urlscan.io logo urlscan.io
SecurityTrails logo

r-st.ch Open in urlscan Pro
81.18.31.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://r-st.ch/
Submission Tags: @phishunt_io
Submission: On December 22 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 7 countries across 16 domains to perform 59 HTTP transactions. The main IP is 81.18.31.67, located in Switzerland and belongs to AS-NETRICS Switzerland, CH. The main domain is r-st.ch.
TLS certificate: Issued by R3 on December 21st 2022. Valid for: 3 months.
This is the only time r-st.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    81.18.31.67 (Switzerland)

ASN50785 (AS-NETRICS Switzerland, CH)
PTR: manto.netrics.ch
r-st.ch
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    23.32.243.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-206.deploy.static.akamaitechnologies.com
chimpstatic.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    13.226.153.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-103.dus51.r.cloudfront.net
downloads.mailchimp.com
3    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.96.147.196 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-196.deploy.static.akamaitechnologies.com
mc.us12.list-manage.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
25 r-st.ch
r-st.ch
3 MB
7 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 11610
108 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
ssl.google-analytics.com — Cisco Umbrella Rank: 289
37 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 365
183 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6041
674 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
632 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 414
3 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
63 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
111 KB
1 list-manage.com
mc.us12.list-manage.com — Cisco Umbrella Rank: 92253
8 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
58 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4635
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
30 KB
59 16
Domain Requested by
25 r-st.ch r-st.ch
7 downloads.mailchimp.com chimpstatic.com
downloads.mailchimp.com
4 maps.googleapis.com r-st.ch
maps.googleapis.com
3 www.google.de r-st.ch
3 www.google.com 1 redirects r-st.ch
3 secure.adnxs.com 1 redirects r-st.ch
2 www.youtube.com r-st.ch
www.youtube.com
2 www.facebook.com r-st.ch
2 stats.g.doubleclick.net 1 redirects www.google-analytics.com
2 connect.facebook.net r-st.ch
connect.facebook.net
2 ssl.google-analytics.com 1 redirects www.googletagmanager.com
2 www.google-analytics.com r-st.ch
www.google-analytics.com
1 mc.us12.list-manage.com downloads.mailchimp.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com r-st.ch
1 www.googletagmanager.com r-st.ch
1 chimpstatic.com r-st.ch
1 code.jquery.com r-st.ch
59 18
Subject Issuer Validity Valid
r-st.ch
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-15 -
2023-11-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-30 -
2022-12-29		 3 months crt.sh
downloads.mailchimp.com
Amazon		 2022-07-06 -
2023-08-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
wildcardsan.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-06-29		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://r-st.ch/
Frame ID: 7CC60A74915F34F282451BFCC94D0E90
Requests: 55 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Frame ID: 354B6A1A4413F9DD6A9207507CE87E87
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Frame ID: F8348CEE3AE6D95DC4A1B46351F0D2D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ramseier + Stucki Architekten AG - Home Instagram-595b40b75ba036ed117d7f85ac-i_chevroniconmonstr-facebook-1iconmonstr-linkedin-3beurkundung-linesendausbau-linesfinanzierung-linesgarantiearbeiten-linesgeneralunternehmerdosier-lineskaufsabsichtserklaerung-linesrohbaubesprechung-linesschluesselebergabe-linesyoutubezoom_icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

97 %
HTTPS

67 %
IPv6

16
Domains

18
Subdomains

18
IPs

7
Countries

3450 kB
Transfer

5452 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://secure.adnxs.com/seg?add=5251762&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5251762%26t%3D1
Request Chain 42
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1040676309&utmhn=r-st.ch&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ramseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home&utmhid=1686488663&utmr=-&utmp=%2F&utmht=1671693435112&utmac=UA-26703297-38&utmgtm=2wgbu0N9G6MQR&utmcc=__utma%3D213644823.1939018776.1671693435.1671693435.1671693435.1%3B%2B__utmz%3D213644823.1671693435.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1588134557&utmredir=1&utmu=qmAgAABAAAGBAAAAAgABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309&slf_rd=1&random=1481516686

