16786ms
16782ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/17095084.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

60056fc545d416bdaf7d8be7ac832193ed95b77c8039ec28c0eadf377dc7c6f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:40 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 16
x-cache: MISS
content-length: 167
x-xss-protection: 1; mode=block
x-request-id: 17105e4cb95456ecbdbbec0007602573, 17105e4cb95456ecbdbbec0007602573
x-runtime: 0.035362
x-content-digest: c21119fc57ac7944a3b231d0dca2181c5bf83f32
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"60056fc545d416bdaf7d8be7ac832193"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-rack-cache: miss, store
x-cache-hits: 0

GET
H2 200 17508394.html Show response
newcountryrain.ch/698504/deferred_features/ 59 KB
5 KB 2479ms
2475ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/17508394.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

fad8c862f2761aa5d4e2fe540be023a67282f7a433d700a5b7a001dba39d6175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:26 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 5347
x-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: 2d2d9cca26d1958bfdecf6bfa3be7c6c, 4173c641fafb9bdf89780d39b3cc0517
x-runtime: 0.088072
x-content-digest: 8cd3d62641b774a92a3f8e68b6c545f107284299
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"fad8c862f2761aa5d4e2fe540be023a6"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-rack-cache: miss, store
x-cache-hits: 1

GET
H2 200 18331868.html Show response
newcountryrain.ch/698504/deferred_features/ 1 KB
1 KB 445ms
441ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/18331868.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

23879dc1e8a68ab9097e513fe416805e748d59bac87402962ceeb43389c7a69e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 7611
x-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: ccfd744bd6773462a9a77643890608c6, 92c6e4a89bf817bde91924466c5f83fa
x-runtime: 0.034467
x-content-digest: d96d2f03ac585fc5fd2c8ce8fa16e5c21bae373f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"23879dc1e8a68ab9097e513fe416805e"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-rack-cache: miss, store
x-cache-hits: 1

GET
H2 200 19228925.html Show response
newcountryrain.ch/698504/deferred_features/ 1 KB
1 KB 1103ms
1099ms XHR
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/698504/deferred_features/19228925.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

262183f212e86335af429df91eaab3ecd5188f5ed3a7e0f110c8a1c948ba9c12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
x-xss-protection: 1; mode=block
x-request-id: eee8dd8ba4413103cc25bdba03ff5e69, eee8dd8ba4413103cc25bdba03ff5e69
x-runtime: 0.072517
x-content-digest: 5cf285e8aea4ae63c12dd1fb8da1f275d0e13eb1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: openresty
x-clacks-overhead: GNU Terry Pratchett
etag: W/"262183f212e86335af429df91eaab3ec"
x-download-options: noopen
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-rack-cache: miss, store
x-cache-hits: 0

GET
H2 200 chunk-JIKTHNBU.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 2 KB
1 KB 13580ms
13576ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-JIKTHNBU.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1a67e56671f8c093b4b222e099a5144ccc5649f9d1c7a4c67a689e75d7302a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Tue, 21 May 2024 01:07:37 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 1147
x-xss-protection: 1; mode=block
x-request-id: 59f99219dff6b368c7a8cbcc8db746d1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5dd324be-ZRH
expires: Fri, 19 May 2034 01:07:37 GMT

GET
H2 200 chunk-RD5WNJFN.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 268 B
308 B 597ms
593ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-RD5WNJFN.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94cb4e5aca194fadd5fc6c1e98eff987b90ce17b2e35e5756e7689dbf8d6878b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 6
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 205
x-xss-protection: 1; mode=block
x-request-id: ba1cffbbb356b2f8df16a7ef6f769f64
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5dd624be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-HLRD4TMO.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 4 KB
2 KB 1005ms
1002ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-HLRD4TMO.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

303d15c418398258f5e1987a9f483bd78edb176d4367efe6788178bf5d69845a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 8
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 1455
x-xss-protection: 1; mode=block
x-request-id: 5552f6ff0bf2d1aa1e45d71855bbb1a0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5dd824be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 chunk-NCI3ZDGC.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 15 KB
5 KB 1227ms
1223ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-NCI3ZDGC.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91fc4b6faba3954e4ce7699ef5211d2de8c417c49b084f6c89277a5405291299

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 13
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 4873
x-xss-protection: 1; mode=block
x-request-id: e57e8c1cf25f35f5b03caf175a6cbe84
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5ddb24be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 chunk-H57PQYDG.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 51 KB
18 KB 468ms
464ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-H57PQYDG.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b686486b13257f0d66667032e7252eb85dc32f25d199c0df9bcc060de2bcaf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 14
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 18248
x-xss-protection: 1; mode=block
x-request-id: 3ca3cf81ac212be81acdc2903ba364d4
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5ddc24be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-UD76JUOO.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 2 KB
910 B 16783ms
16779ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-UD76JUOO.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0851ba4833240f6ead6562680c1e4867e497d9597e8bc0279d4855f43162f4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Tue, 21 May 2024 01:07:40 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 811
x-xss-protection: 1; mode=block
x-request-id: 6f2caf3c7294b00660c40780fff6a789
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c5ddd24be-ZRH
expires: Fri, 19 May 2034 01:07:40 GMT

GET
H2 200 chunk-NKUGSITO.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 2 KB
1 KB 163ms
160ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-NKUGSITO.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3035dd00efa1eb25065e94bae6680951304495a4f309f642aae7265ba08b5c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 938
x-xss-protection: 1; mode=block
x-request-id: d461fd71e2acb99e9e5c5df2e53ba85a
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6def24be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-4PD7QEWJ.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 457 B
432 B 156ms
153ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-4PD7QEWJ.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

