rheintaler.ch Open in urlscan Pro
5.148.168.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Submission: On March 17 via api (March 17th 2022, 1:58:53 pm UTC) from CH — Scanned from DE

Summary HTTP 123 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 21 domains to perform 123 HTTP transactions. The main IP is 5.148.168.157, located in Zurich, Switzerland and belongs to NINE, CH. The main domain is rheintaler.ch.
TLS certificate: Issued by R3 on February 4th 2022. Valid for: 3 months.

This is the only time rheintaler.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	5.148.168.157 5.148.168.157	29691 (NINE) (NINE)
1 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2.21.141.186 2.21.141.186	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.222.137.26 52.222.137.26	16509 (AMAZON-02) (AMAZON-02)
10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f349	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:2182:f800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.123.86.254 3.123.86.254	16509 (AMAZON-02) (AMAZON-02)
2 7	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	18.66.248.46 18.66.248.46	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:226... 2600:9000:2260:8200:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
123	31

20 5.148.168.157 (Zurich, Switzerland)

ASN29691 (NINE, CH)
PTR: origammirheintaler01.nine.ch

rheintaler.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.rheintaler.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-186.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.137.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-26.ams50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

s.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f349 (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:f800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.86.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-46.dus51.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2260:8200:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rheintaler.ch rheintaler.ch assets.rheintaler.ch	703 KB
19	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	1 MB
17	googlesyndication.com ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	163 KB
12	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4644 buttons-config.sharethis.com — Cisco Umbrella Rank: 5510 l.sharethis.com — Cisco Umbrella Rank: 4230 count-server.sharethis.com — Cisco Umbrella Rank: 11093 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10630	51 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	174 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	131 KB
8	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 96 graph.facebook.com — Cisco Umbrella Rank: 133	72 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1093	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	107 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	84 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	imgur.com s.imgur.com — Cisco Umbrella Rank: 29299	3 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 359	2 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2180	961 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2051	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2038	20 KB
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 4760	353 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2209	893 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	33 KB
123	21

	Domain	Requested by
19	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
18	rheintaler.ch	rheintaler.ch
10	securepubads.g.doubleclick.net	rheintaler.ch securepubads.g.doubleclick.net www.googletagservices.com ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
9	s0.2mdn.net	ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com s0.2mdn.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com tpc.googlesyndication.com
8	platform-cdn.sharethis.com	rheintaler.ch
7	www.facebook.com	2 redirects connect.facebook.net
6	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google.com	rheintaler.ch securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pixel.mathtag.com	rheintaler.ch pixel.mathtag.com
3	www.googletagservices.com	securepubads.g.doubleclick.net ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
2	ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	rheintaler.ch connect.facebook.net
2	www.google-analytics.com	rheintaler.ch www.google-analytics.com
2	s.imgur.com	rheintaler.ch s.imgur.com
2	assets.rheintaler.ch	rheintaler.ch
2	secure.adnxs.com	1 redirects rheintaler.ch
1	track.hubspot.com
1	www.google.de	rheintaler.ch
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	graph.facebook.com	ajax.googleapis.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	hello.myfonts.net	rheintaler.ch
1	js.hs-scripts.com	rheintaler.ch
1	ajax.googleapis.com	rheintaler.ch
1	platform-api.sharethis.com	rheintaler.ch
123	32

This site contains links to these domains. Also see Links.

Domain
www.raiffeisen.ch
www.facebook.com
www.instagram.com
www.youtube.com
twitter.com
www.linkedin.com
www.rheintalmedien.ch
www.galledia-regionalmedien.ch

Subject Issuer	Validity	Valid
rheintaler.ch R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
assets.rheintaler.ch R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-24` - `2022-03-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Frame ID: E62BE0FE6FCBCD5C3B6604B7563CDEFE
Requests: 61 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=691c6233-3e98-4100-87d5-1ec4d960c493&no_iframe=1&mt_adid=243595&source=mathtag
Frame ID: F322E6A903BB0C688760555D7DABA3AA
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1af5308e644104%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Frame ID: 4F068D74041D23A9C850889BC860E78F
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&sdk=joey&width=550
Frame ID: 27D9786A87DE6FA4079B71833D6B0DA7
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550
Frame ID: FCB1342EBF205665718DB2F80AA1DAC3
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a324680cad98%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=
Frame ID: 127A2FC1FC9B0BD6413042FC9071D493
Requests: 4 HTTP requests in this frame

Frame: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4FD3AF99BA02F1A459BE5DCE9A03F310
Requests: 1 HTTP requests in this frame

Frame: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ADCC69E6F852BC4A0656139516B739E6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXhBX2a-4R-_1FUeWFQ3--DXJXESMRc9I2784F-Q4cLKqN-XaCmo5uHESa7I8GesytZq9f8YQRoZEJ6uur_NdlO81r4eiMN3b918JAWnRKklvHCeyxe_9OH0FwjlI0iwPEC2MgjbBAPCJqFADBLe09djAj94QamKJq5Qtp1sVaC1z3bGuWX8yuEuK__aGdi2rKIYyrC-wMfmKYOq2k6BBM6oZTmyTwMl38PgvfPx7mUVENAwXIx8P3OHQoNjeUWaFonUHO4Xi1HynXpX0qV1ozGpk7uuRexcoDo8JYW9xl_PsGwZrKSk5PXIYqdo6u58pP1Y1IG75B5VAAt_xZM4nQFbZQhnHJMjBl1A&sai=AMfl-YSCJhGkeQ-TFiex1IV2naGtrJuY9WIG2nUGx82VFTQmZzethqyHGKlAYxDjJntcgfNlnNRLLNBXaLxA-tShmiiYceFjdKEzFzIHYogopym5naMVNgWOzeOEr58ttM04&sig=Cg0ArKJSzK1rzbBDAoPCEAE&uach_m=[UACH]&adurl=
Frame ID: 80FE96A26A15246939B0D250AC7FD6F9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuACjcHOLTdEIYvzAFMkjedRtrhaU_YZbGE8fuoTEHbNUx19GKqZGBapl7VRh2xoUXFhUgPdH5dPczkaqLL_vJ5OMTpP1TIqojSyVXnvfZdhCCJce8Qnz-oguEm0i2LQ0Hysxq2JOSxOb_f29H7roL8wU35VwTuyaqfsbSGjVt7VY_9KsDQOu9E5ICrTtyepVUGZGG0aABJzbTMvYOrBTqrVWs7ghr9nol_aAG7fyis_kQ4cV6DlpfFmFVK7J8311Xpi9lmlovw0-mhR1O4jAJBynnBZH-3ofBol4uLkm4A2VbyQRe52hsGc5qhkd2bUjvBs1re5p9YDDePd7byqmHN7RbnB-a9mrcL9GhSZRGDwHjlnsggI-1H4iA&sai=AMfl-YS7swe7cFwVo3DV_4DE68pFH4bOPbKsdHJQyLhTJw9OzDZFJjdrHmoNA_GWQR1hJ-5EBo4HyP8GyZrguIttnrq_RuryEHNghhOcWiyZCGvVoV06tQAjoEG4AV82jzno&sig=Cg0ArKJSzPnmzEAo8eHpEAE&uach_m=[UACH]&adurl=
Frame ID: D4B651404B24A3932FF84F14DB1C5F84
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
Frame ID: 7B776AA81A80D3748FAB23CFE405CBD4
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58E9651860400F5FCD1C962AE533E2F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9787920447D152E374324E5D178F69FC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Promotion: Börsen im Bann des Krieges - rheintaler.ch

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

98 %
HTTPS

73 %
IPv6

21
Domains

32
Subdomains

31
IPs

5
Countries

2776 kB
Transfer

7707 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.raiffeisen.ch/anlegen
Title: www.raiffeisen.ch/anlegen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rheintaler.ch/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rheintaler.ch/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCv6Kb4oSYZzmP5Lm4dr-73g

Search URL Search Domain Scan URL

URL: https://twitter.com/Rheintalonline?lang=de

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/rheintaler-ch/

Search URL Search Domain Scan URL

URL: http://www.rheintalmedien.ch/ansprechpartner/
Title: Mitarbeiter

Search URL Search Domain Scan URL

URL: http://www.rheintalmedien.ch/agb/
Title: AGB

Search URL Search Domain Scan URL

URL: http://www.rheintalmedien.ch/#kontakt
Title: Kontakt

Search URL Search Domain Scan URL

URL: http://www.rheintalmedien.ch/abos/
Title: Abonnieren

Search URL Search Domain Scan URL

URL: https://www.galledia-regionalmedien.ch/inserate/
Title: Inserieren

Search URL Search Domain Scan URL

URL: http://www.rheintalmedien.ch/leserbrief/
Title: Leserbrief verfassen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://secure.adnxs.com/seg?add=25417016&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1

Request Chain 37

https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&sdk=joey&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&sdk=joey&width=550

Request Chain 38

https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

123 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 82180 Show response
rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/ 37 KB
8 KB 811ms
778ms Document
text/html 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 7ac19d6e3ee81333c3f1b3656cb466efe74647ec4ec802dff3ea42db5061754d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 17 Mar 2022 13:58:47 GMT
Server: Apache
Cache-Control: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK rhei-a.8668699d.css
rheintaler.ch/css/ 159 KB
23 KB 38ms
15ms Stylesheet
text/css 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: ec06fd9e7cdece14e722473b89ffb6edaa7bf385330ce39113643588b06a8bb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 10:36:29 GMT
Server: Apache
ETag: "27ad7-5d80c1b225b83-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 22798