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
r-st.ch/ 		102 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d5e219ec316300a4b8d54b92a13157b2096828435bd9305d9addb0a84b0ffefd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate
content-encoding
deflate
content-type
text/html; charset=utf-8
date
Thu, 22 Dec 2022 07:15:37 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:17:14 GMT
content-encoding
gzip
x-sp-metadata
HS256.CIqlkJ0GEpABCiQxYWVlYTMxZi1kOWVkLTRmMDMtODczZS0xOGUzZGUxNGQ5MjQQ+OiCoKvU+wIaBgj6iJCdBiIVMjAwMTphYzg6MjA6MzAxOjoyMDFlKKCVAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTFiNTkwOGItYTU3Yy00NjE3LWIzZDMtN2M4NDMxY2Y5MzIyGLPpASIYCAISFGNkczIzNS5mcjguaHdjZG4ubmV0.nfgQUXk44PudHSEfDrLkwznklB36rPCFEi/Y0rD5fjs=
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e55"
vary
Accept-Encoding
x-hw
1671693434.dop224.fr8.t,1671693434.cds138.fr8.hn,1671693434.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
modernizr.js
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/js/modernizr.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bbec5af50b5792e7757610f172c61d3d15889196528a97192f5aa52a59824f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:37 GMT
content-encoding
gzip
last-modified
Wed, 08 Jul 2020 14:45:15 GMT
server
Microsoft-IIS/10.0
etag
"73a52643655d61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3044
js
maps.googleapis.com/maps/api/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCD2EfNvmHw5oB1PsVFs_XDy2C5jQ4ibxo
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
d86e99094c4449ce8da931cc659f8304e2c2b3866d9fe105f0ac7295e3598e48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:17:13 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=17
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53888
x-xss-protection
0
expires
Thu, 22 Dec 2022 07:47:13 GMT
main.css
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/ 		342 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb25ee3c525f591ccfa1ba752dd41fff2b63467b225f420fa8812c4349832f35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:37 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 11:39:21 GMT
server
Microsoft-IIS/10.0
etag
"88d13451e8cd61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
63240
WebResource.axd
r-st.ch/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/WebResource.axd?d=U6wI96_4Vnm7FWJ2Ra_agtetAmOOtrHc1-J1GNwS4lg7k-hAC02clh96HyzLMIsUEhLOrPPI8_SB5V-1YoevwMCCcrRMgKY3R68gBKi1xMg1&t=638070615467199102
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:37 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 14:45:46 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
content-length
6007
expires
Thu, 21 Dec 2023 15:06:50 GMT
ScriptResource.axd
r-st.ch/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/ScriptResource.axd?d=fWl2pOfCoezARzBryKBbAl1vwXevQCb_Uy7CApCoUUNc5XQrzN4HKPcIJNuuHx72OM-ZVB1bJOMcZLHgcfzeJKUN9TQRqnW8J8N-NMw_lqH8oE6VACdhSZDd6-fWAw9e0&t=7c776dc1
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 15:06:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
content-length
27722
expires
Thu, 21 Dec 2023 15:06:50 GMT
ScriptResource.axd
r-st.ch/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/ScriptResource.axd?d=9qUuiDdS2__wrfMC5yspy6hWfB5sexo3u4vvpFqQhBtevuTKH5LauLHyeq9c7W7uzsXNSDREVs28i_F7Fax8ghv3qzClKjgKmDAbTVKItd1nhWeRwuthVSLzs-qy9WjK8qD-GPs9qskY-EJsKiK8uA2&t=7c776dc1
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 15:06:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
content-length
9936
expires
Thu, 21 Dec 2023 15:06:50 GMT
abbe96f21906f70e5c8905318.js
chimpstatic.com/mcjs-connected/js/users/af7fd1997ca127c761e4ea733/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/af7fd1997ca127c761e4ea733/abbe96f21906f70e5c8905318.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-243-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
278f1c6a055c77529b2595fb4d59d53e217038144ebfc36b33dc80351c593fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
97, 378
Date
Thu, 22 Dec 2022 07:17:14 GMT
Content-Encoding
gzip
x-amz-request-id
RC42PKDX3SS3620X
X-EdgeConnect-MidMile-RTT
0, 0
Connection
keep-alive
Content-Length
1223
x-amz-id-2
foGhR/++UOmhvtXLEjHDdTwwNy+U1o6SL+ZsfSixQ+22/4zcw8dC+Lwh5UHMvzQjWDZqJh1MD2E=
Last-Modified
Wed, 03 Mar 2021 09:27:12 GMT
Server
AmazonS3
ETag
"42e94cccbde9061f79512e022e4f316c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1788
Accept-Ranges
bytes
Expires
Thu, 22 Dec 2022 07:47:02 GMT
gtm.js
www.googletagmanager.com/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9G6MQR