757314e8f9afd8350b520951d9dce8e6aa70dc663ac5ea22f0fd753f0202b07b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 7
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 305
x-xss-protection: 1; mode=block
x-request-id: 6fea6e44608b05a032588f2ff362e1b4
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df024be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-EPTWJNFA.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 684 B
483 B 159ms
156ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-EPTWJNFA.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28f1af104c5e33d03f6c146aa67e4a10a7c671ca11485d8a4e3d710ab41cc04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 381
x-xss-protection: 1; mode=block
x-request-id: cad55566a692ea229a0a61ec621f9d9d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df124be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-6NOJHDKZ.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 186 B
258 B 459ms
456ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-6NOJHDKZ.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48cd86f8ecdb42a1b61b8502af0081899900c1cdafcd3337f4a16fbfb35b6cd1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 159
x-xss-protection: 1; mode=block
x-request-id: 7cec55aa479126b621d7e13c3ae64c4e
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df224be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-HQGF43QM.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 779 B
541 B 484ms
481ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-HQGF43QM.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07622a6a2f8c576e03d4b94cb8733daa5da014cb43d776ef4147082ae5768ed0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 408
x-xss-protection: 1; mode=block
x-request-id: c6b87678dbc40b6da3fc95a65f61d89d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df324be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-OU4GGTV4.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 9 KB
3 KB 16141ms
16138ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-OU4GGTV4.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e877bf6eda912ba05e6c7651b599c1ede3add153fa33caf2f85f1388548b6be9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 7
date: Tue, 21 May 2024 01:07:40 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 2876
x-xss-protection: 1; mode=block
x-request-id: 1e7454ddf11bf5f7a8aefe878ca61ae5
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df424be-ZRH
expires: Fri, 19 May 2034 01:07:40 GMT

GET
H2 200 chunk-QOBY5R44.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 3 KB
1 KB 1097ms
1094ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-QOBY5R44.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf17fd80984801b4e130afacfaf259916963018bf4f8ec4902a57ed0540a18a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 10
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 1135
x-xss-protection: 1; mode=block
x-request-id: 1404e2e0f92fa99933d9243626316736
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df524be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 chunk-MGXRPEKJ.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 755 B
564 B 1220ms
1218ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-MGXRPEKJ.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5def2aeb963e35faeff9f4eb0d6b406d059658c01bbef7125b101b38c11c1a93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 16
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 460
x-xss-protection: 1; mode=block
x-request-id: e7ffdd1b03895be0de6f5f78fbc552cd
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df624be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 chunk-S4RFMAMH.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 16 KB
6 KB 16144ms
16142ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-S4RFMAMH.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889ae8dd39164f93ba8bd7875bd0c5193b75d0b0347b60a5761bc2e41ee6931a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 9
date: Tue, 21 May 2024 01:07:40 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 5896
x-xss-protection: 1; mode=block
x-request-id: 2df4c7b1b86c1ad8a949baea447e6326
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df724be-ZRH
expires: Fri, 19 May 2034 01:07:40 GMT

GET
H2 200 chunk-ED4DOYUA.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 5 KB
2 KB 1099ms
1097ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-ED4DOYUA.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aef271e3195d214e9580891c8f3f9919fd1a5e82beef6b54247a9755290a9039

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 2141
x-xss-protection: 1; mode=block
x-request-id: c9ff8d6c8ed26df47b0aa3568b9f06b6
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6df924be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 chunk-TPOPGTYZ.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 10 KB
4 KB 1097ms
1096ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-TPOPGTYZ.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33696c356de63b98e4925f07e6da36be7fc144351e3b14e453ef547af9bef87d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Tue, 21 May 2024 01:07:25 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 3734
x-xss-protection: 1; mode=block
x-request-id: 8f031773c155671201f439f9eb5c05c8
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6dfa24be-ZRH
expires: Fri, 19 May 2034 01:07:25 GMT

GET
H2 200 chunk-OJ4AZH3W.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 256 B
369 B 16138ms
16137ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-OJ4AZH3W.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d61ccfa6e9c52e82b8eb8bc73447a6c8a849c50103d393ce0ee5837d75126f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 8
date: Tue, 21 May 2024 01:07:40 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 197
x-xss-protection: 1; mode=block
x-request-id: de1cc3347dcd13c7f5c810714c1de679
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6dfb24be-ZRH
expires: Fri, 19 May 2034 01:07:40 GMT

GET
H2 200 chunk-YX7F2HNK.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 44 KB
11 KB 170ms
169ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-YX7F2HNK.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d39e4b99ebb6a6b22232a36cd05fe49ddd1fb139baee8ae76cd7497e406feb6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 7
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 10897
x-xss-protection: 1; mode=block
x-request-id: e955f6f7cebf48c557c5c9f3bddef67e
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6dfc24be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 chunk-PLGRBW3W.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 843 B
591 B 514ms
513ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-PLGRBW3W.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7557a6f251833d12dc8f0cb6a07f0b312e1ded6d97a4fa38425a035e03e9dd25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:24 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 491
x-xss-protection: 1; mode=block
x-request-id: 557edd330e890007087a794313f1c3b9
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870ab5c6dfd24be-ZRH
expires: Fri, 19 May 2034 01:07:24 GMT

GET
H2 200 mQUD37RxXvw
www.youtube.com/embed/ Frame 657C 0
0 155ms
94ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/mQUD37RxXvw?rel=0&wmode=transparent&enablejsapi=1

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://newcountryrain.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 01:07:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5_SKXgqTzos
www.youtube.com/embed/ Frame A4F6 0
0 150ms
91ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5_SKXgqTzos?rel=0&wmode=transparent&enablejsapi=1

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://newcountryrain.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 01:07:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 visits
stats.zoogletools.net/ 0
0 206ms
206ms Fetch
application/json 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Requested by

Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/7452e847 (2024-05-20) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 May 2024 01:07:24 GMT
via: 2 fly.io
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: c7996e32-0c4d-4904-9d68-4df5ee4e6d34
x-runtime: 0.094862
referrer-policy: strict-origin-when-cross-origin
fly-request-id: 01HYCB0NYHDNC9FWH1RQ79X6ZE-ams
server: Fly/7452e847 (2024-05-20)
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 visits
stats.zoogletools.net/ Frame 0
0 249ms
196ms Preflight 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zoogletools.net/visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://newcountryrain.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-length: 0
date: Tue, 21 May 2024 01:07:23 GMT
fly-request-id: 01HYCB0NRDZ58E9DAREKMTBF99-ams
server: Fly/7452e847 (2024-05-20)
via: 2 fly.io

