urlscan.io logo urlscan.io
SecurityTrails logo

heidiland.com Open in urlscan Pro
46.231.200.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://geissenleasing.ch/
Effective URL: https://heidiland.com/de/
Submission: On October 16 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 19 domains to perform 126 HTTP transactions. The main IP is 46.231.200.190, located in Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is heidiland.com.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.
This is the only time heidiland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 134.119.0.177 34011 (GD-EMEA-D...)
42 46.231.200.190 21069 (ASN-METAN...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
4 52.58.210.34 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
9 2.19.96.249 20940 (AKAMAI-ASN1)
1 2 142.250.186.70 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 18.172.226.91 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.172.226.50 16509 (AMAZON-02)
1 13.32.27.54 16509 (AMAZON-02)
1 52.48.140.7 16509 (AMAZON-02)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
126 28
1    134.119.0.177 (Cologne, Germany)

ASN34011 (GD-EMEA-DC-CGN1, DE)
PTR: ms11222.ispgateway.de
geissenleasing.ch
42    46.231.200.190 (Switzerland)

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: hosting.tso.ch
heidiland.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a02:26f0:480:d::210:f150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
9    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:ab00:4a0::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
4    52.58.210.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-210-34.eu-central-1.compute.amazonaws.com
www.getback.ch
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2.19.96.249 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-249.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
12357463.fls.doubleclick.net
4    2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
7    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    18.172.226.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-91.bcn50.r.cloudfront.net
static.getback.ch
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700:20::681a:f46 (United States)

ASN13335 (CLOUDFLARENET, US)
static.guuru.com
1    18.172.226.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-50.bcn50.r.cloudfront.net
static.hotjar.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
1    52.48.140.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-140-7.eu-west-1.compute.amazonaws.com
content.hotjar.io
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
chat.guuru.com
Apex Domain
Subdomains		 Transfer
42 heidiland.com
heidiland.com
2 MB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
12357463.fls.doubleclick.net Failed
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
7 KB
9 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
381 KB
9 getback.ch
www.getback.ch — Cisco Umbrella Rank: 216847
static.getback.ch — Cisco Umbrella Rank: 221703
192 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
adservice.google.com — Cisco Umbrella Rank: 118
2 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
772 KB
8 google.ch
www.google.ch — Cisco Umbrella Rank: 24974
adservice.google.ch — Cisco Umbrella Rank: 137998
1 KB
6 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4980
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5639
271 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
42 KB
4 guuru.com
static.guuru.com — Cisco Umbrella Rank: 247739
chat.guuru.com — Cisco Umbrella Rank: 257406
42 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
178 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901
script.hotjar.com — Cisco Umbrella Rank: 1101
60 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
11 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
37 KB
2 gstatic.com
fonts.gstatic.com
64 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 7121
161 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 geissenleasing.ch
geissenleasing.ch
112 B
126 19
Domain Requested by
42 heidiland.com heidiland.com
consent.cookiebot.com
9 analytics.tiktok.com heidiland.com
analytics.tiktok.com
consent.cookiebot.com
9 www.googletagmanager.com heidiland.com
www.googletagmanager.com
consent.cookiebot.com
static.guuru.com
7 www.google.ch heidiland.com
5 static.getback.ch www.getback.ch
static.getback.ch
consent.cookiebot.com
5 www.google.com 1 redirects heidiland.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 connect.facebook.net heidiland.com
connect.facebook.net
consent.cookiebot.com
4 www.getback.ch www.googletagmanager.com
static.getback.ch
consent.cookiebot.com
4 googleads.g.doubleclick.net heidiland.com
www.googleadservices.com
consent.cookiebot.com
4 consent.cookiebot.com heidiland.com
consent.cookiebot.com
www.googletagmanager.com
3 region1.analytics.google.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
consent.cookiebot.com
2 region1.google-analytics.com www.googletagmanager.com
2 chat.guuru.com static.guuru.com
chat.guuru.com
2 static.guuru.com heidiland.com
static.guuru.com
2 cdnjs.cloudflare.com static.getback.ch
2 www.googleadservices.com www.googletagmanager.com
consent.cookiebot.com
2 12357463.fls.doubleclick.net www.googletagmanager.com
consent.cookiebot.com
2 fonts.gstatic.com fonts.googleapis.com
2 consentcdn.cookiebot.com consent.cookiebot.com
2 fonts.googleapis.com heidiland.com
1 content.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com heidiland.com
1 adservice.google.ch adservice.google.com
1 www.facebook.com heidiland.com
1 adservice.google.com 12357463.fls.doubleclick.net
1 geissenleasing.ch 1 redirects
126 29
Subject Issuer Validity Valid
heidiland.com
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-06 -
2024-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-17 -
2024-04-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.getback.ch
Amazon RSA 2048 M02		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
static.getback.ch
Amazon RSA 2048 M02		 2023-06-28 -
2024-07-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2023-03-02 -
2024-03-30		 a year crt.sh
chat.guuru.com
E1		 2023-09-11 -
2023-12-10		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://heidiland.com/de/
Frame ID: 079B28D5B1A406180C50CE342C70DE4C
Requests: 119 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 8826F4D51968FD17FBB9AB263169FCB6
Requests: 1 HTTP requests in this frame

Frame: https://12357463.fls.doubleclick.net/activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
Frame ID: 0B2F2DC8A467A30F348FECAA9150DAD2
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
Frame ID: 48206180C6242FD320032B70799E9575
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ch/ddm/fls/i/dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
Frame ID: A95488EB152DBF531743430A9193BE63
Requests: 1 HTTP requests in this frame

Frame: https://chat.guuru.com/storage/
Frame ID: F6BE0DFF28C8CA49D212D618FC76AC97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ferienregion Heidiland – Urlaub in den Bergen der Ostschweiz - Ferienregion Heidiland – DE

Page URL History Show full URLs

  1. https://geissenleasing.ch/ HTTP 302
    https://heidiland.com/de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