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45421db3bf5aea05e01065d0bc6f1ec09cf72d286f4629e1e4c2361042c3bf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:17:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58918
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Dec 2022 07:17:14 GMT
505-Tannenbaume-2022_1.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Unternehmen/News/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Unternehmen/News/505-Tannenbaume-2022_1.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
76122faf47d255fd60932e5622a544bfdcce25df344859391a0b4f3f2f4faeed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Thu, 24 Nov 2022 13:44:16 GMT
server
Microsoft-IIS/10.0
etag
"cd927ad8a0d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
113960
Verve_Aussen_Garten.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/VERVE%20Seedorf/Slideshow/Visualisierungen/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/VERVE%20Seedorf/Slideshow/Visualisierungen/Verve_Aussen_Garten.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c235bb7e875bc88612a3efb177ec3015480c40874c1d1df2f5fcda792e6db218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 06 Sep 2022 15:12:53 GMT
server
Microsoft-IIS/10.0
etag
"4643fc223c2d81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
128481
berufstage_zukunftstag-2022_1.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Unternehmen/News/ 		374 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Unternehmen/News/berufstage_zukunftstag-2022_1.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ea55e6b60f385b0ebea350a7a37b845efa10187d88eb78f36af80cb2bcb0bc94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Thu, 17 Nov 2022 09:09:55 GMT
server
Microsoft-IIS/10.0
etag
"b946c55b64fad81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
383330
Raumwerk-Slide-3.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Dienstleistungsprojekte/1004%20-%20Raumwerk/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Dienstleistungsprojekte/1004%20-%20Raumwerk/Raumwerk-Slide-3.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f17e033e06b27cceed36cab68eae394f0746947ef0d03617ab0c6224cb345df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 02 Aug 2022 08:20:23 GMT
server
Microsoft-IIS/10.0
etag
"9c14eb648a6d81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
116784
aci.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/img/logos/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/img/logos/aci.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4dc7796301c5e57de84d15b6318bb529bb787967847109d3262bf822f67eb700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Mon, 22 Feb 2021 13:55:00 GMT
server
Microsoft-IIS/10.0
etag
"0d29d4f229d71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
32698
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=5251762&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5251762%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5251762%26t%3D1
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 07:17:14 GMT
AN-X-Request-Uuid
9fccd522-091b-42c5-b85b-62ee3c10bc81
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date
Thu, 22 Dec 2022 07:17:14 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0794999f-3fbb-46e4-ac4c-dc20a699b891
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5251762%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=5251762&t=2
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 07:17:14 GMT
AN-X-Request-Uuid
36782085-b027-4e04-88c3-9d3ee06f7e15
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
app.js
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/js/ 		418 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/js/app.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a783363c2523763b1f674c5429f4efc9a939a2c983d7208f0019461d4e25284c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 11:39:16 GMT
server
Microsoft-IIS/10.0
etag
"f584fb11e8cd61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Dec 2022 07:17:14 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCD2EfNvmHw5oB1PsVFs_XDy2C5jQ4ibxo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://r-st.ch
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Dec 2022 05:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6757
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 22 Dec 2022 07:24:37 GMT
AvenirLTStd-Light.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/avenir-light/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/avenir-light/AvenirLTStd-Light.woff
Requested by
Host: r-st.ch
URL: https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d55a962669cde606819bba2d750550203b5f3c439b59f41a0e6a1e76a6517901