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/60cd012d88f1796eda2013e0c3ed4409abc8ebc8/original/be2a9cfa-05f9-41d8-8e72-31b923e1e209.jpeg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 44 KB
45 KB 256ms
254ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/60cd012d88f1796eda2013e0c3ed4409abc8ebc8/original/be2a9cfa-05f9-41d8-8e72-31b923e1e209.jpeg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 56eb2d9cb2473d7b037ac30956df4bbb01cbd98f913ac320684e749bf61fd03f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:24 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB0NWC8QHPXYQYAV1G3JT2-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/60cd012d88f1796eda2013e0c3ed4409abc8ebc8/original/be2a9cfa-05f9-41d8-8e72-31b923e1e209.jpeg/!!/b:W1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/60cd012d88f1796eda2013e0c3ed4409abc8ebc8/original/be2a9cfa-05f9-41d8-8e72-31b923e1e209.jpeg","commands":[["resize",660,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: Vb7DOU3UQnw76WvBOU4761x0V9bBOmGYL3l9Ic8LKi1dD4vkOY37rA==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.png
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/94d407d624e8e33f137782e2542ff22dda9b3185/original/capture-d-e-cran-2022-06-30-a-11-05-38.png/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 154 KB
155 KB 476ms
476ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/94d407d624e8e33f137782e2542ff22dda9b3185/original/capture-d-e-cran-2022-06-30-a-11-05-38.png/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.png
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 392ceadfad6bd3939ddc3bfd55c2a037fb75c533363943084d2fd4b7821ec489

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB0PHX8KDVJPE4BY308DGG-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/94d407d624e8e33f137782e2542ff22dda9b3185/original/capture-d-e-cran-2022-06-30-a-11-05-38.png/!!/b:W1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.png","src":"u/159893/94d407d624e8e33f137782e2542ff22dda9b3185/original/capture-d-e-cran-2022-06-30-a-11-05-38.png","commands":[["resize",660,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: yThYIX78X4mJ2HMoc3_eJ6FKmQ2x5LhS7rmCh-qrH66RgM6Wulm_WQ==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 42 KB
43 KB 343ms
343ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 7e944ea4556b3dbbf7a6a414a94aceb49ad67aa67e0a99213c052f93da3d9123

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:25 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB0PH1M04M58DB21X38CX8-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg/!!/b:W1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/2fddd8b41e688f55f1ab0510a09874fb47a6175f/original/christian-monnaz.jpeg","commands":[["resize",660,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: nmMzXkUNzjW826lF7blB3pE_IcchTKHwK1QZYWnEWWUIPdAPfvmlug==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/06add492adc25252e78ab2d2d359dddf637f1ddc/original/64bd0eba-54e2-4b20-ae3d-fb25374ec993-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 14 KB
15 KB 422ms
422ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/06add492adc25252e78ab2d2d359dddf637f1ddc/original/64bd0eba-54e2-4b20-ae3d-fb25374ec993-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 71b7e5495bdbfff21d1abad8049601fc93345ab6c162ff4013b5b8c4bdff253c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:27 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB0QVZG0AEB8JZJZDSB1SJ-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/06add492adc25252e78ab2d2d359dddf637f1ddc/original/64bd0eba-54e2-4b20-ae3d-fb25374ec993-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/06add492adc25252e78ab2d2d359dddf637f1ddc/original/64bd0eba-54e2-4b20-ae3d-fb25374ec993-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: KsZxEXG-qy8pMKhal4f4p2JrV9LSeoQFFSEGFyx83AJXnV6Q5w4_TQ==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/228d0651184384a186c60767aae0fb0fa3a393a8/original/9df1cfaf-3ac9-4e7f-8e08-cc9aecb526cf-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 14 KB
15 KB 311ms
311ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/228d0651184384a186c60767aae0fb0fa3a393a8/original/9df1cfaf-3ac9-4e7f-8e08-cc9aecb526cf-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: a192a52c91a5e7e86f3afeba58a989ce4984c1b2e8cdad12594a26d6a4e0463d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:30 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB0V9TJ3M1ZD2VY5ETX2G3-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/228d0651184384a186c60767aae0fb0fa3a393a8/original/9df1cfaf-3ac9-4e7f-8e08-cc9aecb526cf-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/228d0651184384a186c60767aae0fb0fa3a393a8/original/9df1cfaf-3ac9-4e7f-8e08-cc9aecb526cf-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: 2FYLZ2HBkOFdNSBpEi4c0snv3IM-vn10mrzGBrsiwzVaRViMFMEUVw==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/4c0e9b66fee650219a7f1ce255d824904698d629/original/bf7ce647-dd29-4b32-ac4b-857111647ff3-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 13 KB
14 KB 366ms
365ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/4c0e9b66fee650219a7f1ce255d824904698d629/original/bf7ce647-dd29-4b32-ac4b-857111647ff3-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 993c383d960c21241b5d83b91391794ec203f1dbd334ae65ecd9d2f54f3e88c8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:34 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB0Z3DM3VQWYNM3J1131QD-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/4c0e9b66fee650219a7f1ce255d824904698d629/original/bf7ce647-dd29-4b32-ac4b-857111647ff3-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/4c0e9b66fee650219a7f1ce255d824904698d629/original/bf7ce647-dd29-4b32-ac4b-857111647ff3-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: lqg2DK-EuKvgvQTL4WzPRJWcr3H7fcKcDdDu34OXutvCVQs19DZnpQ==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/ad709f23d386405c6ab58a782b8ab519b24e3c61/original/aeac3af8-bcc9-4f51-be14-7e45670b8ae9-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 16 KB
17 KB 468ms
468ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/ad709f23d386405c6ab58a782b8ab519b24e3c61/original/aeac3af8-bcc9-4f51-be14-7e45670b8ae9-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: newcountryrain.ch
URL: https://newcountryrain.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: ecd1e96a7ac5fda078823fbf59cb566f102f8e53060716247ce6abcce3f6efe3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:38 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB1313HGWVE15CTQ2RTQHG-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/ad709f23d386405c6ab58a782b8ab519b24e3c61/original/aeac3af8-bcc9-4f51-be14-7e45670b8ae9-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/ad709f23d386405c6ab58a782b8ab519b24e3c61/original/aeac3af8-bcc9-4f51-be14-7e45670b8ae9-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: 362T6IIozgT7Nyw2KKQV32c4sJYvBmsHcpi_90EDq5r40YTL8uHaFw==