GET
H/1.1 200
OK rhei-b.dd8c3dc5.css
rheintaler.ch/css/ 349 KB
30 KB 44ms
17ms Stylesheet
text/css 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/css/rhei-b.dd8c3dc5.css
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 15017f7f166806cfcef0588034ac1c9a0fa502ff4546dd945d00b4fcb4f54b5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 10:36:30 GMT
Server: Apache
ETag: "575ef-5d80c1b22b943-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 30185

GET
H/1.1 200
OK modernizr.92347b80.js Show response
rheintaler.ch/js/ 11 KB
5 KB 39ms
12ms Script
application/javascript 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/js/modernizr.92347b80.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: b1c6b933014858ac8362a84daa391a04d2d7d39c44c9ba67f4291746060ee7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 10:36:30 GMT
Server: Apache
ETag: "2ce6-5d80c1b2326a3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4973

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=25417016&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1

0
1021 B

14ms
14ms

Script
application/javascript

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 13:58:48 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cc5172c4-24a1-4f7c-a340-e1492e49f7d9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 13:58:48 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8ba8601a-f794-4544-9794-b10a8fe4c0cd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25417016%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 86ms
45ms Script
text/javascript 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1531295&mt_adid=243595&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4256 109297d master zrh-pixel-x8 config:1.0.0 /
Resource Hash: a2228e17f8829f9176d68e24cb0e3f4e9d4a13b071dd7dbd37f1ef75d005e755

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Server: MT3 4256 109297d master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Thu, 17 Mar 2022 13:58:47 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 62ms
18ms Script
text/javascript 52.222.137.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.137.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-137-26.ams50.r.cloudfront.net

Software

Resource Hash

414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:53:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 290
etag: W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: AMS50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: VGR24XNh4mfX4Vwm0VrflNK-E3gqwAYO2S6OWX7XUvVvtG31AAdHuA==

GET
H/1.1 200
OK close.svg
rheintaler.ch/images/icons/ 937 B
1 KB 104ms
12ms Image
image/svg+xml 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rheintaler.ch/images/icons/close.svg
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 41bc28d3388ccbd4d30955102fe5c3eaba696c9a072849d762e517fa6b1979cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:58 GMT
Server: Apache
ETag: "3a9-5d80c15b5bd7c"
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 937

GET
H/1.1 200
OK login-overlay.179b3e78.png
rheintaler.ch/images/ 42 KB
42 KB 36ms
11ms Image
image/png 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rheintaler.ch/images/login-overlay.179b3e78.png
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 87201145680dbffd0397623ba7cfb3543c0eaa2bee63ec075db0e1d8e23371da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:58 GMT
Server: Apache
ETag: "a65d-5d80c15b5bd7c"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 42589

GET
H/1.1 200
OK storydetail_small_Depositphotos_550904408_XL.jpg
assets.rheintaler.ch/uploads/image/file/187619/619/ 41 KB
41 KB 75ms
12ms Image
image/jpeg 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rheintaler.ch/uploads/image/file/187619/619/storydetail_small_Depositphotos_550904408_XL.jpg
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: f08a2b67c49df596d67a1af3e5533f967f6949de6907963972fadeab5e1adb36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Fri, 04 Mar 2022 21:50:44 GMT
Server: Apache
ETag: "a24e-5d96b81b28fd1"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 41550

GET
H/1.1 200
OK 207410.jpg
rheintaler.ch/media/printads/2022-03-17/ 219 KB
219 KB 35ms
11ms Image
image/jpeg 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rheintaler.ch/media/printads/2022-03-17/207410.jpg
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 906497f52e13b18993845b1ad8e47ae2b58bae1ad40323af8299a5144b37e37a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Wed, 16 Mar 2022 22:55:02 GMT
Server: Apache
ETag: "36a98-5da5dcdbcb3c2"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 223896

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 138ms
51ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

f5cd7b1ca67498af68e72d3eb2d57b4077feca132311bfe1996f185af42b0d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27942
x-xss-protection: 0
server: sffe
etag: "1160 / 113 of 1000 / last-modified: 1647515325"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Mar 2022 13:58:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:16:16 GMT

GET
H/1.1 200
OK de_CH.js Show response
rheintaler.ch/_routes/ 4 KB
4 KB 82ms
57ms Script
text/javascript 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/_routes/de_CH.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 3e1508907b24563f66afecbb68255184e59bbfeffd9c133113aca0fae9d4c806

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Server: Apache
ETag: "52459f49906f8cf959b37f01aa67eae4"
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, must-revalidate
Connection: close
Expires: Thu, 17 Mar 2022 23:00:00 GMT

GET
H/1.1 200
OK main.6a927462.js Show response
rheintaler.ch/js/ 115 KB
34 KB 89ms
16ms Script
application/javascript 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/js/main.6a927462.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: e967fb8dba7170dbb7c1fcc0d4af7cea34ad464b892df32efc7d7b9629f7929f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 10:36:30 GMT
Server: Apache
ETag: "1cc83-5d80c1b2326a3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 34105

GET
H2 200 embed.js Show response
s.imgur.com/min/ 433 B
661 B 33ms
10ms Script
application/javascript 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgur.com/min/embed.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
via: 1.1 varnish
last-modified: Mon, 14 Mar 2022 21:42:00 GMT
age: 37
etag: "35a7c25618062b8160cabdc53e2f03a1"
x-served-by: cache-fra19150-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
x-timer: S1647525528.481524,VS0,VE0
content-length: 433
x-cache-hits: 2

GET
H/1.1 200
OK gallery.e02a1b02.js Show response
rheintaler.ch/js/ 24 KB
7 KB 91ms
13ms Script
application/javascript 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/js/gallery.e02a1b02.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 14d38e05ee174b84c0106fd20b544ac6e8cd5e99ac0de746ef885a69544ced21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 10:36:30 GMT
Server: Apache
ETag: "60ab-5d80c1b230763-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 6480

GET
H/1.1 200
OK story.2ac009d0.js Show response
rheintaler.ch/js/ 130 B
411 B 92ms
11ms Script
application/javascript 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/js/story.2ac009d0.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 7e918df9b59bf81ca749f47ebc60fd6536bef997388b3cb6dbf250dc4a35e618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Feb 2022 10:36:30 GMT
Server: Apache
ETag: "82-5d80c1b233643-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 115

GET
H2 200 2906652.js Show response
js.hs-scripts.com/ 964 B
893 B 216ms
199ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2906652.js
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddfd4a4e8a7c642a1f9ae8dbb8f5e9d12d5ee5558a4b40f4027b5e5ddf2749b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 8b18725d-0826-4598-bd4b-b6006a665b76
last-modified: Thu, 17 Mar 2022 13:42:44 GMT
server: cloudflare
x-trace: 2B133D3D04BB68A811EF4E25CAD7F92FC3443A8458000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://rheintaler.ch
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ed63ed8ff155c85-FRA
expires: Thu, 17 Mar 2022 13:59:48 GMT

GET
H2 200 292d20
hello.myfonts.net/count/ 0
353 B 82ms
36ms Stylesheet
text/css 2606:4700::6811:f349
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/292d20
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6ed63ed84e9f8fd4-FRA
content-length: 0
expires: Fri, 17 Mar 2023 13:58:48 GMT

GET
H/1.1 200
OK 2D861B_2_0.woff2
rheintaler.ch/font/ 64 KB
64 KB 39ms
12ms Font
application/octet-stream 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/font/2D861B_2_0.woff2
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 66d6b7da2b114a46449210454bae21ea187d9aeb740a43d7443d800a1bc5da51

Request headers

Referer: https://rheintaler.ch/css/rhei-a.8668699d.css
Origin: https://rheintaler.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:43 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
ETag: "fe58-5d80c14c1f6f1"
Content-Length: 65112

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1438
date: Thu, 17 Mar 2022 13:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 15:34:50 GMT

GET
H2 200 all.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

799332bbfc68dcffad05036609a577bb649a62ece5453945e9bda400313568b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RLtbMvWLnhrK+nNz86W5Og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: occmpyeVc29Yb25dfmYqVxnoYFs1+XyIZ428OgiPpYqQLN+OQL4ahUJSHNqZItlb3JIowUh/0PR9prY8FtIHaQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 48cb124ee71b38b740cc6f900bee1753
x-frame-options: DENY
date: Thu, 17 Mar 2022 13:58:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a5fe7d537c99288de1d857f05d81fbff"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Mar 2022 13:59:45 GMT

GET
H/1.1 200
OK general-sf83fb00d9f.png
rheintaler.ch/sprites/ 24 KB
24 KB 40ms
11ms Image
image/png 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rheintaler.ch/sprites/general-sf83fb00d9f.png
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 32e1e8571cb721a64341b26f46fb3bae53f66e4c42ffbacb141bd88eaa8da2be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/css/rhei-a.8668699d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:35:01 GMT
Server: Apache
ETag: "6090-5d80c15d50d25"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 24720

GET
H/1.1 200
OK s_3.70f03c51.png
rheintaler.ch/images/weather/ 1 KB
1 KB 39ms
12ms Image
image/png 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rheintaler.ch/images/weather/s_3.70f03c51.png
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-b.dd8c3dc5.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 901c190b981667cc2188e641600ddafa208f7400d568a08f8363d288b6246917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/css/rhei-b.dd8c3dc5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:59 GMT
Server: Apache
ETag: "435-5d80c15b64a1c"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1077