Request headers

Referer
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Origin
https://r-st.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Wed, 08 Jul 2020 14:45:15 GMT
server
Microsoft-IIS/10.0
etag
"51d362643655d61:0"
x-powered-by
ASP.NET
content-type
application/x-font-woff
accept-ranges
bytes
content-length
15120
AvenirLTStd-Heavy.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/avenir-heavy/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/avenir-heavy/AvenirLTStd-Heavy.woff
Requested by
Host: r-st.ch
URL: https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff20053401d8818607d7ea646cfc1e1b7db863d9800d597510ef55e6a08cff57

Request headers

Referer
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Origin
https://r-st.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Wed, 08 Jul 2020 14:45:15 GMT
server
Microsoft-IIS/10.0
etag
"38f15d643655d61:0"
x-powered-by
ASP.NET
content-type
application/x-font-woff
accept-ranges
bytes
content-length
15220
rst_Startseite-Header-Moon.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Header_Teaser/Header_Startseite/ 		340 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Header_Teaser/Header_Startseite/rst_Startseite-Header-Moon.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f053808e6762f53af3bc5e652b3b774ebf3db35c9db67dab08099bc9da2b80db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Wed, 16 Sep 2020 14:52:35 GMT
server
Microsoft-IIS/10.0
etag
"cc49943398cd61:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
348565
Header-PanoSuite-2.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Diessenberg%20Boll-Vechigen/Header/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Diessenberg%20Boll-Vechigen/Header/Header-PanoSuite-2.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5643b1b66ce0d2d3ef396d6e92a77208e6472d09bb9fb49dc0d5053c0f411f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Mon, 06 Sep 2021 14:41:22 GMT
server
Microsoft-IIS/10.0
etag
"da6056432da3d71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
148992
rst_Startseite-Image-2.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Header_Teaser/Header_Startseite/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Header_Teaser/Header_Startseite/rst_Startseite-Image-2.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef9d17f63c86263545b9ffb4cf1771ba3d6dbb13517390c8e60d6927231a9877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Wed, 16 Sep 2020 14:52:35 GMT
server
Microsoft-IIS/10.0
etag
"3f1dda3398cd61:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
252341
Panorama-Rubigen-Header.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Innenarchitektur/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Innenarchitektur/Panorama-Rubigen-Header.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da6745c0d45918534c73566127b6ce457b4cc8f8bbf50b4caf3711651acbfd92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 01 Mar 2022 07:16:40 GMT
server
Microsoft-IIS/10.0
etag
"2414e4c3c2dd81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
220760
rst-web-karriere-header-collage.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Employer%20branding%20renderer/ 		263 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Employer%20branding%20renderer/rst-web-karriere-header-collage.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21c39b72deca45db774545698991ed398adc5ba5a07a2389e57091349ed01f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Thu, 08 Dec 2022 13:14:58 GMT
server
Microsoft-IIS/10.0
etag
"9c4f68127bd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
269403
Verve_Aussen_Garten_Teaser.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/VERVE%20Seedorf/Slideshow/Visualisierungen/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/VERVE%20Seedorf/Slideshow/Visualisierungen/Verve_Aussen_Garten_Teaser.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f4336b18d1b9a8402ad1517386b7b31df3d4f9c634b0ab7d8f3b2491c8d016e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 06 Sep 2022 15:12:53 GMT
server
Microsoft-IIS/10.0
etag
"ca6822233c2d81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
133172
Teaser-Wohnung.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Panoramapark%20Grenchen/Teaser/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Panoramapark%20Grenchen/Teaser/Teaser-Wohnung.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c3462e08cae14f17859256ff75ce56369c4c63c28f84bc978e85a305a81eba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 07 Sep 2021 20:28:36 GMT
server
Microsoft-IIS/10.0
etag
"1c3b8ef26a4d71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
108831
Teaser-Diessenberg-Bett.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Diessenberg%20Boll-Vechigen/Teaser/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Diessenberg%20Boll-Vechigen/Teaser/Teaser-Diessenberg-Bett.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3658754d484229f9701566d518df7380df06a38bff164d6268262b4a9de02ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 02 Aug 2022 08:20:01 GMT
server
Microsoft-IIS/10.0
etag
"27fc35a948a6d81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
136258
Teaser-1.jpg
r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Zwischen%20den%20Giessen%20M%c3%bcnsingen/Teaser/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/content/Objekte%20im%20Verkauf/Zwischen%20den%20Giessen%20M%c3%bcnsingen/Teaser/Teaser-1.jpg?ext=.jpg
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cd0d802d3ca07bebbbe93e7655f12cc3bb0c9e29fe268404900a1f393377b962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Tue, 25 May 2021 12:24:47 GMT
server
Microsoft-IIS/10.0
etag
"1fc839f36051d71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
67560
fonticons.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/fonticons.woff
Requested by
Host: r-st.ch
URL: https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6aeb297681bc2dffbe15004825a44e6bb6d816e8fb961b0c08f10e6a8492f891