98 %
HTTPS

64 %
IPv6

19
Domains

29
Subdomains

28
IPs

5
Countries

4453 kB
Transfer

10872 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://geissenleasing.ch/ HTTP 302
    https://heidiland.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1449824106.1697415591&url=https%3A%2F%2Fheidiland.com%2Fde%2F&gtm=45He3ab0n71TSNS54&auid=686034203.1697415591 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1449824106.1697415591&url=https%3A%2F%2Fheidiland.com%2Fde%2F&gtm=45He3ab0n71TSNS54&auid=686034203.1697415591
Request Chain 43
  • https://12357463.fls.doubleclick.net/activityi;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F HTTP 302
  • https://12357463.fls.doubleclick.net/activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heidiland.com/de/
Redirect Chain
  • https://geissenleasing.ch/
  • https://heidiland.com/de/
145 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
bec7427848c4f13d1d0d8b4c0362ef4b109350ea28410d74a157feb1af003025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

age
3790
cache-control
max-age=259200, private max-age=0
contao-cache
miss
contao-private-response-reason
session-cookie
content-encoding
gzip
content-length
19666
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:19:50 GMT
expires
Mon, 16 Oct 2023 00:19:49 GMT
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
server
nginx
vary
Origin,Cookie,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
209
content-type
text/html; charset=iso-8859-1
date
Mon, 16 Oct 2023 00:19:48 GMT
location
https://heidiland.com/de/
server
nginx
x-cache-status
BYPASS
jquery.js
heidiland.com/layout/scripts/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
c54cc923c53a3ae7b6125d87d732de9f27cfc7b603b92b52f0d796022c5b82ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Mon, 14 Aug 2023 13:23:09 GMT
server
nginx
etag
W/"64da2abd-18916"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Lato:300,400,400italic,600,700%7CRaleway:300,400,500,600,700%7CCrete+Round:400italic%7CWork+Sans:300,400,500,600,700%7CKalam
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e5a90f9afa7c09c0d5fbb92de72b2356445b99e1cf1126502081e365c188acb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:19:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:19:50 GMT
bundle-all.css
heidiland.com/layout/styles/ 		582 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/styles/bundle-all.css?v=4aac27bd
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
007b9aa4dc9940c38cc6036fa27744ceb8e48eed42ef3ac4829fe6caa1202c45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 08:44:24 GMT
server
nginx
etag
W/"650ab0e8-917a7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
bundle-components.css
heidiland.com/layout/styles/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/styles/bundle-components.css?v=740643d1
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
a2f4de345bb91c75f4944e29abafd45ba1f14e1c6e92694605569d1d994faf1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 08:44:24 GMT
server
nginx
etag
W/"650ab0e8-5ab8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
color-picker.min.css
heidiland.com/bundles/app/colorpicker/ 		3 KB
805 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/bundles/app/colorpicker/color-picker.min.css?v=6d5d3d17
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
0c73891322be8964d3ba912a896c9555d0a8dc9a638401b3f1741b4097c1684d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 12:15:08 GMT
server
nginx
etag
W/"5c3888cc-a92"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
colorpicker.css
heidiland.com/bundles/app/ 		250 B
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/bundles/app/colorpicker.css?v=6d5d3d17
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
54f4c33087b29fc96a9de1af8621a081e27bab0baa5f69b27bf37a534f0b58b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Fri, 11 Jan 2019 12:15:08 GMT
server
nginx
x-accel-version
0.01
etag
"fa-57f2da55acb00-gzip"
vary
Accept-Encoding,Origin
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
176
expires
Tue, 15 Oct 2024 00:19:50 GMT
datepicker.css
heidiland.com/layout/styles/components/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/styles/components/datepicker.css?v=d7ab005e
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
620da347bf733bdc440275a7d8aed5f5a00dcdbe76e16fd6ed08ee3d95ff7463

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Thu, 20 Jul 2023 08:08:57 GMT
server
nginx
etag
W/"64b8eb99-322b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
color-picker.min.js
heidiland.com/bundles/app/colorpicker/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/bundles/app/colorpicker/color-picker.min.js?v=6d5d3d17
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
ec907d5b3a3dcc07da42758076671ef1e1717dc9ceb42907c58925fd2c70bd5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 12:15:08 GMT
server
nginx
etag
W/"5c3888cc-18a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
colorpicker.js
heidiland.com/bundles/app/ 		3 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/bundles/app/colorpicker.js?v=6d5d3d17
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
35088627931271fb5158dda2e139dceec2ba0d2e7313a0cd72eae01cfdbd39ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 12:15:08 GMT
server
nginx
etag
W/"5c3888cc-b35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
custom-neu.css
heidiland.com/files/design_assets/design-hlt/css/ 		146 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/files/design_assets/design-hlt/css/custom-neu.css
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
667589a89cfea75817df5755619a87435a83e283eaeb79334c10467a1bca5f6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Wed, 27 Sep 2023 12:28:27 GMT
server
nginx
etag
W/"65141feb-249a9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
uc.js
consent.cookiebot.com/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Wed, 27 Sep 2023 07:15:18 GMT
etag
"4a4b65e12f1d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=953
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
33511
expires
Mon, 16 Oct 2023 00:35:43 GMT
1_Hauptlogo_Pos-13237aed.svg
heidiland.com/assets/images/9/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/9/1_Hauptlogo_Pos-13237aed.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
dac09156b94d2b3570d5ce45f56f9b9c2dfa86b79c43c4cd850152ed829c58ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 23:16:36 GMT
server
nginx
etag
W/"652489d4-91f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Wed, 15 Nov 2023 00:19:50 GMT
1_Hauptlogo_Pos-33de3600.svg
heidiland.com/assets/images/f/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/f/1_Hauptlogo_Pos-33de3600.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
d228ced2877c3ce9c52944dfc76c821048bb30107b524e283411f3c0c3c2fb68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Sun, 15 Oct 2023 23:35:24 GMT
server
nginx
etag
W/"652c773c-91f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Wed, 15 Nov 2023 00:19:50 GMT
Navigation_Tourenportal_Sommer-c3b6a4a5.png
heidiland.com/assets/images/e/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/e/Navigation_Tourenportal_Sommer-c3b6a4a5.png
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
1768230cfcabe24e8d33f6a0092265d15dfb85c4b58a9f6257580d97fcdd0a09

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Sat, 14 Oct 2023 23:18:12 GMT
server
nginx
etag
"652b21b4-15391"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
86929
expires
Wed, 15 Nov 2023 00:19:50 GMT
Navigation%20Bikepauschale_DE-a43d9a41.png
heidiland.com/assets/images/5/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/5/Navigation%20Bikepauschale_DE-a43d9a41.png
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
a616a74103c4952ccb8ab88782f9062b3304853f5eedce1a43807912d5c19bfe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Thu, 05 Oct 2023 23:15:24 GMT
server
nginx
etag
"651f438c-163bc"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
91068
expires
Wed, 15 Nov 2023 00:19:50 GMT
Murgsee%20von%20oben-2d01d023.webp
heidiland.com/assets/images/c/ 		492 KB
492 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/c/Murgsee%20von%20oben-2d01d023.webp
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
47c03f416eae2102271a939fe7283d56986bb0df9c711a359fe6c76e7b7e8fa2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Fri, 13 Oct 2023 02:23:22 GMT
server
nginx
etag
"6528aa1a-7ae7a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
503418
ok-go-logo.svg
heidiland.com/files/design_assets/design-hlt/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/files/design_assets/design-hlt/img/ok-go-logo.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
1ec9d2222fcfbefc3582353fadc1776bafed5bb659ef9b86dc8caccd753d2946