GET
H/1.1 200
OK rhei-icons-desktop.ttf
rheintaler.ch/font/ 7 KB
8 KB 16ms
12ms Font
application/font-sfnt 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/font/rhei-icons-desktop.ttf
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 34b1438d5293811c4cfd0bfdda84211c7c3e4681d61ff3699e3d52114a985c60

Request headers

Referer: https://rheintaler.ch/css/rhei-a.8668699d.css
Origin: https://rheintaler.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:43 GMT
Server: Apache
ETag: "1d88-5d80c14c1f6f1"
Content-Type: application/font-sfnt
Connection: close
Accept-Ranges: bytes
Content-Length: 7560

GET
H/1.1 200
OK PublicoHeadline-Roman-Web.woff
rheintaler.ch/font/ 63 KB
63 KB 17ms
12ms Font
application/font-woff 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/font/PublicoHeadline-Roman-Web.woff
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 12d5906df1c38b0fe50afe3d42c853776616339ca24bd165698405889cd67c01

Request headers

Referer: https://rheintaler.ch/css/rhei-a.8668699d.css
Origin: https://rheintaler.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:43 GMT
Server: Apache
ETag: "fbde-5d80c14c1f6f1"
Content-Type: application/font-woff
Connection: close
Accept-Ranges: bytes
Content-Length: 64478

GET
H/1.1 200
OK rhei-icons-mobile.ttf
rheintaler.ch/font/ 8 KB
8 KB 17ms
12ms Font
application/font-sfnt 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/font/rhei-icons-mobile.ttf
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 856765ebd5b9b928aebd57f2500af4945b809cf2b5c9b9003b01929fc0716d24

Request headers

Referer: https://rheintaler.ch/css/rhei-a.8668699d.css
Origin: https://rheintaler.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:43 GMT
Server: Apache
ETag: "1ecc-5d80c14c20691"
Content-Type: application/font-sfnt
Connection: close
Accept-Ranges: bytes
Content-Length: 7884

GET
H/1.1 200
OK fontawesome-webfont.woff
rheintaler.ch/font/ 82 KB
82 KB 17ms
11ms Font
application/font-woff 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://rheintaler.ch/font/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/css/rhei-a.8668699d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer: https://rheintaler.ch/css/rhei-a.8668699d.css
Origin: https://rheintaler.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Tue, 15 Feb 2022 10:34:59 GMT
Server: Apache
ETag: "14730-5d80c15b659bc"
Content-Type: application/font-woff
Connection: close
Accept-Ranges: bytes
Content-Length: 83760

GET
H2 200 5c35c0e6ad0b1400119dbb7d.js Show response
buttons-config.sharethis.com/js/ 479 B
875 B 52ms
18ms Script
text/javascript 2600:9000:2182:f800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5c35c0e6ad0b1400119dbb7d.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28a1fc0e197e1b69499e33c86c04ce4f38bcd7b5e6acc1a7cdcc8a27186e5763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:40 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd2.cloudfront.net (CloudFront)
last-modified: Thu, 17 Jan 2019 10:28:33 GMT
server: AmazonS3
age: 9
etag: "e8fc0588e00c394759318c455f0e1d7a"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 479
x-amz-cf-id: YeP6-2Nsn0ozdqSh1FXu4xqu4-7f90VCyfTTX34Ec1pVarwKwF4Mlw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
400 B 42ms
9ms XHR
text/plain 3.123.86.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=rheintaler.ch&location=%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&product=custom-share-buttons&url=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Promotion%3A%20B%C3%B6rsen%20im%20Bann%20des%20Krieges%20-%20rheintaler.ch&cms=unknown&publisher=5c35c0e6ad0b1400119dbb7d&sop=true&version=st_sop.js&lang=en&description=Die%20Eroberung%20der%20Ukraine%20hat%20sich%20Vladimir%20Putin%20sicher%20einfacher%20vorgestellt.%20Aus%20dem%20geplanten%20Blitzkrieg%20wird%20ein%20verlustreicher%20Stellungskrieg.%20Die%20westlichen%20Staaten%20haben%20ein%20hartes%20Sanktionspaket...

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.86.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://rheintaler.ch
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame F322 631 B
994 B 26ms
26ms Document
text/html 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=691c6233-3e98-4100-87d5-1ec4d960c493&no_iframe=1&mt_adid=243595&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1531295&mt_adid=243595&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4256 109297d master zrh-pixel-x12 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

Content-Type: text/html
Content-Length: 631
Access-Control-Allow-Origin: *
Server: MT3 4256 109297d master zrh-pixel-x12 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Thu, 17 Mar 2022 13:58:47 GMT
Date: Thu, 17 Mar 2022 13:58:48 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 37ms
25ms Image
image/gif 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4256 109297d master cdg-pixel-x14 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Server: MT3 4256 109297d master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Mar 2022 13:58:47 GMT

GET
H3 200 all.js Show response
connect.facebook.net/de_DE/ 287 KB
82 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js?hash=9e8bafd0a81cac7011dfe4b3c1ea2800

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f590a80bf63d2d286e38968816a7dabafcf5f5493f49978bff33dc83805187a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rheintaler.ch/
Origin: https://rheintaler.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WsHs7UlGAYGGnBejO9izxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 83848
x-fb-rlafr: 0
x-fb-debug: VzMCMRT33tvQgU3ExvJeT7e4HfZsfCF7VFnuGP/+wHxyw0ic/zoAC/fKjqi7W9ulqxFKefGkFdDfraAXPbQxAA==
x-fb-content-md5: 4da724a71abbbef9adebbc5739fa9b7a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 13:58:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f25aa79477abd02ddb8ebb0d162382be"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Mar 2023 12:54:35 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 49ms
32ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404932156383110&input_token&origin=1&redirect_uri=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=9e8bafd0a81cac7011dfe4b3c1ea2800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 46aroCJxUuz+DqdbTiQvu8ZjF5soyY+XP7bXS2+OwZgdr8xdqLl6XcZnLgEotsJCaCGXPfxSmcdRYWZFQVxj5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Thu, 17 Mar 2022 13:58:48 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rheintaler.ch
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame F322 43 B
524 B 39ms
39ms Image
image/gif 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=691c6233-3e98-4100-87d5-1ec4d960c493&no_iframe=1&mt_adid=243595&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4256 109297d master cdg-pixel-x6 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=691c6233-3e98-4100-87d5-1ec4d960c493&no_iframe=1&mt_adid=243595&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Server: MT3 4256 109297d master cdg-pixel-x6 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Mar 2022 13:58:47 GMT

GET
H2 200 embed-controller.js Show response
s.imgur.com/min/ 3 KB
3 KB 9ms
8ms Script
application/javascript 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgur.com/min/embed-controller.js
Requested by: Host: s.imgur.com
URL: https://s.imgur.com/min/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
via: 1.1 varnish
last-modified: Mon, 14 Mar 2022 21:42:00 GMT
age: 107
etag: "9ed8fe2752ce22d6cdf0488bd3ad0802"
x-served-by: cache-fra19150-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
x-timer: S1647525529.601738,VS0,VE0
content-length: 2809
x-cache-hits: 3

GET
H2 200 login_button.php Show response
www.facebook.com/plugins/ Frame 4F06 34 KB
14 KB 60ms
60ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1af5308e644104%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=9e8bafd0a81cac7011dfe4b3c1ea2800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0854d2c1c15690cfadaf6e1ca745174dc353f92aeb79ce7a797b24ee57a4ae9

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qDivqO+LGxVv5GqAT8xzrxLNo2CV8lv5DTw4z1Sa+rpu/woSSmcnWePSAH6RJZr06SrACrArDQsOrO/BFd66Ng==
date: Thu, 17 Mar 2022 13:58:48 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 27D9
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drhein...
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drhein...

41 KB
12 KB

3072ms
3062ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&sdk=joey&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=9e8bafd0a81cac7011dfe4b3c1ea2800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c5a154b22d336cad91674637f38154d8014914d2647d233c431c256059e735a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: LgYjQfDT30WnyyBFTd/Cp+iQyhhVB9GfdoYEniutB2xch6TjIfWuGvY+1DIpttdyZfBSkLj+ke9j4Bj55owmpA==
date: Thu, 17 Mar 2022 13:58:51 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&sdk=joey&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Arc+zMXztJdU4ubf6zFu7esazsRDbcYwNymVq+/tUp5Sbt6nykYGDXuWx5kxaEUbNvbUpBDRtQ9EfbCoTk+9cg==
content-length: 0
date: Thu, 17 Mar 2022 13:58:48 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame FCB1
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drhein...
https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drhein...