Request headers

Referer
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Origin
https://r-st.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Wed, 16 Sep 2020 11:39:18 GMT
server
Microsoft-IIS/10.0
etag
"53c74b31e8cd61:0"
x-powered-by
ASP.NET
content-type
application/x-font-woff
accept-ranges
bytes
content-length
2840
FreightDispProBook-Italic.woff
r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/freight-book-italic/ 		92 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/fonts/freight-book-italic/FreightDispProBook-Italic.woff
Requested by
Host: r-st.ch
URL: https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
manto.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ed448edc4945ff2f50f53ab4fd3a5be686177eab6cbddcf15cde59e072dd4f1

Request headers

Referer
https://r-st.ch/Ramseier_StuckiArchitekten/media/Assets/css/main.css?v=2020-4
Origin
https://r-st.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:15:38 GMT
last-modified
Wed, 08 Jul 2020 14:45:15 GMT
server
Microsoft-IIS/10.0
etag
"6e368643655d61:0"
x-powered-by
ASP.NET
content-type
application/x-font-woff
accept-ranges
bytes
content-length
94344
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052501056/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052501056/?random=1671693434745&cv=9&fst=1671693434745&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fr-st.ch%2F&tiba=Ramseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
702716d15dc8e82fadd07062f66b835ed791d80397bbbd87c77958b77b0086cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
934
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9G6MQR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Dec 2022 05:51:02 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5173
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 22 Dec 2022 07:51:02 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 22 Dec 2022 07:17:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zawZZOoTfu6KMSJ2DXmkjaPQnXbViAsqoyuPA64InvMIM0x1eYGgb/bRNNpsuStkCrZbxSxZoiRMypysUTYH8Q==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1686488663&t=pageview&_s=1&dl=https%3A%2F%2Fr-st.ch%2F&ul=en-us&de=UTF-8&dt=Ramseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1895882587&gjid=260794420&cid=1939018776.1671693435&tid=UA-26703297-38&_gid=1021422591.1671693435&_r=1&_slc=1&z=1240395545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://r-st.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r-st.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 		217 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by
Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/af7fd1997ca127c761e4ea733/abbe96f21906f70e5c8905318.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b6b9460628f90ea3198218e3960a034c3078088dd324864708c48c5810e1b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 16:26:37 GMT
Content-Encoding
gzip
Via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 08 Dec 2022 21:28:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
53439
ETag
W/"3281ba63652083b7a938a78b62fe19d4"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
JrLtQVx0B-GzI7WsswHuyw5Sz-20a7KYzAAl6hRRPMU86ViBBlNJ1g==
/
www.google.com/pagead/1p-user-list/1052501056/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1052501056/?random=1671693434745&cv=9&fst=1671692400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fr-st.ch%2F&tiba=Ramseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home&fmt=3&is_vtc=1&random=4115848836&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1052501056/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1052501056/?random=1671693434745&cv=9&fst=1671692400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fr-st.ch%2F&tiba=Ramseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home&fmt=3&is_vtc=1&random=4115848836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1895882587&gjid=260794420&_gid=1021422591.1671693435&_u=IEBAAEAAAAAAACAAI~&z=2091834883
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://r-st.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 22 Dec 2022 07:17:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r-st.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
132069252287765
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/132069252287765?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b90214a15f5ce01b00608c50804c3172bdc358b4a33f920b1b65f5af78e97d61
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 22 Dec 2022 07:17:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+a4mOCsBYkGHml25Hh1kZoN1Df4gdxrSBEIjtyrthKV3PyigsILKn5NHXp8EjJwpTHAVJvxU+c3q9B25YaSgog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1040676309&utmhn=r-st.ch&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ramseier%20%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309&slf_rd=1&random=1481516686
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309&slf_rd=1&random=1481516686
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H3
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1588134557&_v=5.7.2&z=1040676309&slf_rd=1&random=1481516686
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
form-settings
mc.us12.list-manage.com/subscribe/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us12.list-manage.com/subscribe/form-settings?u=af7fd1997ca127c761e4ea733&id=d868e0c587&u=af7fd1997ca127c761e4ea733&id=d868e0c587&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.147.196 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-147-196.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
214f60bed8810c2abd13d1e5301c4f01057ccafcfc057b9127bb71862de311b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
x-edgeconnect-origin-mex-latency
160
date
Thu, 22 Dec 2022 07:17:16 GMT
content-encoding
gzip
referrer-policy
same-origin
server
openresty
x-edgeconnect-midmile-rtt
10
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=281
content-length
6838
expires