GET
H2 200 moda-legacy-SO34UEQR.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 34 KB
12 KB 12932ms
12932ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/moda-legacy-SO34UEQR.digested.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-6NOJHDKZ.digested.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6860c6e01c4a6392028180633f30a47d4bde7e9208abd7244624cd794fddbee3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Tue, 21 May 2024 01:07:53 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
access-control-request-method: *
x-cache: HIT
content-length: 11821
x-xss-protection: 1; mode=block
x-request-id: 7dafb990849de7b2f929c2b5221fe324
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870abc54a4924be-ZRH
expires: Fri, 19 May 2034 01:07:53 GMT

GET
H2 200 turbo.es2017-esm-5RWPCV63.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 615 B
524 B 155ms
155ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/turbo.es2017-esm-5RWPCV63.digested.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-OJ4AZH3W.digested.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

177ac742a0ffcf2a18eaa9a3f378b62e4075af00f76b59e350774ecbc2c52e55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2
date: Tue, 21 May 2024 01:07:41 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 370
x-xss-protection: 1; mode=block
x-request-id: 3489262efcc9bee3ebd40933202c3f4c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 19:42:25 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870abc54a4b24be-ZRH
expires: Fri, 19 May 2034 01:07:41 GMT

GET
H2 200 badge Show response
newcountryrain.ch/api/cart/ 1 KB
1 KB 2352ms
2352ms Fetch
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/api/cart/badge

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-TPOPGTYZ.digested.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-CSRF-Token: Z7BEmlfCL+h9CCEU9c+/4AhLCIizcdmJfxcVXY+6oZlNZxNFAcPP6fFuudGE97rsjsrctJTRJ1AFYPglV4/iFw==
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/html
Referer: https://www.google.ch/
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 May 2024 01:07:43 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
x-xss-protection: 1; mode=block
x-request-id: fb0c7d4be4b0139a5227ef3c6c6a47fb, fb0c7d4be4b0139a5227ef3c6c6a47fb
pragma: no-cache
x-runtime: 0.024773
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"9f13c6c11cc317009455316149f36f44"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-robots-tag: noindex
x-rack-cache: miss
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 78ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-NCI3ZDGC.digested.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

687cb768990be1a20e094916044f7ff8da652b648d8935aed941afb5485fb0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 May 2024 01:07:41 GMT
content-md5: NtC62mKM282CaCWBT3VMeQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1320, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: rFp9BFLSkPA/ibG8oSUHf5F/lVvvWXbvQebTQzxZXajPcPc9dWE0ex9cDQcOzRkGZX0knpwQMSmGyPSAOciHCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6f70a276364b6e3b8e2d3517873d77fd
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "0fc882498de6541e61f52730364ef8bd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 21 May 2024 01:08:37 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 78ms
33ms Script
text/javascript 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-NKUGSITO.digested.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

e745a08a0b3f31ddd64bea873e214fe3661e4390673706e705693b3fc984b396

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 21 May 2024 01:07:41 GMT

PUT
H2 200 17494
newcountryrain.ch/go/hit_counter_features/ 0
0 194ms
194ms Fetch
text/plain 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/go/hit_counter_features/17494

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite-13cd2a4cb5ee3e3994f54538d255958fe58ec52fa335a8647fae645a45122304.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-CSRF-Token: Z7BEmlfCL+h9CCEU9c+/4AhLCIizcdmJfxcVXY+6oZlNZxNFAcPP6fFuudGE97rsjsrctJTRJ1AFYPglV4/iFw==
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/html
Referer: https://www.google.ch/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:41 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 1f5d017ff019f124c8fb626812398690, 1f5d017ff019f124c8fb626812398690
x-runtime: 0.043753
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: text/plain; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-rack-cache: invalidate, pass
x-cache-hits: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 98ms
51ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite-13cd2a4cb5ee3e3994f54538d255958fe58ec52fa335a8647fae645a45122304.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f82069b370508688eb59ab775f0a3709fa6e091a4862125119b0125693583f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 21 May 2024 01:07:41 GMT

GET
H2 200 profile Show response
newcountryrain.ch/go/member/ 17 B
657 B 4383ms
4383ms Fetch
application/json 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/go/member/profile

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-HLRD4TMO.digested.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-CSRF-Token: Z7BEmlfCL+h9CCEU9c+/4AhLCIizcdmJfxcVXY+6oZlNZxNFAcPP6fFuudGE97rsjsrctJTRJ1AFYPglV4/iFw==
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/json
Referer: https://www.google.ch/
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 May 2024 01:07:45 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
age: 1
x-cache: MISS
content-length: 17
x-xss-protection: 1; mode=block
x-request-id: c29aeca919d99668ad73c74576220ecb, c29aeca919d99668ad73c74576220ecb
pragma: no-cache
x-runtime: 0.077105
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-rack-cache: miss
x-cache-hits: 0

GET
H2 200 arvo.woff2
assets-production.bndzgl.com/assets/c56470a8-1a06-4e44-b2ad-360299247937/ 18 KB
18 KB 458ms
458ms Font
font/woff2 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/c56470a8-1a06-4e44-b2ad-360299247937/arvo.woff2

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/c56470a8-1a06-4e44-b2ad-360299247937/stylesheet.css#Arvo-regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e8313fff8d08efbf72fd05d0317fd951d3445a24294c13573aff80d7d357c39