135 KB
31 KB

3084ms
3084ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=9e8bafd0a81cac7011dfe4b3c1ea2800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

595330e7065b1624186714c523bebb73d7295f802c387f385ebdd432f9f32231

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: TdxPMXyuYbV4CIe2kplqFe1egc8lS2jm2wGLWPuupXNRGOHJ0xfafMsfrCoxiAoPpWYekSZ1f/O0RtBI5G91FQ==
date: Thu, 17 Mar 2022 13:58:51 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: BicOO+3CkI5bL6LRX3lUTpZOfdj+YOzqmylYHLRr3hDTUMVmbzP/opbz1nq4HZk7n51go9h3V3u5+fhUjnUfgg==
content-length: 0
date: Thu, 17 Mar 2022 13:58:48 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login_button.php Show response
www.facebook.com/plugins/ Frame 127A 34 KB
13 KB 96ms
96ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a324680cad98%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=9e8bafd0a81cac7011dfe4b3c1ea2800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3269f14b838d598dd688a06686a9473ee0575e04f1763c663407d7fc4a49dd8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: FrxYni6632iZtYNeLFIK9ycqgR/dQpWMQNo5iycMAzAxeR+vXUkntqH1LpYpMXStecURJExRDlvray0Sir957Q==
date: Thu, 17 Mar 2022 13:58:48 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 400 / Show response
graph.facebook.com/ 202 B
599 B 58ms
33ms XHR
application/json 2a03:2880:f01c:20e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

daa86adb355b0f19e9d58272ffd8bd7d5331348d3b444730a2de6ee147df0123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://rheintaler.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005210771
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Go7lOVTvLY8/ZA24mQkEG63Dn5kcRSkkF90UqfznsOwG8rWP0UGG6H07gQdUcsgfoq496XXxs1G6Xm3Z1sGnwg==
x-fb-trace-id: BjmUtCmmP3u
date: Thu, 17 Mar 2022 13:58:48 GMT
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AwAppOy3j1Reqr8in3erTBc
cache-control: no-store
facebook-api-version: v6.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 199 B
557 B 222ms
179ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

bcb0e772749392ca256ba5b30b6213d22b21a25b7101306d898c616c65c8da82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: 4006cb82a7f3ebab2ba5787ea0e275c6
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
content-length: 199
apigw-requestid: PIa35g5roAMEJCg=
x-amz-cf-id: YN02qKpXQ9Po9xdUcQckjSXQeR-nfTpmD5lCG8ix-eioIOfeqY5mKQ==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
724 B 116ms
17ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Mar 2022 05:56:31 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 547337
etag: "c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 301
x-amz-cf-id: WnBlAaSGoWoPUMZIHYf8WrZY-oTA0o3MyQQkxGbUEht1Nwzues-E6Q==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 116ms
17ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 14 Mar 2022 05:21:49 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 290219
etag: "0af2fb38987598376c99e21af17ade45"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 731
x-amz-cf-id: pYO0BFIsHzsxH2o5JUcKLfk-sSpc7QoJ9sPiJ8aZe4MA4UXamNTR0A==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 116ms
18ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 20 Feb 2022 15:09:29 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2155760
etag: "afe7fc60ed757db39a88d2950fce69c9"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 832
x-amz-cf-id: N-dPnDpkqUEiLpZ0tMUhkDbJVWIIaMtSxBw-dbcyMf_FAlb7vmYroQ==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
881 B 117ms
18ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 05:48:24 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1411825
etag: "fa43b4ede18498b114fc7185993f6da7"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 456
x-amz-cf-id: BAUgq5N-c2HJ2QrAYeEm_C7CxfJorGNsWSZFC5SGXFZfv_J1ElUfDg==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
767 B 116ms
18ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 03:21:49 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1420620
etag: "5977437466e857c7ddcadda6f6d88c2a"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 343
x-amz-cf-id: 9eUVUkG-AGozVyh-ilBUzJdfawhAz49rPFgCe_60GzszZFQUFnP1WQ==

GET
H2 200 print.svg
platform-cdn.sharethis.com/img/ 384 B
807 B 117ms
19ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/print.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 06 Mar 2022 11:51:01 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 958068
etag: "f13e866e7f19263a292ab3997e01fb17"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 384
x-amz-cf-id: H-YTsof-m5LZ-JJ-tOuv2YnxFW-1x-GEfoEOowuyAruzIYwH6iFCKA==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 20ms
17ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 14 Mar 2022 06:31:44 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 286025
etag: "b55d8d2b9321e381a3c38a4bddb74037"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 565
x-amz-cf-id: tjGjasl0eTcQBSDVqQnFp-Egv5PxiUvbaDmQhHHYeaROZ9Nyx68lPw==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
988 B 21ms
18ms Image
image/svg+xml 2600:9000:2260:8200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2260:8200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Mar 2022 19:45:13 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 497616
etag: "9928d025bd5792b718ee0a185f62e67c"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 565
x-amz-cf-id: ucqcjRu2CI9hGqAHLG9bHpIKBT6-acW7HemXA0CD5OXeM2zcEZOxfw==

GET
H3 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 84ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 16:51:46 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 46 B
82 B 96ms
49ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rheintaler.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a463dcc746f9b588134714387f9bbdb34da3005ad33291e74668afead3336f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58
x-xss-protection: 0
expires: Thu, 17 Mar 2022 13:58:48 GMT

GET
H2 200 qYG_pvNhLC1.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 4F06 371 B
758 B 10ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/qYG_pvNhLC1.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1af5308e644104%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
x-content-type-options: nosniff
content-md5: ApFuUU9EOpmqxGomIy3eug==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 371
x-fb-rlafr: 0
x-fb-debug: aXzxD8LNsLaxHHlxb7EH1DOwfkUA7xq836X4Ua65wsgwU6tceNqs2XWbYd4oUimMMRIGc8Yn5A1/yh5Xx0Prvw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 18:27:32 GMT

GET
H2 200 iqVGY7gYXlg.gif
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 4F06 1 KB
1 KB 10ms
7ms Image
image/gif 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
x-content-type-options: nosniff
content-md5: xus77tDlZhUxDt48lJn72A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1056
x-fb-rlafr: 0
x-fb-debug: +SoGXM6+1hEShVx/eZk81gZ1BOowrr3B6rWrMX79vwAkG3F4JzbyUVT7x5aBRKnEtz7YQ08yNO8AR6K4nMxQuA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=6
expires: Thu, 09 Mar 2023 00:05:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 91ms
45ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1645886392&t=pageview&_s=1&dl=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&ul=en-us&de=UTF-8&dt=Promotion%3A%20B%C3%B6rsen%20im%20Bann%20des%20Krieges%20-%20rheintaler.ch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1274691146&gjid=146823490&cid=846688142.1647525529&tid=UA-49355853-1&_gid=207014956.1647525529&_r=1&_slc=1&z=1189120310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rheintaler.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:58:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rheintaler.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2906652.js Show response
js.hs-analytics.net/analytics/1647525300000/ 62 KB
20 KB 193ms
161ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1647525300000/2906652.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2906652.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e40fc28c172d144e48ffc2a538b32bcecc442c8898394137cc12c9ee7f8276f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 67PHKH7Y0QKMKDTG
x-amz-server-side-encryption: AES256
cf-ray: 6ed63edaaf4b9bef-FRA
x-amz-id-2: ZpLU6ZMM0AP1bFt/bkvxCr1TgSJD7oFGwBWe/0PET8VcXWXNvvHDzC/KtKmeJFEfKizrZG3Uu4Q=
last-modified: Thu, 24 Feb 2022 12:10:45 GMT
server: cloudflare
etag: W/"a0c58ce25f6d050ad01efce0c175e77f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 17 Mar 2022 14:03:48 GMT

GET
H2 200 2906652.js Show response
js.hs-banner.com/ 60 KB
16 KB 494ms
461ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2906652.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2906652.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932ecf71d8b8455a394658fd82ce60544ff6b62f3837b78417d06f814fcba552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: VPSF0G3Q6C9QZ5JY
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: UwOkzeX6VjkzFiWOYXUKEebfGObSWjXfAd1sbhWVQwSbnOTFDWZQ8ikCDjuWxke/L2Us3FwgNA8=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 20:52:48 GMT
server: cloudflare
etag: W/"97f788299879e456308e89d3fd5bf141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: .NsdPS7O5aU445b1dg03ivrTK7bVL1S3
access-control-allow-origin: https://rheintaler.ch
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ed63edaadf7911e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 17 Mar 2022 14:03:49 GMT

GET
H3 200 JvUUDH-PoUa.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/ Frame 4F06 524 KB
138 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/JvUUDH-PoUa.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c962d2f3c6d6f0150576560d1dac2d564b09d604ef3aa6a13ecd8d63216eb68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uxuNmcjyXoMvj+YOW5QNkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 141107
x-fb-rlafr: 0
x-fb-debug: KJZSUEaQ/avzGFd1e29yIRDJb+tyBn2JbWmCUl6jJD84YXPGlYgmQPF4UosmRtn1nudkmT8msjWD+lLZzqEBUA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Mar 2023 08:34:29 GMT

GET
H/1.1 200
OK storydetail_large_Depositphotos_550904408_XL.jpg
assets.rheintaler.ch/uploads/image/file/187619/619/ 39 KB
39 KB 49ms
24ms Image
image/jpeg 5.148.168.157
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rheintaler.ch/uploads/image/file/187619/619/storydetail_large_Depositphotos_550904408_XL.jpg
Requested by: Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.148.168.157 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: origammirheintaler01.nine.ch
Software: Apache /
Resource Hash: 2ba338ebf61cbce53a2cb1d57d5eb0344c85f825fe83e8e8069f789e204f128e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:58:48 GMT
Last-Modified: Fri, 04 Mar 2022 21:50:44 GMT
Server: Apache
ETag: "9b4c-5d96b81b29f71"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 39756

GET
H3 200 qYG_pvNhLC1.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 127A 371 B
424 B 8ms
8ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/qYG_pvNhLC1.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a324680cad98%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
x-content-type-options: nosniff
content-md5: ApFuUU9EOpmqxGomIy3eug==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 371
x-fb-rlafr: 0
x-fb-debug: aXzxD8LNsLaxHHlxb7EH1DOwfkUA7xq836X4Ua65wsgwU6tceNqs2XWbYd4oUimMMRIGc8Yn5A1/yh5Xx0Prvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 18:27:32 GMT