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 14:05:45 GMT
server
nginx
etag
W/"6058a439-7e4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
expires
Wed, 15 Nov 2023 00:19:50 GMT
Logo%20Swisstainable%20Level%20II.png
heidiland.com/files/partner.heidiland.com/Logos/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/files/partner.heidiland.com/Logos/Logo%20Swisstainable%20Level%20II.png
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
72b4d5bd6a2eacfa3a11fe450ca05cc7d2a2c6378a025d2b45dba1cc9973646e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Mon, 26 Jun 2023 08:05:04 GMT
server
nginx
etag
"649946b0-11b9b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
72603
expires
Wed, 15 Nov 2023 00:19:50 GMT
bootstrap-datepicker.min.js
heidiland.com/layout/scripts/components/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/scripts/components/bootstrap-datepicker.min.js?v=fa3cffea
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
b4287603382042861ca92a984c71bc63ac184a26e166e0b201f12f444bcf0206

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Thu, 20 Jul 2023 08:08:57 GMT
server
nginx
etag
W/"64b8eb99-8c40"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
cart-count.min.js
heidiland.com/layout/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/scripts/cart-count.min.js?v=981ce01f
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
12d6c218fe8a300ee98d6acb85ebfd9d08d53b4febc4f1571d8a900c8fdeae2b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 08:52:35 GMT
server
nginx
etag
W/"650ab2d3-3f3c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
bundle-all.js
heidiland.com/layout/scripts/ 		661 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/scripts/bundle-all.js?v=47b75bc1
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
ecfd1c35d3c7957ed053b922fd6f2ee58778fd6390201d1cde7dd724a75f223c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 08:44:24 GMT
server
nginx
etag
W/"650ab0e8-a52ab"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:50 GMT
css2
fonts.googleapis.com/ 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@900&display=swap
Requested by
Host: heidiland.com
URL: https://heidiland.com/files/design_assets/design-hlt/css/custom-neu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a9f5342893705b95cf6afa7303df92efa94c546a0715fb9577e570f68955a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 23:24:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:19:50 GMT
gtm.js
www.googletagmanager.com/ 		295 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8d1a27f9878c0c2a4f47e31a45db23da4f8f6ef1ab91de7e69e3fafb2f44e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100684
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Oct 2023 00:19:50 GMT
configuration.js
consentcdn.cookiebot.com/consentconfig/010d4346-7218-47bb-9eaf-9e7538f4b69c/heidiland.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/010d4346-7218-47bb-9eaf-9e7538f4b69c/heidiland.com/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:4a0::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1309dc23dcd04dd98895563315c141ad27b4d1470270fcfac09cbb4a72ee3e33

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 12:38:20 GMT
server
AkamaiNetStorage
etag
"5a844465153f49fe4684a0b892087138:1696336700.299378"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25274
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1697415590314_1551554368_172153392_419_621_20_60_146";dur=1
accept-ranges
bytes
content-length
774
expires
Mon, 16 Oct 2023 07:21:04 GMT
consent-sdk-2.2.js
consent.cookiebot.com/Framework/IAB/ 		273 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/Framework/IAB/consent-sdk-2.2.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c50a36bc2f639f12752211a41c4c1f8608f393c2b9c386e840a00c2605ac81b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Wed, 27 Sep 2023 07:15:18 GMT
etag
"0476c5e12f1d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
65910
expires
Mon, 16 Oct 2023 00:19:50 GMT
cc.js
consent.cookiebot.com/010d4346-7218-47bb-9eaf-9e7538f4b69c/ 		615 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/010d4346-7218-47bb-9eaf-9e7538f4b69c/cc.js?renew=false&referer=heidiland.com&dnt=false&init=false&framework=TCFv2.2
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
077b7b6e1ba61f072d98392a864c4f412d3f8cc1690bf0e1d5eb1c3ee414358b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 00:19:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
icon-bonfire.png
heidiland.com/files/design_assets/design-hlt/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/files/design_assets/design-hlt/img/icon-bonfire.png
Requested by
Host: heidiland.com
URL: https://heidiland.com/files/design_assets/design-hlt/css/custom-neu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
a295ea05903029e280a3c2e04d0f71de39c1ecf3156bfc0f84606ca3c54c9ce2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Tue, 22 Nov 2022 13:03:52 GMT
server
nginx
etag
"637cc8b8-552f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21807
expires
Wed, 15 Nov 2023 00:19:50 GMT
icon-bett.png
heidiland.com/files/design_assets/design-hlt/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/files/design_assets/design-hlt/img/icon-bett.png
Requested by
Host: heidiland.com
URL: https://heidiland.com/files/design_assets/design-hlt/css/custom-neu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
7a382da7d88be8e967fb35e6de20e87b2bab51ecd0ff595b14018ae371dccbbb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Tue, 22 Nov 2022 13:04:03 GMT
server
nginx
etag
"637cc8c3-232a"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9002
expires
Wed, 15 Nov 2023 00:19:50 GMT
twblue.woff2
heidiland.com/layout/styles/fonts/ 		204 KB
204 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/styles/fonts/twblue.woff2?1qsw0m
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/styles/bundle-all.css?v=4aac27bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
6fe04cc16e4da41a7438043be893b3999fdf5a80d96de925f19d52a8f1a0b190