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Tue, 21 May 2024 01:07:41 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
x-cache: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="arvo.woff2"; filename*=UTF-8''arvo.woff2
content-length: 18140
x-xss-protection: 1; mode=block
x-request-id: d18a4da5b17896bc3297de73cd546de3, d18a4da5b17896bc3297de73cd546de3
pragma
x-runtime: 0.015550
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: cloudflare
etag: W/"5e8313fff8d08efbf72fd05d0317fd95"
x-download-options: noopen
vary: Accept, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870abc56a8524be-ZRH
x-rack-cache: miss
expires: Fri, 19 May 2034 01:07:41 GMT

POST
H2 200 visits
stats.zoogletools.net/ 0
0 290ms
290ms Fetch
application/json 2a09:8280:1::a:6d46
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Requested by

Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/7452e847 (2024-05-20) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 May 2024 01:07:40 GMT
via: 2 fly.io
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 54d88558-6a44-417b-a833-2f809f50a480
x-runtime: 0.094675
referrer-policy: strict-origin-when-cross-origin
fly-request-id: 01HYCB15V6E15D9JP3HT47VE52-ams
server: Fly/7452e847 (2024-05-20)
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-type: application/json; charset=utf-8
vary: Origin

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 43ms
21ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=879fc2ec89d3241e0885669f53177c3d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

c78c9f47cd68fce7455cd6932040f9241190a564749c5ea785b1d3f112566fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 May 2024 01:07:41 GMT
content-md5: EXwAIbKi+TTlrGOW9GDwZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87587
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4297, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: Ckkcrd4DqRgVBSy3AJs63oLeRvGqCCY+QKwD8CpkC++xp+Rz/Ur/GJ/1NHpxVRTRvig6nzy7p8+FbS3tKaaOnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9b639c8b3c2287dfc513acfb7ef74432
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "669cee39742e176dae36088d9d258d88"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 May 2025 00:30:07 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ 519 KB
207 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onCaptchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3549a473c65d2fa33ae38008fb9c16989c69eafaccbeb2e643a2016968bc8c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 11:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210838
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 May 2025 11:10:25 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/1844df69/www-widgetapi.vflset/ 42 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1844df69/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727c77ec19d827a0c2e8e6f289b8031b6d753ff14b219a0e8f15d0a71e6c8bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 00:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13955
x-xss-protection: 0
last-modified: Thu, 16 May 2024 21:22:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 May 2025 00:57:24 GMT

GET
H2 200 chunk-BJ5COBX5.digested.js Show response
assets-app-production-pubnet.bndzgl.com/assets/ 74 KB
19 KB 173ms
173ms Script
application/javascript 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/chunk-BJ5COBX5.digested.js

Requested by

Host: newcountryrain.ch
URL: https://newcountryrain.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56f208a6f1ddb139739673dda8341f94f2808a238eb25cb518fa35b1e377c8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Origin: https://newcountryrain.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:41 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
access-control-request-method: *
x-cache: HIT
content-length: 19480
x-xss-protection: 1; mode=block
x-request-id: e1e24302d680ef0fb7b2a0568aff8c3c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:38 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870abc64b8724be-ZRH
expires: Fri, 19 May 2034 01:07:41 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame CF5B 0
0 47ms
46ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ&co=aHR0cHM6Ly9uZXdjb3VudHJ5cmFpbi5jaDo0NDM.&hl=de-CH&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=cgos706m75ar

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de_ch.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JAZlEnZ50ZJDxocs8J_k6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://newcountryrain.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JAZlEnZ50ZJDxocs8J_k6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 01:07:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 comments Show response
newcountryrain.ch/home/guestbooks/13280/ 2 KB
1 KB 1878ms
1878ms Fetch
text/html 2606:4700:90:0:3626:d0ff:6957:de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newcountryrain.ch/home/guestbooks/13280/comments

Requested by

Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/chunk-BJ5COBX5.digested.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

870973c67d7f5eca495aabd220c2993b7934105b22c97e27c96fd3520b74f0cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
Turbo-Frame: comment_list
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/html, application/xhtml+xml
Referer: https://www.google.ch/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:43 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 1
x-cache: MISS
x-xss-protection: 1; mode=block
x-request-id: 8c6e6b317e6b7ddbe875f11a8c4a1b7f, 8c6e6b317e6b7ddbe875f11a8c4a1b7f
x-runtime: 0.059970
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: openresty
etag: W/"870973c67d7f5eca495aabd220c2993b"
x-download-options: noopen
vary: Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-rack-cache: miss
x-cache-hits: 0

GET
H2 200 video.php
www.facebook.com/v16.0/plugins/ Frame 6FF4 0
0 562ms
511ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/video.php?allowfullscreen=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9bc93b89830eec75%26domain%3Dnewcountryrain.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnewcountryrain.ch%252Ff3d23c57ec9d8b42b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fvideo.php%3Fv%3D913928573023936&locale=en_US&sdk=joey&show_text=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=879fc2ec89d3241e0885669f53177c3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://newcountryrain.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 01:07:42 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=47, mss=1320, tbw=51220, tp=-1, tpl=-1, uplat=490, ullat=0
x-fb-debug: PrzwJ2wA2htUFumiGBgb2TwV6apeu74trgAvCxXPUl8AYe/t/KxbYIESqRH9qWi9KME+O6+AqRUYFjDUyFedww==
x-xss-protection: 0