GET
H3 200 iqVGY7gYXlg.gif
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 127A 1 KB
1 KB 21ms
20ms Image
image/gif 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a324680cad98%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
x-content-type-options: nosniff
content-md5: xus77tDlZhUxDt48lJn72A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1056
x-fb-rlafr: 0
x-fb-debug: +SoGXM6+1hEShVx/eZk81gZ1BOowrr3B6rWrMX79vwAkG3F4JzbyUVT7x5aBRKnEtz7YQ08yNO8AR6K4nMxQuA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=6
expires: Thu, 09 Mar 2023 00:05:55 GMT

GET
H3 200 JvUUDH-PoUa.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/ Frame 127A 524 KB
138 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/y1/l/de_DE/JvUUDH-PoUa.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=404932156383110&auto_logout_link=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a324680cad98%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&locale=de_DE&login_text=%0A&max_rows=1&scope=public_profile%2Cemail&sdk=joey&show_faces=false&size=medium&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c962d2f3c6d6f0150576560d1dac2d564b09d604ef3aa6a13ecd8d63216eb68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uxuNmcjyXoMvj+YOW5QNkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 141107
x-fb-rlafr: 0
x-fb-debug: KJZSUEaQ/avzGFd1e29yIRDJb+tyBn2JbWmCUl6jJD84YXPGlYgmQPF4UosmRtn1nudkmT8msjWD+lLZzqEBUA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Mar 2023 08:34:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-49355853-1&cid=846688142.1647525529&jid=1274691146&gjid=146823490&_gid=207014956.1647525529&_u=IEBAAAAAAAAAAC~&z=115338380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rheintaler.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 13:58:48 GMT
content-type: text/plain
access-control-allow-origin: https://rheintaler.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
51ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rheintaler.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rheintaler.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
22 KB 110ms
110ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1148987290650438&correlator=449208032576305&eid=31060837%2C31065691%2C44756896%2C31065656%2C44755509&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21822988163%2Crht_website%2Crht_display%2Crht_display_topbanner%2Crht_display_sidebanner%2Crht_display_partnerschaften_rectangle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%2C728x90%2C160x600%7C300x600%2C300x250&ifi=1&adks=1429507316%2C1411502013%2C1597720936%2C3574114147&sfv=1-0-38&ecs=20220317&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1647525528879&lmt=1647525528&dlt=1647525528253&idt=605&biw=1600&bih=1200&adxs=436%2C-12245933%2C1120%2C1050&adys=0%2C-12245933%2C192%2C298&oid=2&ucis=1%7C2%7C3%7C4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1%7C0x0%7C399x212%7C399x212&msz=1600x0%7C0x0%7C379x82%7C379x82&fws=4%2C132%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=846688142.1647525529&ga_sid=1647525529&ga_hid=1645886392&ga_fc=true&btvi=0%7C-1%7C0%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9368d3caea8e5c37e0eed41a69d41be7c83191fa02d43d0513084ddd1af3f579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22403
x-xss-protection: 0
google-lineitem-id: 5947017563,5943581269,-2,5679870162
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384307527,138383794908,-2,138383269194
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rheintaler.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4FD3 6 KB
4 KB 151ms
45ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 17 Mar 2022 13:58:49 GMT
expires: Fri, 17 Mar 2023 13:58:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 161ms
75ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49355853-1&cid=846688142.1647525529&jid=1274691146&_u=IEBAAAAAAAAAAC~&z=2128002273

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 162ms
77ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49355853-1&cid=846688142.1647525529&jid=1274691146&_u=IEBAAAAAAAAAAC~&z=2128002273

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADCC 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 13:58:49 GMT
expires: Fri, 17 Mar 2023 13:58:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80FE 0
0 61ms
60ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXhBX2a-4R-_1FUeWFQ3--DXJXESMRc9I2784F-Q4cLKqN-XaCmo5uHESa7I8GesytZq9f8YQRoZEJ6uur_NdlO81r4eiMN3b918JAWnRKklvHCeyxe_9OH0FwjlI0iwPEC2MgjbBAPCJqFADBLe09djAj94QamKJq5Qtp1sVaC1z3bGuWX8yuEuK__aGdi2rKIYyrC-wMfmKYOq2k6BBM6oZTmyTwMl38PgvfPx7mUVENAwXIx8P3OHQoNjeUWaFonUHO4Xi1HynXpX0qV1ozGpk7uuRexcoDo8JYW9xl_PsGwZrKSk5PXIYqdo6u58pP1Y1IG75B5VAAt_xZM4nQFbZQhnHJMjBl1A&sai=AMfl-YSCJhGkeQ-TFiex1IV2naGtrJuY9WIG2nUGx82VFTQmZzethqyHGKlAYxDjJntcgfNlnNRLLNBXaLxA-tShmiiYceFjdKEzFzIHYogopym5naMVNgWOzeOEr58ttM04&sig=Cg0ArKJSzK1rzbBDAoPCEAE&uach_m=[UACH]&adurl=

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame 80FE 2 KB
1 KB 130ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 13:54:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80FE 117 KB
36 KB 141ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 80FE 0
0 47ms
47ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvuY56mjhyHLNtWUSqyC0-JWwBv1V2FvJ7WBRAhRAJEKrwtEptgIDakqZ4RuNsV5YlNe8SDgh99Wapj7Yz0f38O6IN_w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 14071756250571549423
tpc.googlesyndication.com/simgad/ Frame 80FE 18 KB
18 KB 217ms
134ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14071756250571549423

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edfb76cb333acfa7d4a27e180b7f699d75f6d05e335ccf59e7b30656a2f4c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 02:27:54 GMT
x-content-type-options: nosniff
age: 300655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18026
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 09:39:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 02:27:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4B6 0
0 60ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuACjcHOLTdEIYvzAFMkjedRtrhaU_YZbGE8fuoTEHbNUx19GKqZGBapl7VRh2xoUXFhUgPdH5dPczkaqLL_vJ5OMTpP1TIqojSyVXnvfZdhCCJce8Qnz-oguEm0i2LQ0Hysxq2JOSxOb_f29H7roL8wU35VwTuyaqfsbSGjVt7VY_9KsDQOu9E5ICrTtyepVUGZGG0aABJzbTMvYOrBTqrVWs7ghr9nol_aAG7fyis_kQ4cV6DlpfFmFVK7J8311Xpi9lmlovw0-mhR1O4jAJBynnBZH-3ofBol4uLkm4A2VbyQRe52hsGc5qhkd2bUjvBs1re5p9YDDePd7byqmHN7RbnB-a9mrcL9GhSZRGDwHjlnsggI-1H4iA&sai=AMfl-YS7swe7cFwVo3DV_4DE68pFH4bOPbKsdHJQyLhTJw9OzDZFJjdrHmoNA_GWQR1hJ-5EBo4HyP8GyZrguIttnrq_RuryEHNghhOcWiyZCGvVoV06tQAjoEG4AV82jzno&sig=Cg0ArKJSzPnmzEAo8eHpEAE&uach_m=[UACH]&adurl=

Requested by

Host: rheintaler.ch
URL: https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/ Frame D4B6 2 KB
1 KB 125ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 13:54:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4B6 117 KB
36 KB 198ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D4B6 0
0 46ms
46ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhbw7i3QQ6U0_bOcgE9tz3D1JrPvMMfvoHfa9UBZ8lC6v7wU-7IFP_BIlu0YCWNSLrt9VtZLljkQBt0dNstE06dQps8g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 17949146464887587321
tpc.googlesyndication.com/simgad/ Frame D4B6 84 KB
85 KB 126ms
46ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17949146464887587321

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04f3cc4a362d88b3cc13f0fc360adc899b594f47618b9816521bb57ec7ae1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:01:32 GMT
x-content-type-options: nosniff
age: 17837
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86293
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 08:43:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 09:01:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220315/r20110914/ Frame ADCC 19 KB
8 KB 80ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220315/r20110914/abg_lite_fy2019.js