Request headers

Referer
https://www.google.com/
Origin
https://heidiland.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
last-modified
Thu, 20 Jul 2023 08:08:57 GMT
server
nginx
etag
"64b8eb99-32f2c"
content-type
application/x-font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
208684
expires
Wed, 15 Nov 2023 00:19:50 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Lato:300,400,400italic,600,700%7CRaleway:300,400,500,600,700%7CCrete+Round:400italic%7CWork+Sans:300,400,500,600,700%7CKalam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://heidiland.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:33:21 GMT
x-content-type-options
nosniff
age
279989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:33:21 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvC73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvC73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d39f49d4cdbed981f59d7c21ce058f68777b7b25f6d60e2f07a0ad1d8b68ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://heidiland.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:12:52 GMT
x-content-type-options
nosniff
age
277618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14504
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 19:12:52 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 8826 		627 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:4a0::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://heidiland.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:19:50 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Tue, 15 Oct 2024 00:19:50 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1697415590428_1551554368_172153394_23_995_20_0_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
uc.js
consent.cookiebot.com/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=010d4346-7218-47bb-9eaf-9e7538f4b69c&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
last-modified
Wed, 27 Sep 2023 07:15:18 GMT
etag
"4a4b65e12f1d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=953
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
33511
expires
Mon, 16 Oct 2023 00:35:43 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1449824106.1697415591&url=https%3A%2F%2Fheidiland.com%2Fde%2F&gtm=45He3ab0n71TSNS54&auid=686034203.1697415591
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1449824106.1697415591&url=https%3A%2F%2Fheidiland.com%2Fde%2F&gtm=45He3ab0n71TSNS54&auid=686034203.1697415591
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1449824106.1697415591&url=https%3A%2F%2Fheidiland.com%2Fde%2F&gtm=45He3ab0n71TSNS54&auid=686034203.1697415591
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1449824106.1697415591&url=https%3A%2F%2Fheidiland.com%2Fde%2F&gtm=45He3ab0n71TSNS54&auid=686034203.1697415591
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Oct 2023 23:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1808
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 01:49:42 GMT
activityi;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
12357463.fls.doubleclick.net/ Frame 0B2F 		0
0
conversion.js
www.googleadservices.com/pagead/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
811fb3e1699642a4d9a1e61faff7b36984bbd53652fecf4cb4b7aa6cad0d7b4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18646
x-xss-protection
0
server
cafe
etag
8381188637092831176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 00:19:50 GMT
hkaVB
www.getback.ch/app/tracking/ 		270 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getback.ch/app/tracking/hkaVB
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.210.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-210-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83ac9e239fde558f5d88ce17d3c9ff70f016285b31925cc7cf199142c8f65c2b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/javascript
pragma
public
date
Mon, 16 Oct 2023 00:19:50 GMT
cache-control
max-age=2592000, public
server
nginx
content-length
270
expires
Wed, 15 Nov 2023 00:19:50 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 00:19:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
Oi1bFz4DuclBplIECy0kuLx/z/BbK0URevYBUBNkiw/apSLMZZPhK1Hxm3MpXAUHD2/ZRmFkkpelUEk/bM10wg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHQVKA3C77U4209UVP80&lib=ttq
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7b76e136d52d7dde92ad7fd8c2150395e37384dd6757e6deda6cca4bf355d087