Thu, 22 Dec 2022 07:21:57 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1895882587&_u=IEBAAEAAAAAAACAAI~&z=526382809
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-26703297-38&cid=1939018776.1671693435&jid=1895882587&_u=IEBAAEAAAAAAACAAI~&z=526382809
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 07:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=132069252287765&ev=PageView&dl=https%3A%2F%2Fr-st.ch%2F&rl=&if=false&ts=1671693435279&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671693435277.300199180&it=1671693435085&coo=false&rqm=GET
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 22 Dec 2022 07:17:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0755de9edee41abdef304a877ee3174f92c3429feaf7c06437822970addbb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 10:13:52 GMT
Content-Encoding
br
Via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
75805
ETag
W/"d3149280c831cbf6538770c71a916f43"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
TKFB_px9SJYjJJVakcd8Of_tIGJjFqUFxKqk_DJlowCjWhOxAZHRzA==
common.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame 354B 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 15:17:19 GMT
Content-Encoding
br
Via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
57598
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
wzt4Lmr7wIshvi1hATyA-4BI8wwfUieGgpxyXHsESq42vGaEu7brEQ==
banner.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame 354B 		1005 B
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 10:13:53 GMT
Content-Encoding
br
Via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
75804
ETag
W/"78d1bdd981816cfbeb6954a85f9efa58"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Gp22rMscgSvcDk4TQzvg4qe5QLrjxI0Ndcd7-qHtUBFVUdn0K7r4gw==
common.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame F834 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 15:17:19 GMT
Content-Encoding
br
Via
1.1 77d8cf253666facea1bbe67902fcbbc0.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
57598
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
J5CHspZ9MNLBowynSzCma5YD51DQWHhML95OF09TP6O3Gfh30_ihag==
layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ Frame F834 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:37:43 GMT
Content-Encoding
br
Via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
57598
ETag
W/"38f50a83c6d5d15facb231447fa1ac56"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
aL0aiaibsly0MBwFZ87RW3qN-ogERc7Lnoz1AtE96T8Uboc907mV3A==
modal.css
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 12:07:43 GMT
Content-Encoding
br
Via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 Sep 2022 15:39:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-C1
Age
68974
ETag
W/"aa6f4416185bd7f299dd89e11dac117f"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
upLyr22IWs7THufwuA1kkv8BXJjqmHzPdvK3XlObVxLJ_CD9a4A0SQ==
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: r-st.ch
URL: https://r-st.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:17:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 22 Dec 2022 07:17:16 GMT
www-widgetapi.js
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 05:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
5265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63032
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Dec 2023 05:49:31 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=132069252287765&ev=Microdata&dl=https%3A%2F%2Fr-st.ch%2F&rl=&if=false&ts=1671693436783&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtRamseier%20%2B%20Stucki%20Architekten%20AG%20-%20Home%5Cn%22%2C%22meta%3Adescription%22%3A%22Architekturb%C3%BCro%20und%20Gesamtdienstleister%2C%20der%20rundum%20Bern%20Grundst%C3%BCcke%20an%20bester%20Lage%20akquiriert%20und%20hochwertige%2C%20zeitgem%C3%A4sse%20Immobilien%20plant%2C%20baut%20und%20im%20Wohneigentum%20verkauft.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671693435277.300199180&it=1671693435085&coo=false&es=automatic&tm=3&exp=b2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 22 Dec 2022 07:17:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
common.js
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/ 		249 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCD2EfNvmHw5oB1PsVFs_XDy2C5jQ4ibxo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 20:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69805
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 18:55:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 20:12:03 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/3/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCD2EfNvmHw5oB1PsVFs_XDy2C5jQ4ibxo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-st.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 09:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62770
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 18:55:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 09:05:50 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| dataLayer function| $ function| jQuery object| Modernizr object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView string| GoogleAnalyticsObject function| ga object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| PM_Postback function| PM_Callback function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| CMS object| sorttable object| SCRK object| classie function| requestAnimFrame function| cancelAnimFrame function| filterMapInit object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| callBackFrameUrl string| requireName object| validator object| currentView object| google_tag_manager object| _gaq function| onYouTubeIframeAPIReady string| eventType function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| $mcSite object| _gat function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm object| parts object| ytTracker function| wrap function| setEvent function| setListeners object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