Requested by

Host: ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
URL: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 13:55:37 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame ADCC 22 KB
7 KB 132ms
92ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
URL: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 11:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 11:48:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADCC 117 KB
36 KB 138ms
98ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
URL: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame ADCC 109 KB
38 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
URL: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
Origin: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 09:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 09:02:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4B6 0
0 63ms
62ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_GtKsKV9lKAXrXvdPtE_03XaNi6elxLAS1t10Dfa9D2bXmZ95GgqNB72kbqSIGCDRjgX6WI-nYygMSfKvx-XotTsFuoITkYdgPhc3Oov36rWuL4hozw6xss3oaluRL4R7x2cr4UzrgzaWEZ_y9A0lz7ZOIFmKsVQRL3Zzls3tS5SCfSuBTC5-WE2cU555v9wMmvUKNPPESyxbB_lcWa3bIu2CVo-KXygbymvI6J61bN3JplYUJOaWje_wbbr9O1YTj838xOCfus-y38JKk_Jv_0O5rOtQ-9gPkx5I2a4jO-4h1EZa7I98ONuABVaRwfo36orvBGRXTCxg_m7owLWALkPlHKmJzvCJIlNILYqVkt7VPsfNHV4tiNInFw&sai=AMfl-YSxIYYjfYshZFDw8eXgKXkQNuH5hgLR3Mtbc9QQ7mhAa2HQhBdZ0TaRCGq0dlto3zbhCifnecTQvzf8hGU1wBbrFhd1KG_sY96wTbIw7D0lD3NnqlykgYwgH2SCJrzX&sig=Cg0ArKJSzPGAzwTb2m9UEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
DATA 200
OK truncated
/ Frame D4B6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60e783406a62047fa6c78fcc5e867e24961eadb40461af0262e854e95256afa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80FE 0
0 63ms
62ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDX7-2isOKH6rSGL7MtEzEbOq7tQ9_shOnNnQJy8VBhdq-tdE_AxHwQhu3iUUdEW5W6StYLotTswORvw7hJ5MuFkitaAwxE8pS8zJRQYKFYomAmPRbb-4162lScOetIDH5hRFAEDd4k3XzSXZ74NDPkqwJqMgvu8272kIE1-HfesHP1cbMqqeR5Q6aShOC7BUIP6jLpwAe_8uwUrNlSF4yVomFUjtehTerBhZQ948dF2X402YIiTixViE_Xu9EN4OwWtyfNbmfUZCBcn4J2pFLorR9P3GHj_-y502aZKEcWu9IiApqTUVG1v4EMQhORJDK6m4869AoWXINNFOd71JER7xgGTTw_oK8-_oV&sai=AMfl-YQSAcHtpchMf-olKUl3bgyMVFYXRwm1bJaCD5sojO6K6YdzH_atj9xn_oh9vLjGbmEmBZNrvSaNsMpK8cu7f87bP2LzDLtHJK5UWkmPKyog_7j48gOV6Htu_KPjruwa&sig=Cg0ArKJSzCRoqX-yFRPEEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H3 200 728x90.html Show response
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/ Frame 7B77 4 KB
1 KB 81ms
37ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6941bfc49f25d2aba8d4f3bbea319f5aa3b1e337e7067093ea712b5195d2a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1425
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 19:51:24 GMT
expires: Thu, 17 Mar 2022 19:51:24 GMT
cache-control: public, max-age=86400
age: 65245
last-modified: Fri, 11 Mar 2022 15:16:32 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADCC 0
23 B 61ms
60ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHE6wGoB8PoOCQ_axOUQTxgPm-3aEh6jtWbahgn60u_eYG7K0qy66vNxRoiCb_3Jf5x1NYQaY58XjHVx8jJA-7pOSirNF7VAneE2fAM7tO1DpRN8kBBNlmWvt1RnVqeTo1HJRdhsG6-PWZuue4mOADv9FeaLAgaNYPtgD7PHMtj7WmW5QjynksA2aWffotuQbdgt9EbXC7yHNd5UI_YIMvHNmKVUk1Fje2c9XyEpSwCpxf8ZWmzbm7xk7nLx_83PTmMUTZBbT05k2rN-9yaCP077KZfQ9fywOyeQAp4lePc-1VgXu2SZv8E3UWjzfNjNljTnhP8PaTFkcUHP7P7bymCYCggvP7_ZXOeA&sai=AMfl-YQHgsi5QoQqxZF591mHcs6u2JQm2I0s_YFHwlnwXEl-iEhWyyLCBJhymBZiHu_Plv01xu1cN0Zz_y9iC98C387Mv5_NaOPfjXuX50iVyx6SERyD6COWcuYra5x6Nbdl&sig=Cg0ArKJSzIeISf5SXMk4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
URL: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 728x90_hype_generated_script.js Show response
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/728x90_hype_generated_script.js?28172

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64a5dc4a840c29926dc8c1b3b3437cc18561c0b874a2c04c671bf4107b4b3ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2777
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 19:51:24 GMT

GET
H3 200 HYPE-736.full.min.js Show response
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 91 KB
39 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/HYPE-736.full.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/728x90_hype_generated_script.js?28172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1790fc57c23620256ce678503596bc153249c9b7214e19b244067ced81d72ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39954
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 19:51:24 GMT

GET
H3 200 cursor.png
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 1014 B
1 KB 38ms
37ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/cursor.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9751a70da29e7b48d5a45a08d4c14a74314ea4c9edf79c04dbadc8436995ad7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:09:11 GMT
x-content-type-options: nosniff
age: 28178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1014
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 06:09:11 GMT

GET
H3 200 sk-logo.jpg
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 24 KB
24 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/sk-logo.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82b3469e0011c26d007f15fadf7da25ab00e11803509513b40be5c8a1dca2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:09:11 GMT
x-content-type-options: nosniff
age: 28178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24718
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 06:09:11 GMT

GET
H3 200 rodeln-130h.jpg
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 6 KB
6 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/rodeln-130h.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a927011db8f3f40473dbcadabd9faf1b585a78063b4e249a227d3659cf1e4711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:09:11 GMT
x-content-type-options: nosniff
age: 28178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 06:09:11 GMT

GET
H3 200 ski-130h.jpg
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 7 KB
7 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ski-130h.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36785d73319ac0f6ea29901a1883546f7a1c583a800d0d5d67186f6f269375ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:09:11 GMT
x-content-type-options: nosniff
age: 28178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7563
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 06:09:11 GMT

GET
H3 200 cards.png
s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/ Frame 7B77 11 KB
11 KB 41ms
41ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.hyperesources/cards.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd6b430fe5ddb36be884a16d3c16bd6a4cf8397af71d7f5f9bb9e78d9b459b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1860377/4958334194/1647011791086/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 06:09:11 GMT
x-content-type-options: nosniff
age: 28178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11637
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 15:16:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 06:09:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADCC 0
0 64ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuek1JNTaTYh2IszqnzVIoRZ4mRPcMfc15bVDZp3fPagtx-tr6ibm2Jt5A36MvgW4k3hiBZhVq1zjLir4GRGzhUQYCmKuPi_2WKCyJQ1ZDFVzchr5hFpQP0RMduU1FRyGxbQpW6yVdcP8mSkhFaDzEjOSfwcRY7mzOTDUh4iXGLGj-leDL8vkxSGghsJbp2z16U9a1idQeqzhAzoWtR5sP5GrGoZwp0hseZi_FvQq2zcUtHCg6Ri1xlivrDUjMOopzBn5qR8RY-o6Ym-DPbFuieTusoFKkiKnODepeGMDewV0fIa3phOBCNCeL4BWcxD28Q0yJWcon4C_H86lkpyvE4wGcFEain5XWbGxU1&sai=AMfl-YRKPV6KOaMaEX48llcfzhK-U-gU0bqdLfdq6bsjOUQQZ-_rUZxGcIRVdcRAhJcMmvygJi0z-dIjxWQWBlYuA0a8qOkRbfnHQMqJ3IpZ1xqmKYT9yOJ5F_kxxngyoXUI&sig=Cg0ArKJSzDSDEOIY7EPgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Mar 2022 13:58:49 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D4B6 42 B
497 B 146ms
61ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2i3irvR77TIJ-7sjScqg3y-A7ejMPOQH2fuwDwcYzrmszH3SfFh-yeSXUi7KflILCJ5NSbuj9bs9N9XrOoCTkISGlVOY7Am71qaPuN7m3SBvAf7tb&sig=Cg0ArKJSzJf-eLEzCAv_EAE&id=lidar2&mcvt=1000&p=282,1050,532,1350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3574114147&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647525529021&rpt=253&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:58:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADCC 42 B
64 B 111ms
62ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUgL3CT9HcQR9u6lwDd6inRaPye-8Ft3qZJ3oTVr-_vfbC4yWgR-8jd1dkL6gzKTPVxyqycictc81-C9EuxGCInFSZFlqcHECxkoP8PDPQi6tt1DfC&sig=Cg0ArKJSzON8aeKE7Q3EEAE&id=lidar2&mcvt=1000&p=0,436,90,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1429507316&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647525529009&rpt=624&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:58:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ZcEEO3vVIk7.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame 27D9 778 B
458 B 7ms
7ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ZcEEO3vVIk7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afb7efafd5bcc%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: frqfMJ6oaa+P17vesUCn7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 404
x-fb-rlafr: 0
x-fb-debug: a/61h6R1J27SSX2B6MBy0BC4nzCK7IRLd85JDoXHRLKm3/mpbd+q7VKPLiR3G1DGcK7enPYRQpKRjR3YWMGbNw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Mar 2023 21:23:55 GMT

GET
H3 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 27D9 125 KB
20 KB 8ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DaMRuE+YoIxDIzGIPbrOjw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20378
x-fb-rlafr: 0
x-fb-debug: az8vC/cqnUAEQ6sajP3QOR3Wa/WOiPPk2SMhW8qHHkeakf1D4d7ORx6E9ghtq/crEW53vfM8qmVnqjUOKijw8g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Wed, 08 Mar 2023 19:15:56 GMT

GET
H3 200 Yb0gveej7nV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 27D9 307 KB
82 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/Yb0gveej7nV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45a68bb9220716fcb332c302d3dc235742aea8cc76018efbf0f702d020691761

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kuEibdsVDuSXULzMqzsIbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84398
x-fb-rlafr: 0
x-fb-debug: PU9wETZQVioWQeOoMdtz/DxCU80rnh6fZSJ8JkqQhfn792M1twOIjz7Zs3VUqeSljDgY88qB6LX99v8e5pR+eQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Mar 2023 00:28:59 GMT

GET
H3 200 SEL4f826Zb8.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/ Frame 27D9 156 KB
43 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/SEL4f826Zb8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1d96225a7734a52ae43f75b708e8bf8d34bfd3b1d1891b4333d10d908375e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: H8zMw9SQtmyF1XIURj6M8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44483
x-fb-rlafr: 0
x-fb-debug: W7zXxxGnG4VaMs/w0mNmGhXBd2LOXZ3qf9sPmGLfjZRjGQxffZUmxLcb7yGux2pzTgiU+4E2V4at25hXnnHuLA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 17 Mar 2023 02:07:12 GMT