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
590174a3.12577128
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
117,2.19.96.245
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=31, inner; dur=4
content-length
1748
pragma
no-cache
server
nginx
x-tt-logid
202310160019501871213E4A39042E0332
x-cache-remote
TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.220.104.79
x-tt-trace-host
01b87a91281bfc704873d4b41a7f45c0b878087e861a5822ee778882bded4c63a9df7ee40e2fb879feaa1dbeb1dceef632809c967b3554cd0a6be6c47fb9d769332198f06f2ddfeb7a10aed0b7af6359f944560e01c2a01d3df56ed7a960d1d877cc3dd7a4a5e377bbf105cd6c14b67fbc
expires
Mon, 16 Oct 2023 00:19:50 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-01WN1W9EZZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d455e72f644a0aa6f89080f8be41d98f958e917b11a8f42b7a788b64ae76629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87150
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:50 GMT
js
www.googletagmanager.com/gtag/ 		258 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8RNXX9KVS0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
941a03f50002bcc86786643fe70df5d632e11948dffb121e0ef8aa9cbaf58026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88368
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:50 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSN6Q9JQ10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0416d839426651de600eec8c9f76e35694ef05ec0589acaa7cfd92298ed4c188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:50 GMT
activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
12357463.fls.doubleclick.net/ Frame 0B2F
Redirect Chain
  • https://12357463.fls.doubleclick.net/activityi;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F?
  • https://12357463.fls.doubleclick.net/activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fhei...
483 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12357463.fls.doubleclick.net/activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F?
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
34e5e2561e569549ea7c179bde3c7d5ac9d6e05c246003c4fdd6f24bc26ef403
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heidiland.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:19:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:19:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12357463.fls.doubleclick.net/activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1487387950&t=pageview&_s=1&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&ul=en-us&de=UTF-8&dt=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=367980388&gjid=68813072&cid=2010297474.1697415591&tid=UA-8043867-1&_gid=942265902.1697415591&_slc=1&gtm=45He3ab0n71TSNS54&gcs=G111&z=417690881
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8043867-1&cid=2010297474.1697415591&jid=367980388&gjid=68813072&_gid=942265902.1697415591&_u=YGBAiEABBAAAAGAAI~&z=112692782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-01WN1W9EZZ&gtm=45je3ab0&_p=1487387950&_gaz=1&gcs=G111&gdid=dMWZhNz&cid=2010297474.1697415591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697415590&sct=1&seg=0&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&dt=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-01WN1W9EZZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-01WN1W9EZZ&cid=2010297474.1697415591&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-01WN1W9EZZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-01WN1W9EZZ&cid=2010297474.1697415591&gtm=45je3ab0&aip=1&z=930688233
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TSN6Q9JQ10&gtm=45je3ab0&_p=1487387950&_gaz=1&gcs=G111&gdid=dMWZhNz&cid=2010297474.1697415591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697415590&sct=1&seg=0&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&dt=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSN6Q9JQ10&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TSN6Q9JQ10&cid=2010297474.1697415591&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSN6Q9JQ10&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TSN6Q9JQ10&cid=2010297474.1697415591&gtm=45je3ab0&aip=1&z=2067447383
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8RNXX9KVS0&gtm=45je3ab0&_p=1487387950&_gaz=1&gcs=G111&gdid=dMWZhNz&cid=2010297474.1697415591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697415590&sct=1&seg=0&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&dt=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RNXX9KVS0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8RNXX9KVS0&cid=2010297474.1697415591&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RNXX9KVS0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8RNXX9KVS0&cid=2010297474.1697415591&gtm=45je3ab0&aip=1&z=562562937
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8043867-1&cid=2010297474.1697415591&jid=367980388&_u=YGBAiEABBAAAAGAAI~&z=1956274156
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8043867-1&cid=2010297474.1697415591&jid=367980388&_u=YGBAiEABBAAAAGAAI~&z=1956274156
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1867647576814103
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1867647576814103?v=2.9.134&r=stable&domain=heidiland.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2dc595b3cb3f4cebcbb894f8e68ad157c04fbb540fdd081e44c9cb1b17d8259
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 00:19:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
oQ9gYxxxRii6eFvKyiRb7H7J/M42Znbho7UNoMshWQXwVLbYU90+xWXraG86bLCixqkcAq5SVRQ7doWjc6bDPA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
adservice.google.com/ddm/fls/i/ Frame 4820 		482 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
Requested by
Host: 12357463.fls.doubleclick.net
URL: https://12357463.fls.doubleclick.net/activityi;dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
247c9c7cecb01a7cf8376689b56bdd5fe8e548900d809e41694b3ffa951cca81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12357463.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
270
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:19:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924691667/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924691667/?random=1697415590836&cv=9&fst=1697415590836&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbcb2ac1c49d3840748713fd50332eec364c15f8ce30156836a1e5a4bd578c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1428
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hkaVB.js
static.getback.ch/clients/ 		247 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getback.ch/clients/hkaVB.js
Requested by
Host: www.getback.ch
URL: https://www.getback.ch/app/tracking/hkaVB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.226.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-91.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd45a822bd9d378dc2399cbacb60f26a3fa1fdd19a58557e5902e626da88f365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
gzip
via
1.1 10a6624f4fad72aa8dec483940cdef8a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
BCN50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 11 Oct 2023 06:47:25 GMT
server
AmazonS3
etag
W/"7f5d092a381b8dd294eef996d4dc60b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-id
1tSXRd8j9gi3I2EJBpSZjfF007-U2x3bLhObxO0SKViwAEZVBPzMew==
main.MWQ0NWRkZTlhMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		389 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHQVKA3C77U4209UVP80&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
12577158
date
Mon, 16 Oct 2023 00:19:50 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230921123949E22130719B512DC62220
vary
Accept-Encoding
x-cache
TCP_HIT from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01090c9553b8925d61675d05f0655d0dbbefafaf71449950e1c374e354db6f2ba15416af89168960dbae36a06c63d63c3be65978d2f262600b1668ed4eb1eaafceb52de0328f36c0004a7f0dd1585ad3e9a353694c862974e61b85fac454b912cd
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
103143
/
www.google.com/pagead/1p-user-list/924691667/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924691667/?random=1697415590836&cv=9&fst=1697414400000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&fmt=3&is_vtc=1&random=1352217598&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/924691667/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/924691667/?random=1697415590836&cv=9&fst=1697414400000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&fmt=3&is_vtc=1&random=1352217598&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1867647576814103&ev=PageView&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&rl=&if=false&ts=1697415590921&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697415590916.1693145833&cs_est=true&ler=empty&it=1697415590818&coo=false&rqm=GET
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 16 Oct 2023 00:19:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
adservice.google.ch/ddm/fls/i/ Frame A954 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/ddm/fls/i/dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJeLyeql-YEDFVeQ_QcdAhUGJw;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:19:51 GMT
expires
Mon, 16 Oct 2023 00:19:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
1257717c
date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907112758741F012AF93529AE289E
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018d8e499c8ada5f367bc8f59939e0cc408e6748d969d5ffc0176fd4e3cd4b96151f3eb0aac861349e1b0902b493473db0cc6cdee72ab2bb969df26c1b23003a1ec7b62c907c2adb40bc4ebfadb2186e253784ba84303e2a2b7390c74f91dd5275
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35813
pixel
analytics.tiktok.com/api/v2/ 		0
786 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
590179b6.1257718c
date
Mon, 16 Oct 2023 00:19:51 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
156,2.19.96.245
server-timing
cdn-cache; desc=MISS, edge; dur=111, origin; dur=49, inner; dur=46
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310160019515D86C9C5E77C4377889A
x-cache-remote
TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
49,23.220.104.79
x-tt-trace-host
01b87a91281bfc704873d4b41a7f45c0b878087e861a5822ee778882bded4c63a9df7ee40e2fb879feaa1dbeb1dceef632bb6e294f5e2dec63e5443e892f98a1d940c03091691ed2efb43829194917079c9a878a3b47f29771cd0066851a6f6c03ce116c5d2027f250ac7e6689da6680d8
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 00:19:51 GMT
Familie%20beim%20Grillieren-f81b4e45.webp
heidiland.com/assets/images/4/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/4/Familie%20beim%20Grillieren-f81b4e45.webp
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
66b780668774f8dcf70d497506fc3e719506a2ebaec629e32d47612c1f4c1c3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
last-modified
Thu, 05 Oct 2023 06:40:59 GMT
server
nginx
etag
"651e5a7b-11500"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
70912
act
analytics.tiktok.com/api/v2/pixel/ 		0
787 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
59017c4f.125771c9
date
Mon, 16 Oct 2023 00:19:51 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
236,2.19.96.245
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=151, inner; dur=146
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231016001951C34B05B737606B2A3721
x-cache-remote
TCP_MISS from a23-220-104-79.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
151,23.220.104.79
x-tt-trace-host
01b87a91281bfc704873d4b41a7f45c0b878087e861a5822ee778882bded4c63a9df7ee40e2fb879feaa1dbeb1dceef63222a99ff0591758a0ad598f9ebe978417a4e7802d96bd57e6b1bb84aeec098575d0a493642e2eac635f3d0a775f1f97f3b726ac8ef951251e3da3bdcb8f3872e7
access-control-allow-headers
Authorization,*
expires
Mon, 16 Oct 2023 00:19:51 GMT
/
www.getback.ch/hkaVB/getback/ 		339 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getback.ch/hkaVB/getback/?s=a9770979ccd347f8af8de7ef436269ef&new=1&rec=0&ls=1&lb=false&ver=AGk&mtp=0&dev=0&c=ce550ae8a6c34505beeadea51617d7dd&r=&u=https%3A%2F%2Fheidiland.com%2Fde%2F&lid=1&preview=0&waited=0
Requested by
Host: static.getback.ch
URL: https://static.getback.ch/clients/hkaVB.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.210.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-210-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a08e09da699822bb0a3b41bd2800c3877f0148d0c1ccecb8bbe59cd6c317473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Content-Type, Accept, Origin, Authorization
x-xss-protection
0; mode=block
hkaVB.css
static.getback.ch/clients/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.getback.ch/clients/hkaVB.css?ver=79
Requested by
Host: static.getback.ch
URL: https://static.getback.ch/clients/hkaVB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.226.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-91.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e340aa9db245dd1d03ed572c2655c863e5c748845304b2accd622433db6c276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
gzip
via
1.1 10a6624f4fad72aa8dec483940cdef8a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
BCN50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 11 Oct 2023 06:47:25 GMT
server
AmazonS3
etag
W/"3e9acabd8f7a6fe14235945dc07c0049"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-id
M3IsrqAzv9s03I2W2MXoML0jzkPXGY-RKGdOUd1yoSJJg0RsUWqGWg==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: static.getback.ch
URL: https://static.getback.ch/clients/hkaVB.css?ver=79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2870296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5324
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7187"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCW0KCFFjdISy9nFoa%2B3szUdk%2FIy2QYbw1NPshUZENuvuvHupnWn4TSB7XSfUZNns6ugbUs5dbcuMKqn%2BX%2BgX00%2BcFOpWEBXkSIRB9PQjfoXxMeMgUuDHlR7F7dsVku8kx45o8zIaBUSlTWXjfxm89vt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816c21f83c9701db-ZRH
expires
Sat, 05 Oct 2024 00:19:51 GMT
bootstrap-datepicker.min.js
heidiland.com/layout/scripts/components/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/scripts/components/bootstrap-datepicker.min.js?v=fa3cffea
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
b4287603382042861ca92a984c71bc63ac184a26e166e0b201f12f444bcf0206