GET
H2 200 video.php
www.facebook.com/v16.0/plugins/ Frame 9ABF 0
0 395ms
357ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/video.php?allowfullscreen=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcc1405093a931f9b%26domain%3Dnewcountryrain.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnewcountryrain.ch%252Ff3d23c57ec9d8b42b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fvideo.php%3Fv%3D965039843988627&locale=en_US&sdk=joey&show_text=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=879fc2ec89d3241e0885669f53177c3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://newcountryrain.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 01:07:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1320, tbw=2789, tp=-1, tpl=-1, uplat=335, ullat=0
x-fb-debug: A2E0rC2kQUWS3z+AohfVwtpzmkaQyDcDbXQkD53UqM3Q2/k3KN6gJWr4ku/bzm6Uxdk/5Y5jvBnjpsmDTsARKw==
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame FF0F 0
0 32ms
32ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=8k85QBI-qzxmenDv318AZH30&k=6LdqEVEbAAAAAPn5e3TfpCQdFin6EZOLcmhS94PJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de_ch.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IZJnHyN07L8ZTEqVyPOp3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://newcountryrain.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
referer: https://www.google.ch/
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IZJnHyN07L8ZTEqVyPOp3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 01:07:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/ff71ed8331c4a3389623139f74e654df870d72ae/original/65b3159c-d676-4d05-bc21-e8e6baf5444a-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 16 KB
17 KB 369ms
369ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/ff71ed8331c4a3389623139f74e654df870d72ae/original/65b3159c-d676-4d05-bc21-e8e6baf5444a-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 272c50c1164d739437d98da19ce665da4e3568e91ddbeafd7a64a28d636d73ae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:42 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB171DN5734F2N63Q65PY8-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/ff71ed8331c4a3389623139f74e654df870d72ae/original/65b3159c-d676-4d05-bc21-e8e6baf5444a-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/ff71ed8331c4a3389623139f74e654df870d72ae/original/65b3159c-d676-4d05-bc21-e8e6baf5444a-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: jPuWAcvOSizp34eyx8ydTda9GmCTMOkNY9RnEoojY8VUDKvpJhYVqQ==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.png
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/c331af9350c023586ad51a43596bd581551df907/original/new-country-rain-paillote-festival-2019-30.jpg/!!/ 83 KB
84 KB 348ms
348ms Other
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/c331af9350c023586ad51a43596bd581551df907/original/new-country-rain-paillote-festival-2019-30.jpg/!!/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 7925e22f8e18e3908a8f74b9a56fdf67641f9b3d4468a7b28b32050b79497fa9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:42 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB17DBR84BWV2BDVM6TP6V-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/c331af9350c023586ad51a43596bd581551df907/original/new-country-rain-paillote-festival-2019-30.jpg/!!/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.png","src":"u/159893/c331af9350c023586ad51a43596bd581551df907/original/new-country-rain-paillote-festival-2019-30.jpg","commands":[["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: 6IZs_IETKLQKc8suF6OzKh0EA8B2oZcY67sN1HZPjl6lNWUlvg-f4Q==

GET
H2 200 avatar-3c86c0996c2bbae21c9fccee2cb774b1de6b27a4302addf1915deb2cb7e06d0c.png
assets-app-production-pubnet.bndzgl.com/assets/usersites/ 1 KB
2 KB 39ms
39ms Image
image/png 2606:4700::6812:12d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets-app-production-pubnet.bndzgl.com/assets/usersites/avatar-3c86c0996c2bbae21c9fccee2cb774b1de6b27a4302addf1915deb2cb7e06d0c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9aab6d9c80a3245321053cdd6ddc1deaded70961c42e2d57752f587aa9786a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Tue, 21 May 2024 01:07:43 GMT
strict-transport-security: max-age=31556952
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
access-control-request-method: *
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 609464
x-cache: HIT
content-length: 1534
x-xss-protection: 1; mode=block
x-request-id: bf5874cfc098c8c2e8f930431d443c1b
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 13 May 2024 13:34:43 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8870abd32f3e0211-ZRH
expires: Fri, 19 May 2034 01:07:43 GMT

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/0ac5aa638d17621bbaea149e288dddf9170642cb/original/3f47d575-88f8-4267-9767-4057b826adc9-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 24 KB
25 KB 417ms
417ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/0ac5aa638d17621bbaea149e288dddf9170642cb/original/3f47d575-88f8-4267-9767-4057b826adc9-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 0d2ebcf9f991e4e29962a419f98ca55156b9b36fe8f62dbf4ba88d650f845aef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:46 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB1AWD0QVYEGV8A3RYP3VT-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/0ac5aa638d17621bbaea149e288dddf9170642cb/original/3f47d575-88f8-4267-9767-4057b826adc9-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/0ac5aa638d17621bbaea149e288dddf9170642cb/original/3f47d575-88f8-4267-9767-4057b826adc9-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: Db_UzVQKY57MAiyAcelhY_rZhRgFILXrCrAqSteZKHURE-kHAAnrTw==

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/44152b0a7a0ab0878cbdd94c58f5a335f756804a/original/89dec97f-ed8f-4ce6-8fa3-4ee92fc68107-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 11 KB
11 KB 508ms
507ms Image
image/webp 2600:9000:20ab:4a00:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/44152b0a7a0ab0878cbdd94c58f5a335f756804a/original/89dec97f-ed8f-4ce6-8fa3-4ee92fc68107-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/7452e847 (2024-05-20) / Express
Resource Hash: 597a1f284c74bea0a4e8807a993ec0ee8f2cb114da8bb88facc2e299cf5507cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.google.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 01:07:50 GMT
via: 1.1 fly.io, 1.1 b038919df048ba1d1a170622840d275e.cloudfront.net (CloudFront)
fly-request-id: 01HYCB1EVXCMM0ND1DKSECJ27N-fra
server: Fly/7452e847 (2024-05-20)
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-zoogle-commands: {"base":"s:bzglfiles/u/159893/44152b0a7a0ab0878cbdd94c58f5a335f756804a/original/89dec97f-ed8f-4ce6-8fa3-4ee92fc68107-1-201-a.jpeg/!!/b:W1sic2l6ZSIsIjM1MHciXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/159893/44152b0a7a0ab0878cbdd94c58f5a335f756804a/original/89dec97f-ed8f-4ce6-8fa3-4ee92fc68107-1-201-a.jpeg","commands":[["resize",[350,null,{"withoutEnlargement":true,"fit":"inside"}],null,{}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id: siH0G4RCgruFSd8bymowhSc4DsvwgPyDCNYYMudobnMLTZMUVxxH9w==