20 Cookies

Domain/Path Name / Value
r-st.ch/ Name: CMSPreferredCulture
Value: de-CH
r-st.ch/ Name: CMSCsrfCookie
Value: LRn5S4BBKtAYtPl6DCM/VazXL8VmLaWf2hXhEVGL
r-st.ch/ Name: ASP.NET_SessionId
Value: krgzodyuobminlkbgjtnnahr
.adnxs.com/ Name: uuid2
Value: 8383347708537235922
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2IlbniyKz!fss0=Ir4A3KL9D3I?-mT:+P8
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.r-st.ch/ Name: _ga
Value: GA1.2.1939018776.1671693435
.r-st.ch/ Name: _gid
Value: GA1.2.1021422591.1671693435
.r-st.ch/ Name: _gat
Value: 1
.r-st.ch/ Name: __utma
Value: 213644823.1939018776.1671693435.1671693435.1671693435.1
.r-st.ch/ Name: __utmc
Value: 213644823
.r-st.ch/ Name: __utmz
Value: 213644823.1671693435.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.r-st.ch/ Name: __utmt_UA-26703297-38
Value: 1
.r-st.ch/ Name: __utmb
Value: 213644823.1.10.1671693435
.r-st.ch/ Name: _fbp
Value: fb.1.1671693435277.300199180
.list-manage.com/ Name: _abck
Value: D2E264A3E71FFF0A00F213232B57362E~-1~YAAQVVtgaIR31zWFAQAA2ISxOAn7YXCwpvmUirKb00AtKHetW54MmX8VHcdFdMc386Fdo8NqY4S6FXIanOw+svtDZc425BcAuhVvHQAWIM49pxVRBDWjYWKi9t/0K3yg+34Qk1vKQC2gcp7L2tZDUpFt2sDrE/c3Jlt6Xs3DDSnX3C1oNjbslSmueOvVnchTlopFw2QGNa544klxqvLDSTpjk+2jWa/iyzOIZph/12ihgeOpkqlkL5hMO8OAhaPVDZBJ0aMjgrNt1hDE1GDnbloQlByWT1cYv08hTHHHzvumH1HmBdKfIfWpysvXIsW+2QjRf5m4J/z4y80eiFLlAkYBFCOEcTeir+ieDNdNR3EOWg6+/1J+EYCfGQMiy4fsrA==~-1~-1~-1
.us12.list-manage.com/ Name: ak_bmsc
Value: DE3B9D2CD2ADE0C29C83BDCFDB454518~000000000000000000000000000000~YAAQVVtgaIV31zWFAQAA2ISxOBLUxWOWmvizZU+RDVW1AyujIcusBBXzxYjoczO1ESFca4MYIvBgHAiWw0sHuRCB3GzxBWWvXfWilHT1Vz86Btk2NF/FM7djA6M5Rz4Mv/FLagHF3IZpLlnLwmcrrmJ2GowdqPbpQu+c7H15WA+9qX1iuIuYebn8RDL+p4hdhARHiXBU9c3QFZBB5BVTWiYcbkLxfW9gjwMyI60JVCHWvR8+VOn+pu+7XtSHF6dA0GQIsEuD3aM6yi4cPSESNIA65Y7A0uLdqByae+HfNtYVA5d/5W5ZdKGsDdxHXYo+CBewLIdx6QeQjWyPG+38K/MoDn1XyszA601cVWuwsLNWHaqjyYYKGlE/FBw2bxABlsuInMsJg5TzENtFcpkxHS2lbQ==
.list-manage.com/ Name: bm_sz
Value: 80FB3FC32ACA35EA4CA4E4D14CEADEEB~YAAQVVtgaIZ31zWFAQAA2ISxOBKDUela9TvIdsvCnS6jRuKb/LOG/8lOPZRrelL8MfcA7DP/UwEKP8qMZ3gxzGSeg+CsJVLiOGT7kx7+upeM3Rl7yfjyD+RRJ+A02sfmjbbiAw7H9UHf9vkI7KKGTcdLGbFJOnVyAFtTkWit57rzPTvSEIAjjwankxYirxKtHSBGhGcm5oCsZQpaHeeIL/fdFJ4ARnLP+64lAdxDhXGSZYDV9oMfr398OJLQX9Em0IGGNkS7sghNlY/KzYFDubdLNnpuhSeN0/AvQ6oleA2IBATgFuyLqw==~3752752~3552577
.youtube.com/ Name: YSC
Value: ze01LeE2Peo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: SNR9p1yy4Tg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chimpstatic.com
code.jquery.com
connect.facebook.net
downloads.mailchimp.com
googleads.g.doubleclick.net
maps.googleapis.com
mc.us12.list-manage.com
r-st.ch
secure.adnxs.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.96.147.196
13.226.153.103
172.217.18.2
185.89.211.12
2001:4de0:ac18::1:a:2a
23.32.243.206
2a00:1450:4001:800::2003