GET
H3 200 NhvSSrc56J2.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/ Frame 27D9 41 KB
12 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/NhvSSrc56J2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8266ed2708ada787994cb1d2bed707a2d9c311283973bfc2673412551e9aa0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5xj0quwx7OkL6MKldnAqLw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12298
x-fb-rlafr: 0
x-fb-debug: LBePI5S15/LuwRirSpshXQ1M6qA5JWed2A64PamOK2Rk4nYs2PqcpF/nbr9MoLvReaOIgBeXCDIzXU3VedpzXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Mar 2023 21:13:27 GMT

GET
H3 200 ZcEEO3vVIk7.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame FCB1 778 B
458 B 8ms
7ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ZcEEO3vVIk7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: frqfMJ6oaa+P17vesUCn7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 404
x-fb-rlafr: 0
x-fb-debug: a/61h6R1J27SSX2B6MBy0BC4nzCK7IRLd85JDoXHRLKm3/mpbd+q7VKPLiR3G1DGcK7enPYRQpKRjR3YWMGbNw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Mar 2023 21:23:55 GMT

GET
H3 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame FCB1 125 KB
20 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DaMRuE+YoIxDIzGIPbrOjw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20378
x-fb-rlafr: 0
x-fb-debug: az8vC/cqnUAEQ6sajP3QOR3Wa/WOiPPk2SMhW8qHHkeakf1D4d7ORx6E9ghtq/crEW53vfM8qmVnqjUOKijw8g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Wed, 08 Mar 2023 19:15:56 GMT

GET
H3 200 Yb0gveej7nV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame FCB1 307 KB
82 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/Yb0gveej7nV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45a68bb9220716fcb332c302d3dc235742aea8cc76018efbf0f702d020691761

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kuEibdsVDuSXULzMqzsIbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84398
x-fb-rlafr: 0
x-fb-debug: PU9wETZQVioWQeOoMdtz/DxCU80rnh6fZSJ8JkqQhfn792M1twOIjz7Zs3VUqeSljDgY88qB6LX99v8e5pR+eQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Mar 2023 00:28:59 GMT

GET
H3 200 SEL4f826Zb8.js Show response
static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/ Frame FCB1 156 KB
43 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iN_84/yR/l/de_DE/SEL4f826Zb8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1d96225a7734a52ae43f75b708e8bf8d34bfd3b1d1891b4333d10d908375e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: H8zMw9SQtmyF1XIURj6M8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44483
x-fb-rlafr: 0
x-fb-debug: W7zXxxGnG4VaMs/w0mNmGhXBd2LOXZ3qf9sPmGLfjZRjGQxffZUmxLcb7yGux2pzTgiU+4E2V4at25hXnnHuLA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 17 Mar 2023 02:07:12 GMT

GET
H3 200 H6F6P2y97Sv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame FCB1 32 KB
10 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/H6F6P2y97Sv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40d82d62cfb160d556344e39325f94e4779037d881c32a95e02d92b1fdf4b457

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bxSIDQzM4yk5nDKEg3PlZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10319
x-fb-rlafr: 0
x-fb-debug: 65ayS4/crFX4Y63K992Elzn19gMhf9GSmRmPXteYzNMnLMegg2GQYYuTBjz9eGl2FKhTsMdRkos4LvVn2TNyKA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 16 Mar 2023 20:59:05 GMT

GET
H3 200 bo5RAEUMs8d.js Show response
static.xx.fbcdn.net/rsrc.php/v3iObv4/yh/l/de_DE/ Frame FCB1 1 MB
333 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iObv4/yh/l/de_DE/bo5RAEUMs8d.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fffca3d7efda3c386f1d8721bb673c6e9b6105b719fd547909f55d416a5cbd32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GLZ/UQc2hQE/TdP0hDzrXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 340680
x-fb-rlafr: 0
x-fb-debug: YR6wuCtfmklHEV77/D2eXD4aGb9lJ8VWoAXwrsm20lqP/mnobsphAX0ye1RIK9y67h9MNRF/oUziwV8MPutH2A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 17 Mar 2023 08:50:22 GMT

GET
H3 200 NhvSSrc56J2.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/ Frame FCB1 41 KB
12 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVab4/yF/l/de_DE/NhvSSrc56J2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=404932156383110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df308235ded8daf4%26domain%3Drheintaler.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frheintaler.ch%252Ff295d9466b921f4%26relation%3Dparent.parent&container_width=560&height=100&href=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&locale=de_DE&numposts=5&sdk=joey&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8266ed2708ada787994cb1d2bed707a2d9c311283973bfc2673412551e9aa0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5xj0quwx7OkL6MKldnAqLw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12298
x-fb-rlafr: 0
x-fb-debug: LBePI5S15/LuwRirSpshXQ1M6qA5JWed2A64PamOK2Rk4nYs2PqcpF/nbr9MoLvReaOIgBeXCDIzXU3VedpzXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Mar 2023 21:13:27 GMT