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
br
last-modified
Thu, 20 Jul 2023 08:08:57 GMT
server
nginx
etag
W/"64b8eb99-8c40"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:51 GMT
chat.min.js
static.guuru.com/loader/v1.0/ 		132 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.guuru.com/loader/v1.0/chat.min.js?_=1697415590156
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
895137038a2b6b7c399a438d130680ccbc5dc515664d3aac7532707b45d62cbe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdu3AERw0Zt-_daxPf-Q79oK0taX0ByOe-phP-uSjc71aCRHZ8qKaapp083tJLlkVvTu29msCqFDBNWc7QfU-9a7yQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
36563
last-modified
Thu, 12 Oct 2023 08:01:02 GMT
server
cloudflare
etag
"4b98fd5104045bbd0fb0de0943222c08"
vary
Accept-Encoding
x-goog-generation
1697097662033217
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=vp54Vg==, md5=S5j9UQQEW70PsN4JQyIsCA==
access-control-expose-headers
*
cache-control
private,max-age=0,no-transform
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff7n1bMA7%2B0yc7qLnbcfmzjmsd7cnGphQyVVX2fq4Qb1XPUe3AVR1A%2Bu04DQ2JW1wbA7sE7iWR994hG1RYpsBsqsTeIkuxFk%2BE9a0ViQdNhqUAwUy3%2BSCEGJVkohZNDvyIaRPAcFcHQNslGWWiI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
36563
accept-ranges
bytes
cf-ray
816c21f8db88bb11-MXP
expires
Mon, 16 Oct 2023 00:19:51 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Oct 2023 23:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 01:49:42 GMT
hotjar-1754695.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1754695.js?sv=6
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.226.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-50.bcn50.r.cloudfront.net
Software
/
Resource Hash
f5a1829755506438734fb14f0f41e6eb3dc98198113d6afaa43d0c262a5cb557
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9840972152ee9610a58198d320aa7c1a.cloudfront.net (CloudFront)
x-amz-cf-pop
BCN50-P2
etag
W/1bc024a7e143aa1429edfdc76f60f563
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
7kJnwPDpwfHNIisStoQskqLDZkSvGWl1hxE7U93_Qxgo_bx7QjOSGw==
conversion.js
www.googleadservices.com/pagead/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
811fb3e1699642a4d9a1e61faff7b36984bbd53652fecf4cb4b7aa6cad0d7b4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18646
x-xss-protection
0
server
cafe
etag
8381188637092831176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 00:19:51 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924691667/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924691667/?random=1697415591843&cv=9&fst=1697415590836&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d5761dbede9a44c22e392eee7ed4af23e273bbf6b1c444a2ebda14d740d5360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1435
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hkaVB
www.getback.ch/app/tracking/ 		270 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getback.ch/app/tracking/hkaVB
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.210.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-210-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83ac9e239fde558f5d88ce17d3c9ff70f016285b31925cc7cf199142c8f65c2b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/javascript
pragma
public
date
Mon, 16 Oct 2023 00:19:51 GMT
cache-control
max-age=2592000, public
server
nginx
content-length
270
expires
Wed, 15 Nov 2023 00:19:51 GMT
hkaVB.js
static.getback.ch/clients/ 		247 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getback.ch/clients/hkaVB.js
Requested by
Host: www.getback.ch
URL: https://www.getback.ch/app/tracking/hkaVB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.226.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-91.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd45a822bd9d378dc2399cbacb60f26a3fa1fdd19a58557e5902e626da88f365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:19:52 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
BCN50-P2
x-amz-server-side-encryption
AES256
via
1.1 6e5dd992d3363f94cc1bff71c8061b48.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 11 Oct 2023 06:47:25 GMT
server
AmazonS3
etag
W/"7f5d092a381b8dd294eef996d4dc60b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-id
oUOLk2n0j6ENDm3TbClQjTX_OzVslSqmcCvHRlj2luaRFxxBbd1cmA==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 00:19:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
Oi1bFz4DuclBplIECy0kuLx/z/BbK0URevYBUBNkiw/apSLMZZPhK1Hxm3MpXAUHD2/ZRmFkkpelUEk/bM10wg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/924691667/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924691667/?random=1697415591843&cv=9&fst=1697414400000&num=2&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&fmt=3&is_vtc=1&random=1458611635&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/924691667/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/924691667/?random=1697415591843&cv=9&fst=1697414400000&num=2&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&fmt=3&is_vtc=1&random=1458611635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHQVKA3C77U4209UVP80&lib=ttq
Requested by
Host: heidiland.com
URL: https://heidiland.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ebd7604fda2c790a88968673935a6c6eaae37f1e9d69351fe9647e504dbcb5d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
16e718ae.125772df
date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
93,2.19.96.245
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=7, inner; dur=3
content-length
1747
pragma
no-cache
server
nginx
x-tt-logid
20231016001951B85DAD6A9897097D0C1E
x-cache-remote
TCP_MISS from a23-36-67-242.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.36.67.242
x-tt-trace-host
01b87a91281bfc704873d4b41a7f45c0b878087e861a5822ee778882bded4c63a953557b78342121507d99ef710dfcd39dc03e72d89869bd7e7e777136455736d19c32983ce19d54aa97fc7f8464aace2f59e6426a1e71d638c09d3e136d215b516e03bd562254a4bd2faa541ff789c421
expires
Mon, 16 Oct 2023 00:19:52 GMT
modules.ee587d1590c42117acc4.js
script.hotjar.com/ 		226 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.ee587d1590c42117acc4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1754695.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
4f6bfb27f8eac39b667b0d59452cabccfbf85c5cfbaaa342bc8e9356d009d230
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
231586
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56258
last-modified
Fri, 13 Oct 2023 07:59:54 GMT
etag
"1d66ff222232fb73b66d2babe3451f66"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8bgkiD0zIYO5PM3x1QSeJFhItpZPJqJEH9VRcXjLNmQ1rOLrtsU91w==
main.MWQ0NWRkZTlhMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		389 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHQVKA3C77U4209UVP80&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
12577326
date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230921123949E22130719B512DC62220
vary
Accept-Encoding
x-cache
TCP_HIT from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01090c9553b8925d61675d05f0655d0dbbefafaf71449950e1c374e354db6f2ba15416af89168960dbae36a06c63d63c3be65978d2f262600b1668ed4eb1eaafceb52de0328f36c0004a7f0dd1585ad3e9a353694c862974e61b85fac454b912cd
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
103143
js
www.googletagmanager.com/gtag/ 		253 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-01WN1W9EZZ&l=dataLayer&cx=c
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d455e72f644a0aa6f89080f8be41d98f958e917b11a8f42b7a788b64ae76629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87150
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:52 GMT
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ee587d1590c42117acc4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.48.140.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-140-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
48374dd01ef259aa458e21dcc387c02c205e8c1f59ef161f5e31434f0eaabfb9