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9d
2a00:1450:400d:80c::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
81.18.31.67
0f4336b18d1b9a8402ad1517386b7b31df3d4f9c634b0ab7d8f3b2491c8d016e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982
214f60bed8810c2abd13d1e5301c4f01057ccafcfc057b9127bb71862de311b7
21c39b72deca45db774545698991ed398adc5ba5a07a2389e57091349ed01f70
278f1c6a055c77529b2595fb4d59d53e217038144ebfc36b33dc80351c593fdf
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45421db3bf5aea05e01065d0bc6f1ec09cf72d286f4629e1e4c2361042c3bf3e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4dc7796301c5e57de84d15b6318bb529bb787967847109d3262bf822f67eb700
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5643b1b66ce0d2d3ef396d6e92a77208e6472d09bb9fb49dc0d5053c0f411f02
6aeb297681bc2dffbe15004825a44e6bb6d816e8fb961b0c08f10e6a8492f891
702716d15dc8e82fadd07062f66b835ed791d80397bbbd87c77958b77b0086cd
76122faf47d255fd60932e5622a544bfdcce25df344859391a0b4f3f2f4faeed
7c3462e08cae14f17859256ff75ce56369c4c63c28f84bc978e85a305a81eba2
7ed448edc4945ff2f50f53ab4fd3a5be686177eab6cbddcf15cde59e072dd4f1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b6b9460628f90ea3198218e3960a034c3078088dd324864708c48c5810e1b28
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4
a783363c2523763b1f674c5429f4efc9a939a2c983d7208f0019461d4e25284c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0755de9edee41abdef304a877ee3174f92c3429feaf7c06437822970addbb4f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b90214a15f5ce01b00608c50804c3172bdc358b4a33f920b1b65f5af78e97d61
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc
bbec5af50b5792e7757610f172c61d3d15889196528a97192f5aa52a59824f63
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c235bb7e875bc88612a3efb177ec3015480c40874c1d1df2f5fcda792e6db218
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb25ee3c525f591ccfa1ba752dd41fff2b63467b225f420fa8812c4349832f35
cd0d802d3ca07bebbbe93e7655f12cc3bb0c9e29fe268404900a1f393377b962
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d55a962669cde606819bba2d750550203b5f3c439b59f41a0e6a1e76a6517901
d5e219ec316300a4b8d54b92a13157b2096828435bd9305d9addb0a84b0ffefd
d86e99094c4449ce8da931cc659f8304e2c2b3866d9fe105f0ac7295e3598e48
da6745c0d45918534c73566127b6ce457b4cc8f8bbf50b4caf3711651acbfd92
e3658754d484229f9701566d518df7380df06a38bff164d6268262b4a9de02ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
ea55e6b60f385b0ebea350a7a37b845efa10187d88eb78f36af80cb2bcb0bc94
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9d17f63c86263545b9ffb4cf1771ba3d6dbb13517390c8e60d6927231a9877
f053808e6762f53af3bc5e652b3b774ebf3db35c9db67dab08099bc9da2b80db
f17e033e06b27cceed36cab68eae394f0746947ef0d03617ab0c6224cb345df4
ff20053401d8818607d7ea646cfc1e1b7db863d9800d597510ef55e6a08cff57