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame FCB1 251 KB
251 KB 7ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:51 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: 8xz6/p6MXqzch2yJjspYml7+w6lLMaYZ9Jq4Bd0EnSceBmUXTx2kMWTs9RhBeM4sswg/O6jGQ7TNLHUe+zZDaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Mar 2023 18:04:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 61ms
60ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed8a3b6ee3100e540ce05f556a102e48763408ea1a2664595ee2cd9bc1f1fcf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10667
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
961 B 155ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=2906652&pu=https%3A%2F%2Frheintaler.ch%2Fartikel%2Fpromotion-boersen-im-bann-des-krieges%2F82180&t=Promotion%3A+B%C3%B6rsen+im+Bann+des+Krieges+-+rheintaler.ch&cts=1647525531941&vi=f006bdfaef43852dbcaf43a579ce7a20&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b1925e98-bac2-47ec-85f4-8487d9463252
cf-ray: 6ed63eeecf255c4a-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSexoP41q4mglXiwzR77s17SnCeB%2BTXnbCt9cWK%2F%2B1TXtYu6PBE64r7C3smcD5sMgw0MFmVm6%2Bi3C47q6799iCJ%2Bi6notSYlnOZaj1HAymqZR%2BdkpMA6lJ66c62s2Dbc0zJDLaUAgjNRnyzrEnXa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 108ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Mar 2022 13:58:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 58E9 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 13:15:45 GMT
expires: Fri, 17 Mar 2023 13:15:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9787 783 B
535 B 98ms
49ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6340b1c3348f517f66ed5e47e680caa046840ba162750a34ca8fff48e291fefa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-57mwvwpZpLEAl7DUv6RIsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 17 Mar 2022 13:58:52 GMT
date: Thu, 17 Mar 2022 13:58:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-57mwvwpZpLEAl7DUv6RIsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame 58E9 35 KB
14 KB 88ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:15:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9787 0
0 122ms
122ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=1148987290650438&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 58E9 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zaGdlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:58:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=1148987290650438&bg=!tLelt_PNAAba2mK92to7ACkAdvg8Wjd1kED6p71pnRsgRH1f5iIJ5wTSDB5eozUKDB1A_YU5_048xAIAAABgUgAAAAJoAQeZAtYjn1GRG28ME-LEVgUldSKIoDG6srggVwmC-hdkgNRf7aR1AN_kMBmKPTV9k2m2Lng8L74wMoD14yidrzSk1tNXOy61EiPtHlhZ-kJT_Qq1zU30vahJ4BtxKBoyK52d469sOrzGL3-zuR9OAlpWy-YG-MlVXDOYulRQNyCjozHkb1NHwOsmz1RVdh2VLI7k9bHthngfIPOoiObPn7Z-BA9SJj5bS3GW_g6LJ3nPau2nJ7Uh-1U_ehbE4axtklEx_Rp_SveR10_16Az-XV2ip5lY8Wcy4XrGhUcpgL2Mfy2LKJO0vWHzzirxd8_mnG6OXsrEpuXQja3HMT-liWhT_fXYIU1Eb_Q8pWdpEY1sVaTXYtwMv-FXvUT1evj8TVPu2fJmglZgtkYs6aKg8kemBqclOntIhsxX9q6fv_w5s9XLCCk-aEF7lTHfRIMb7ZPWqLEc_CwePAwrzrGI75MWL91lzoGPs_aZUxRl2_Xu4KyDDnZ6yaQq09-E6jLCgMOF_DgIaHKAOjRqGM206bOTe339cLKLGLyV9twRMF0mnC5K5TeehvNo429J2n0HKBiI6KxREVg82kwwAIPWVX8GtVAG1g4hPZS8BltnY1a9c0QQs_uV32Z7EuXfm8dCpv5Nsywrp5emJ8NhzpSDWetiuFvuKI3_ZpszlFjCcKahqdxWLOw4vOOBwJCyAlFFKpbbLflX4vu8DJT2S4azKZLexKcTzCWurtUJkKhiq-WOKpCDcAtr-GC69GKBMwyOIgDnikV9a-Q7sBs5fe8ifUPiaqcyRW8DxbNsVKqlGOYxToRXYmDeqlyCb8pf_wF9DCToepPM3NWuMUxIdXZ0nhBbHxF6GuFg6Vc_HZfSeYOB6mGVhFUw5XckTlCl4MpqqHuz5RB6o1lhcSioZ_fuxSzG1a0R1jP1SunZLhVI029LwWBG9I1v3-XGl17guz29qLlrTNgBqtXCMhA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rheintaler.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rheintaler.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: p7jqk8r7tvgobnbjh9ko4uk8d4
.adnxs.com/	1970-01-20 03:48:21	Name: uuid2 Value: 6508902108171983105
.myfonts.net/	1970-01-20 01:38:47	Name: __cf_bm Value: r4ZFd62R3hPcn2SJe7f1kgttDoqUdRxOEg6M4v6SRlE-1647525528-0-Aba667FL6xoq3OmlU+g6XYnfiVOUJRWSQmdjXhldDD+r62AiLcNVFAh67r6byFeG7x/GMCsYwvyhHJXgZZVHwfs=
.adnxs.com/	1970-01-20 03:48:21	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVHkCH5w!]tbP6j2F-XstGt!@DWe$fB?m
.mathtag.com/	1970-01-20 11:04:40	Name: uuid Value: 691c6233-3e98-4100-87d5-1ec4d960c493
.mathtag.com/	1970-01-20 02:21:57	Name: mt_misc Value: mt_bt:1
.rheintaler.ch/	1970-01-20 19:09:57	Name: _ga Value: GA1.2.846688142.1647525529
.rheintaler.ch/	1970-01-20 01:40:11	Name: _gid Value: GA1.2.207014956.1647525529
.rheintaler.ch/	1970-01-20 01:38:45	Name: _gat Value: 1
.rheintaler.ch/	1970-01-20 11:00:21	Name: __gads Value: ID=85f6e25fcaadf493-22afda8b5fcd002c:T=1647525528:S=ALNI_MYKMV8zXUBfYWsHm7ZMTD8enJIJ_A
.doubleclick.net/	1970-01-20 11:00:21	Name: IDE Value: AHWqTUnybpPXaCtH17loKHZmgMKib6hpwdlOuoo-n-0wM9h1hojjad-zWtigspeQiXA
.rheintaler.ch/	1970-01-20 05:57:57	Name: __hstc Value: 100392705.f006bdfaef43852dbcaf43a579ce7a20.1647525531939.1647525531939.1647525531939.1
.rheintaler.ch/	1970-01-20 05:57:57	Name: hubspotutk Value: f006bdfaef43852dbcaf43a579ce7a20
.rheintaler.ch/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.rheintaler.ch/	1970-01-20 01:38:47	Name: __hssc Value: 100392705.1.1647525531939
.hubspot.com/	1970-01-20 01:38:47	Name: __cf_bm Value: M5XDcxfV_mb69C059BIHIuUJI96sqrJrS8JLyAL4fec-1647525532-0-AWGXVSWahKOKWa1k98ErITB8tCfGVsW3vHaMXYW8noD5I1WAoje69C3M1vafiZnSZ4cPsM0mzir1orQERYuM7Dk=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://graph.facebook.com/?id=https://rheintaler.ch/artikel/promotion-boersen-im-bann-des-krieges/82180 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.rheintaler.ch
buttons-config.sharethis.com
connect.facebook.net
count-server.sharethis.com
ede2601676558029fd8ae5bdf727d32a.safeframe.googlesyndication.com
graph.facebook.com
hello.myfonts.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
l.sharethis.com
pagead2.googlesyndication.com
pixel.mathtag.com
platform-api.sharethis.com
platform-cdn.sharethis.com
rheintaler.ch
s.imgur.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.181.226
151.101.12.193
18.66.248.46
185.33.221.13
2.21.141.186
2600:9000:2182:f800:c:abe:f440:93a1
2600:9000:2260:8200:1d:85c3:6640:93a1
2606:4700::6811:45b0
2606:4700::6811:d6cc
2606:4700::6811:f349
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:400c:c1b::9c
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.123.86.254
5.148.168.157
52.222.137.26
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0edfb76cb333acfa7d4a27e180b7f699d75f6d05e335ccf59e7b30656a2f4c14
12d5906df1c38b0fe50afe3d42c853776616339ca24bd165698405889cd67c01
14d38e05ee174b84c0106fd20b544ac6e8cd5e99ac0de746ef885a69544ced21
15017f7f166806cfcef0588034ac1c9a0fa502ff4546dd945d00b4fcb4f54b5c
1790fc57c23620256ce678503596bc153249c9b7214e19b244067ced81d72ce9
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061
28a1fc0e197e1b69499e33c86c04ce4f38bcd7b5e6acc1a7cdcc8a27186e5763
2ba338ebf61cbce53a2cb1d57d5eb0344c85f825fe83e8e8069f789e204f128e
2e40fc28c172d144e48ffc2a538b32bcecc442c8898394137cc12c9ee7f8276f
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
32e1e8571cb721a64341b26f46fb3bae53f66e4c42ffbacb141bd88eaa8da2be
34b1438d5293811c4cfd0bfdda84211c7c3e4681d61ff3699e3d52114a985c60
36785d73319ac0f6ea29901a1883546f7a1c583a800d0d5d67186f6f269375ca
3ddfd4a4e8a7c642a1f9ae8dbb8f5e9d12d5ee5558a4b40f4027b5e5ddf2749b
3e1508907b24563f66afecbb68255184e59bbfeffd9c133113aca0fae9d4c806
40d82d62cfb160d556344e39325f94e4779037d881c32a95e02d92b1fdf4b457
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
41bc28d3388ccbd4d30955102fe5c3eaba696c9a072849d762e517fa6b1979cd
45a68bb9220716fcb332c302d3dc235742aea8cc76018efbf0f702d020691761
4c5a154b22d336cad91674637f38154d8014914d2647d233c431c256059e735a
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595330e7065b1624186714c523bebb73d7295f802c387f385ebdd432f9f32231
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
60e783406a62047fa6c78fcc5e867e24961eadb40461af0262e854e95256afa0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6340b1c3348f517f66ed5e47e680caa046840ba162750a34ca8fff48e291fefa
64a5dc4a840c29926dc8c1b3b3437cc18561c0b874a2c04c671bf4107b4b3ce9
66d6b7da2b114a46449210454bae21ea187d9aeb740a43d7443d800a1bc5da51
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
799332bbfc68dcffad05036609a577bb649a62ece5453945e9bda400313568b9
7ac19d6e3ee81333c3f1b3656cb466efe74647ec4ec802dff3ea42db5061754d
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7c962d2f3c6d6f0150576560d1dac2d564b09d604ef3aa6a13ecd8d63216eb68
7e918df9b59bf81ca749f47ebc60fd6536bef997388b3cb6dbf250dc4a35e618
8266ed2708ada787994cb1d2bed707a2d9c311283973bfc2673412551e9aa0b5
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856765ebd5b9b928aebd57f2500af4945b809cf2b5c9b9003b01929fc0716d24
87201145680dbffd0397623ba7cfb3543c0eaa2bee63ec075db0e1d8e23371da
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8f590a80bf63d2d286e38968816a7dabafcf5f5493f49978bff33dc83805187a
901c190b981667cc2188e641600ddafa208f7400d568a08f8363d288b6246917
906497f52e13b18993845b1ad8e47ae2b58bae1ad40323af8299a5144b37e37a
932ecf71d8b8455a394658fd82ce60544ff6b62f3837b78417d06f814fcba552
9368d3caea8e5c37e0eed41a69d41be7c83191fa02d43d0513084ddd1af3f579
9751a70da29e7b48d5a45a08d4c14a74314ea4c9edf79c04dbadc8436995ad7c
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2228e17f8829f9176d68e24cb0e3f4e9d4a13b071dd7dbd37f1ef75d005e755
a463dcc746f9b588134714387f9bbdb34da3005ad33291e74668afead3336f49
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a927011db8f3f40473dbcadabd9faf1b585a78063b4e249a227d3659cf1e4711
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04f3cc4a362d88b3cc13f0fc360adc899b594f47618b9816521bb57ec7ae1e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c6b933014858ac8362a84daa391a04d2d7d39c44c9ba67f4291746060ee7fa
b6941bfc49f25d2aba8d4f3bbea319f5aa3b1e337e7067093ea712b5195d2a94
b82b3469e0011c26d007f15fadf7da25ab00e11803509513b40be5c8a1dca2ad
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bcb0e772749392ca256ba5b30b6213d22b21a25b7101306d898c616c65c8da82
bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cd6b430fe5ddb36be884a16d3c16bd6a4cf8397af71d7f5f9bb9e78d9b459b2b
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d3269f14b838d598dd688a06686a9473ee0575e04f1763c663407d7fc4a49dd8
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
daa86adb355b0f19e9d58272ffd8bd7d5331348d3b444730a2de6ee147df0123
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e0854d2c1c15690cfadaf6e1ca745174dc353f92aeb79ce7a797b24ee57a4ae9
e1d96225a7734a52ae43f75b708e8bf8d34bfd3b1d1891b4333d10d908375e48
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e967fb8dba7170dbb7c1fcc0d4af7cea34ad464b892df32efc7d7b9629f7929f
ec06fd9e7cdece14e722473b89ffb6edaa7bf385330ce39113643588b06a8bb6
ed8a3b6ee3100e540ce05f556a102e48763408ea1a2664595ee2cd9bc1f1fcf0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08a2b67c49df596d67a1af3e5533f967f6949de6907963972fadeab5e1adb36
f5cd7b1ca67498af68e72d3eb2d57b4077feca132311bfe1996f185af42b0d3f
fffca3d7efda3c386f1d8721bb673c6e9b6105b719fd547909f55d416a5cbd32

rheintaler.ch Open in urlscan Pro 5.148.168.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

73 %IPv6

21 Domains

32 Subdomains

31 IPs

5 Countries

2776 kBTransfer

7707 kBSize

16 Cookies

12 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rheintaler.ch Open in urlscan Pro
5.148.168.157 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

73 %
IPv6

21
Domains

32
Subdomains

31
IPs

5
Countries

2776 kB
Transfer

7707 kB
Size

16
Cookies

123 HTTP transactions
-1 data transactions