Request headers

Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 00:19:52 GMT
content-length
56
vary
Origin
content-type
application/json
js
www.googletagmanager.com/gtag/ 		258 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8RNXX9KVS0&l=dataLayer&cx=c
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3863f27ca285534e79b82a76277ca65899377f528af5df0fa56ce526c09828f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88371
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:52 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSN6Q9JQ10&l=dataLayer&cx=c
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f88f992baedffbe4fb89fc3a84784c5387af25abe81d6abeb93ed2e23daeb6e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87916
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:52 GMT
1867647576814103
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1867647576814103?v=2.9.134&r=stable&domain=heidiland.com
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2dc595b3cb3f4cebcbb894f8e68ad157c04fbb540fdd081e44c9cb1b17d8259
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 00:19:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36534
x-xss-protection
0
pragma
public
x-fb-debug
oQ9gYxxxRii6eFvKyiRb7H7J/M42Znbho7UNoMshWQXwVLbYU90+xWXraG86bLCixqkcAq5SVRQ7doWjc6bDPA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924691667/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924691667/?random=1697415590836&cv=9&fst=1697415590836&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b87bbc93a42bbb5236109b92506251486a87009abdc5107a2cd8839b826c208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1429
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/924691667/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924691667/?random=1697415590836&cv=9&fst=1697414400000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&fmt=3&is_vtc=1&random=2103952467&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/924691667/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/924691667/?random=1697415590836&cv=9&fst=1697414400000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fheidiland.com%2Fde%2F&tiba=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&fmt=3&is_vtc=1&random=2103952467&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hkaVB.js
static.getback.ch/clients/ 		247 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getback.ch/clients/hkaVB.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.226.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-91.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd45a822bd9d378dc2399cbacb60f26a3fa1fdd19a58557e5902e626da88f365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:19:52 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
BCN50-P2
age
1
x-amz-server-side-encryption
AES256
via
1.1 6e5dd992d3363f94cc1bff71c8061b48.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 11 Oct 2023 06:47:25 GMT
server
AmazonS3
etag
W/"7f5d092a381b8dd294eef996d4dc60b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-id
6SQ5OnsqeNAb2_qwv-QMihJmU6HftLFgpJLJ5-9TEZ9LRV-sPyjWFQ==
main.MWQ0NWRkZTlhMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		389 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
125773c5
date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230921123949E22130719B512DC62220
vary
Accept-Encoding
x-cache
TCP_HIT from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01090c9553b8925d61675d05f0655d0dbbefafaf71449950e1c374e354db6f2ba15416af89168960dbae36a06c63d63c3be65978d2f262600b1668ed4eb1eaafceb52de0328f36c0004a7f0dd1585ad3e9a353694c862974e61b85fac454b912cd
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length
103143
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.249 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
125773ed
date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907112758741F012AF93529AE289E
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-96-245.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018d8e499c8ada5f367bc8f59939e0cc408e6748d969d5ffc0176fd4e3cd4b96151f3eb0aac861349e1b0902b493473db0cc6cdee72ab2bb969df26c1b23003a1ec7b62c907c2adb40bc4ebfadb2186e253784ba84303e2a2b7390c74f91dd5275
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35813
/
www.getback.ch/hkaVB/getback/ 		340 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getback.ch/hkaVB/getback/?s=a9770979ccd347f8af8de7ef436269ef&new=1&rec=0&ls=1&lb=false&ver=AGk&mtp=0&dev=0&c=ce550ae8a6c34505beeadea51617d7dd&r=&u=https%3A%2F%2Fheidiland.com%2Fde%2F&lid=1&preview=0&waited=0
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.210.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-210-34.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3b96305ed481f9f54f479c6eaed5426c591cc11a512296c37624de44bdd661d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Content-Type, Accept, Origin, Authorization
x-xss-protection
0; mode=block
hkaVB.css
static.getback.ch/clients/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.getback.ch/clients/hkaVB.css?ver=79
Requested by
Host: static.getback.ch
URL: https://static.getback.ch/clients/hkaVB.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.226.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-91.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e340aa9db245dd1d03ed572c2655c863e5c748845304b2accd622433db6c276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:19:53 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
BCN50-P2
x-amz-server-side-encryption
AES256
via
1.1 6e5dd992d3363f94cc1bff71c8061b48.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 11 Oct 2023 06:47:25 GMT
server
AmazonS3
etag
W/"3e9acabd8f7a6fe14235945dc07c0049"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-id
TsfbWR0sKfFG_g3tcGeqacEbaqnb0MUXK9zW0Hdq45ZlUlKt7jDAbQ==
cart-count.min.js
heidiland.com/layout/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidiland.com/layout/scripts/cart-count.min.js?v=981ce01f
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
12d6c218fe8a300ee98d6acb85ebfd9d08d53b4febc4f1571d8a900c8fdeae2b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 08:52:35 GMT
server
nginx
etag
W/"650ab2d3-3f3c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 15 Oct 2024 00:19:52 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: static.getback.ch
URL: https://static.getback.ch/clients/hkaVB.css?ver=79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2870297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5324
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7187"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBErUg28%2BsX9NAfFatXLvHPHr8FK67bW5qYHr51H%2B4QO3o1SAobXljLcM%2FcsALWPjomVY5L3OPr2sdMjo7yVnQJvrrtJ5n3jet0arJlvGoRa7fkTKpuAajHcmN2rTEgOJC4TMrNpEbGBVgAwBd8QjKIa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
816c21fe7c7101db-ZRH
expires
Sat, 05 Oct 2024 00:19:52 GMT
preloader.gif
heidiland.com/layout/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/layout/images/preloader.gif
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/styles/bundle-all.css?v=4aac27bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
6d5768ebfbbe4754cda8f077aa765f5b0f462e1dc7e2937f48c44b9c390bb527