GET meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/f03f1784dfe58db1f1b18cd124b42e37b6c10b04/original/a9134260-6396-429f-940f-3bc84fc6fc25-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newcountryrain.ch
URL: https://newcountryrain.ch/698504/deferred_features/5154416.html

Domain: newcountryrain.ch
URL: https://newcountryrain.ch/698504/deferred_features/15322091.html

Domain: d10j3mvrs1suex.cloudfront.net
URL: https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/159893/f03f1784dfe58db1f1b18cd124b42e37b6c10b04/original/a9134260-6396-429f-940f-3bc84fc6fc25-1-201-a.jpeg/!!/b%3AW1sic2l6ZSIsIjM1MHciXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:03:25	Name: _GRECAPTCHA Value: 09AOG1W2VMmoTxY7s6qm4qisYOnlsewL-t3_GU06XthrKx_ruVuQ5udq8coZYGBp4NwG-Z1xSlU8IjEn96TSQ2JcM
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7476smBKUjI
.youtube.com/	1970-01-21 01:03:25	Name: VISITOR_INFO1_LIVE Value: wmir8VCxuoQ
.youtube.com/	1970-01-21 01:03:25	Name: VISITOR_PRIVACY_METADATA Value: CgJDSBIEGgAgGg%3D%3D
newcountryrain.ch/	1970-01-20 20:45:40	Name: counter-17494 Value: 1
newcountryrain.ch/	1969-12-31 23:59:59	Name: guid Value: fecd5b77-5dd2-46e4-9011-0f4ec27f53bf

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://newcountryrain.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newcountryrain.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-app-production-pubnet.bndzgl.com
assets-production.bndzgl.com
connect.facebook.net
d10j3mvrs1suex.cloudfront.net
newcountryrain.ch
stats.zoogletools.net
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
zglseed.s3.ca-central-1.amazonaws.com
d10j3mvrs1suex.cloudfront.net
newcountryrain.ch
157.240.252.13
216.58.212.132
2600:9000:20ab:4a00:7:56a2:7e40:21
2606:4700:90:0:3626:d0ff:6957:de1
2606:4700::6812:12d7
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a09:8280:1::a:6d46
3.5.252.249
015642f30828d36af6a8df0e401db55343bebe4dfc0c6e93313d23ef18d91480
01d61ccfa6e9c52e82b8eb8bc73447a6c8a849c50103d393ce0ee5837d75126f
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
07622a6a2f8c576e03d4b94cb8733daa5da014cb43d776ef4147082ae5768ed0
0970b8eec372a07bf813b9870e6fad367cbbafd5c1fbd7be8486a8f8ba1b91b0
0d2ebcf9f991e4e29962a419f98ca55156b9b36fe8f62dbf4ba88d650f845aef
0e87c63d82f0a195659465790cf9f25f9bcb516c0b82d6bb8faf1c3746008fa8
1524c2183e92245792d1bcfc69d9afd7f68929b52109a8e601e7c391307fad83
177ac742a0ffcf2a18eaa9a3f378b62e4075af00f76b59e350774ecbc2c52e55
17fcf7fd823a6744ddef40de44120983630fd092934005997786e848a45651f1
18a2fbe92df9fb04a0ba4a7a5a7df5f0f05199f258a0206a87f8ecf2485fd80b
19c9d9a05b0df511490de271632576118a00ec4ddea63f98e8e16d24d58ccf9c
20119e7faec9749e893c52b303b1dc163eba8bde987e93d4078912e914cb653a
23879dc1e8a68ab9097e513fe416805e748d59bac87402962ceeb43389c7a69e
262183f212e86335af429df91eaab3ecd5188f5ed3a7e0f110c8a1c948ba9c12
272c50c1164d739437d98da19ce665da4e3568e91ddbeafd7a64a28d636d73ae
2ff63c2fe20deda173545c6cf9dc8e2d0288971bee1a021782793538a83a7250
303d15c418398258f5e1987a9f483bd78edb176d4367efe6788178bf5d69845a
332df081c9fda8c341f66e3505c748187a81e03a736ceb5ef0e43f431d02f8c5
333a78c5fad517f2b39536b36ec003effa1d9e497bec992988f9ace03fc3c62f
33696c356de63b98e4925f07e6da36be7fc144351e3b14e453ef547af9bef87d
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3549a473c65d2fa33ae38008fb9c16989c69eafaccbeb2e643a2016968bc8c25
392ceadfad6bd3939ddc3bfd55c2a037fb75c533363943084d2fd4b7821ec489
43ef2f393fc0509c4dc48f78b4fd6395e9642f15c4598b8d9ed3ded872db1a8e
44b686486b13257f0d66667032e7252eb85dc32f25d199c0df9bcc060de2bcaf
48cd86f8ecdb42a1b61b8502af0081899900c1cdafcd3337f4a16fbfb35b6cd1
503157f5eafee6d9b906e9fb6a9fd2d8bf935eacb581ff9a86a22843d6f3e774
52afbc23a42e507250ebec2f39f75c515b04081fcecd2c2f328e47b276eb9694
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
56eb2d9cb2473d7b037ac30956df4bbb01cbd98f913ac320684e749bf61fd03f
597a1f284c74bea0a4e8807a993ec0ee8f2cb114da8bb88facc2e299cf5507cf
5def2aeb963e35faeff9f4eb0d6b406d059658c01bbef7125b101b38c11c1a93
5e8313fff8d08efbf72fd05d0317fd951d3445a24294c13573aff80d7d357c39
60056fc545d416bdaf7d8be7ac832193ed95b77c8039ec28c0eadf377dc7c6f5
6860c6e01c4a6392028180633f30a47d4bde7e9208abd7244624cd794fddbee3
687cb768990be1a20e094916044f7ff8da652b648d8935aed941afb5485fb0fe
6ff8d741b2b23c0edc0e28f69e7043b292a6298a3202cad4cd83f5a63d071f31
708b1af351371fcd901882767c135528b891e2e1bf579b8f9d50520935c0e76d
71b7e5495bdbfff21d1abad8049601fc93345ab6c162ff4013b5b8c4bdff253c
727c77ec19d827a0c2e8e6f289b8031b6d753ff14b219a0e8f15d0a71e6c8bd2
7557a6f251833d12dc8f0cb6a07f0b312e1ded6d97a4fa38425a035e03e9dd25
757314e8f9afd8350b520951d9dce8e6aa70dc663ac5ea22f0fd753f0202b07b
77ddfccbe2eb70d1cba40acb0641c5fe95492b3ffce76cfb22a8b5346db960c1
7925e22f8e18e3908a8f74b9a56fdf67641f9b3d4468a7b28b32050b79497fa9
7c29d9c46be4fbe6076d778d12dc2230501ef753280880a085524c3fdd580912
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e944ea4556b3dbbf7a6a414a94aceb49ad67aa67e0a99213c052f93da3d9123
8569253597fc713d8ea3a4c3649b006b32402bc8cdcc2b8f34a58cf73b4f4818
870973c67d7f5eca495aabd220c2993b7934105b22c97e27c96fd3520b74f0cc
889ae8dd39164f93ba8bd7875bd0c5193b75d0b0347b60a5761bc2e41ee6931a
88d08208ef815ac4e4afdc1a43f546d1b7e9fe5aa2eca720977104c53b75cb92
8c52d07e6ac8a295ebf2e56179e4833424525d8338cef1246007c7762b1350ff
8da2e52f4dcce11a066f3080f0e37bed07f23548d1270cd430f5c64999f8351d
91fc4b6faba3954e4ce7699ef5211d2de8c417c49b084f6c89277a5405291299
94cb4e5aca194fadd5fc6c1e98eff987b90ce17b2e35e5756e7689dbf8d6878b
993c383d960c21241b5d83b91391794ec203f1dbd334ae65ecd9d2f54f3e88c8
9b741e055917553539e82644e950f2b85f509c02e14807b8f3e36c6cee711b22
9d7afb8d55319000e700c0530098d7f8e8f0f8aaca533b2b3934369287e0bb14
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
a1505263e80df94b54d56bfee668952cfdcb0204ac67be3980aad0c9e2f65a08
a192a52c91a5e7e86f3afeba58a989ce4984c1b2e8cdad12594a26d6a4e0463d
a2d3cc5916438fde8f5e1360a5515b11edd7c8e7f00c8be2f7bc8a80fa26904e
a3035dd00efa1eb25065e94bae6680951304495a4f309f642aae7265ba08b5c5
ad9aab6d9c80a3245321053cdd6ddc1deaded70961c42e2d57752f587aa9786a
aef271e3195d214e9580891c8f3f9919fd1a5e82beef6b54247a9755290a9039
b0851ba4833240f6ead6562680c1e4867e497d9597e8bc0279d4855f43162f4d
b78f6ba5b94c41f5a3a06492d50dfebd5373e91cf6ad726f4e477b97885defd2
bca529831a0657f4828d00d853a21509bd1f9d4d2932dd3289b3441670e638f5
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
be73064fa4ad817ae84258ee2add58de9d937a496144ac820804c4bddf69f4f8
c56f208a6f1ddb139739673dda8341f94f2808a238eb25cb518fa35b1e377c8c
c57001cb4a01053ae5e95741c03b0aaaae8c0a21c03f7401e200cd15b6788d4e
c78c9f47cd68fce7455cd6932040f9241190a564749c5ea785b1d3f112566fa2
c9c318b0ea59a21e10d802d79114e28d0f40a518295d63bcd86ce2c9e5bab706
cbcf4c19db6dc3b66696aecead1d3f96fcf98f6862085062ef0c9153ce7a4a14
cdf17fd80984801b4e130afacfaf259916963018bf4f8ec4902a57ed0540a18a
d28f1af104c5e33d03f6c146aa67e4a10a7c671ca11485d8a4e3d710ab41cc04
d39e4b99ebb6a6b22232a36cd05fe49ddd1fb139baee8ae76cd7497e406feb6c
dbcdf8238b74d8cb129f2ae50f31bcdc81b78b804b44cedb0c635288d3d01bea
dc1a67e56671f8c093b4b222e099a5144ccc5649f9d1c7a4c67a689e75d7302a
dd449b39d270ab27d574abb1b8c9c108df7d8ba18b2ae94fcac9e75af27c6fa2
e0e250c8a0ccb9b531c205b9d412eb166c6b2d8a12a927e410d3d5f16357e3ce
e6ea5be4567ecf11a8dd70f299280cc4e351e8c4ffae46bd4b891c4dc0422515
e745a08a0b3f31ddd64bea873e214fe3661e4390673706e705693b3fc984b396
e877bf6eda912ba05e6c7651b599c1ede3add153fa33caf2f85f1388548b6be9
ecd1e96a7ac5fda078823fbf59cb566f102f8e53060716247ce6abcce3f6efe3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6c31e89f04846ad88c6806a0aa5ea1a55e4d2b4e0adede267a426ae772a0bbb
f82069b370508688eb59ab775f0a3709fa6e091a4862125119b0125693583f9f
f8b6259045aadfb55e622658f2052f26fa8073642062b9113b9e3d3eeb919a1d
fad8c862f2761aa5d4e2fe540be023a67282f7a433d700a5b7a001dba39d6175
fb296c50d7e43a02ddf51a4ab6324138d9e0b4601f41608ec0333a5826a96598

newcountryrain.ch Open in urlscan Pro 2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

97 %HTTPS

73 %IPv6

10 Domains

11 Subdomains

12 IPs

3 Countries

1971 kBTransfer

3633 kBSize

6 Cookies

3 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newcountryrain.ch Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

97 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1971 kB
Transfer

3633 kB
Size

6
Cookies

103 HTTP transactions
5 data transactions