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Thu, 20 Jul 2023 08:08:57 GMT
server
nginx
etag
"64b8eb99-864"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2148
expires
Wed, 15 Nov 2023 00:19:53 GMT
1_Hauptlogo_Pos-13237aed.svg
heidiland.com/assets/images/9/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/9/1_Hauptlogo_Pos-13237aed.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
dac09156b94d2b3570d5ce45f56f9b9c2dfa86b79c43c4cd850152ed829c58ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 23:16:36 GMT
server
nginx
etag
W/"652489d4-91f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Wed, 15 Nov 2023 00:19:53 GMT
1_Hauptlogo_Pos-33de3600.svg
heidiland.com/assets/images/f/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/f/1_Hauptlogo_Pos-33de3600.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
d228ced2877c3ce9c52944dfc76c821048bb30107b524e283411f3c0c3c2fb68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
content-encoding
gzip
last-modified
Sun, 15 Oct 2023 23:35:24 GMT
server
nginx
etag
W/"652c773c-91f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Wed, 15 Nov 2023 00:19:53 GMT
Familie%20beim%20Grillieren-f81b4e45.webp
heidiland.com/assets/images/4/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/4/Familie%20beim%20Grillieren-f81b4e45.webp
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
66b780668774f8dcf70d497506fc3e719506a2ebaec629e32d47612c1f4c1c3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Thu, 05 Oct 2023 06:40:59 GMT
server
nginx
etag
"651e5a7b-11500"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
70912
/
chat.guuru.com/storage/ Frame F6BE 		131 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://chat.guuru.com/storage/
Requested by
Host: static.guuru.com
URL: https://static.guuru.com/loader/v1.0/chat.min.js?_=1697415590156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4642a7829a20324787795cb039788ce6403cd098c6fd1861a54778a8814f0522
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heidiland.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-ray
816c2205eb3b5a25-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:19:53 GMT
etag
W/"354a45dd7ae8f514b477adac40836889"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BT6E%2B0pDW%2FbCh0yfBiVAA6dqpBjTa0vXlfploTNHApIvvLKcUh8tskqtD73o3HAnOoYfI5RdklWqpONy3bvMP7GSLPUoo3H0xkqNg1rvX%2FKltHOjGcbqrxLrVTumbYsXS5zM%2BRi%2BFMSpUctcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
1_Hauptlogo_Pos-13237aed.svg
heidiland.com/assets/images/9/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/9/1_Hauptlogo_Pos-13237aed.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
dac09156b94d2b3570d5ce45f56f9b9c2dfa86b79c43c4cd850152ed829c58ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 23:16:36 GMT
server
nginx
etag
W/"652489d4-91f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Wed, 15 Nov 2023 00:19:53 GMT
1_Hauptlogo_Pos-33de3600.svg
heidiland.com/assets/images/f/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/f/1_Hauptlogo_Pos-33de3600.svg
Requested by
Host: heidiland.com
URL: https://heidiland.com/layout/scripts/jquery.js?v=ea40c615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
d228ced2877c3ce9c52944dfc76c821048bb30107b524e283411f3c0c3c2fb68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
content-encoding
gzip
last-modified
Sun, 15 Oct 2023 23:35:24 GMT
server
nginx
etag
W/"652c773c-91f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Wed, 15 Nov 2023 00:19:53 GMT
Murgsee%20von%20oben-2d01d023.webp
heidiland.com/assets/images/c/ 		492 KB
492 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/c/Murgsee%20von%20oben-2d01d023.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
47c03f416eae2102271a939fe7283d56986bb0df9c711a359fe6c76e7b7e8fa2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Fri, 13 Oct 2023 02:23:22 GMT
server
nginx
etag
"6528aa1a-7ae7a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
503418
Gleitschirm%20Tandemflug%20im%20Heidiland-6cbaad26.webp
heidiland.com/assets/images/8/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/8/Gleitschirm%20Tandemflug%20im%20Heidiland-6cbaad26.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
186b939100aaaac1b099984a22c28c1d8843e3d7fca658ffbd91a9487ee17359

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Mon, 09 Oct 2023 00:17:06 GMT
server
nginx
etag
"65234682-5878"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22648
E-Scooter-80fd50a8.webp
heidiland.com/assets/images/b/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/b/E-Scooter-80fd50a8.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
054b7bc9207a7680dc2c2c4baac32fa0e1e75335a9652e944a89ae8398ce5069

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Thu, 12 Oct 2023 02:18:50 GMT
server
nginx
etag
"6527578a-93cc"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37836
Wildsee%20am%20Pizol%20mit%20Wanderin-3370de3d.webp
heidiland.com/assets/images/9/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/9/Wildsee%20am%20Pizol%20mit%20Wanderin-3370de3d.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
03780b71b12461d407fc351d7dea02ab6717344d45a248f0d959bd66df98bf87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Tue, 10 Oct 2023 00:49:51 GMT
server
nginx
etag
"65249faf-d5aa"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
54698
Steinbock-49cc17d3.webp
heidiland.com/assets/images/2/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/2/Steinbock-49cc17d3.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
ac9b9c8963beab2889a08a94753f7b384e8f934b5aeead05fffb69df4a70610f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Tue, 03 Oct 2023 03:39:35 GMT
server
nginx
etag
"651b8cf7-6e1e"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28190
E-Bike%20Tour%20durch%20die%20B%C3%BCndner%20Herrschaft-7747b719.webp
heidiland.com/assets/images/d/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/d/E-Bike%20Tour%20durch%20die%20B%C3%BCndner%20Herrschaft-7747b719.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
c9159d6b2937d5b2dc32464e407ab02a76daaef186cf64a9f60718f5e5e92908

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Sat, 14 Oct 2023 02:42:14 GMT
server
nginx
etag
"652a0006-e806"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
59398
Wanderin%20auf%20der%207-Gipfel-Tour%20am%20Flumserberg-e17a1ab7.webp
heidiland.com/assets/images/9/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/9/Wanderin%20auf%20der%207-Gipfel-Tour%20am%20Flumserberg-e17a1ab7.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
1f3506073f7e64ca83e30dc2ab9ab680db088155b4a906146357608a1dbfa0b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Tue, 10 Oct 2023 00:49:51 GMT
server
nginx
etag
"65249faf-5f5c"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24412
Szenische%20Stadtf%C3%BChrung-40d33810.webp
heidiland.com/assets/images/e/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/e/Szenische%20Stadtf%C3%BChrung-40d33810.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
6cd92e30acefa48c35b13f59c0546bbaa1ac433729e9419622f7cf9af1c8dc9b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Sun, 15 Oct 2023 05:37:36 GMT
server
nginx
etag
"652b7aa0-e84a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
59466
Wellness%20in%20Bad%20Ragaz-06b549bc.webp
heidiland.com/assets/images/c/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/c/Wellness%20in%20Bad%20Ragaz-06b549bc.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
16aa2072a5c26bb96a9ed7462d1ea97d93781df96d8d1aa5ccef5a9530697f69

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Fri, 13 Oct 2023 02:23:22 GMT
server
nginx
etag
"6528aa1a-16340"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
90944
Computerformat%204_3-Rheinwelten_Alter%20Torkel%20%282%29-f26e8a5c.webp
heidiland.com/assets/images/b/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidiland.com/assets/images/b/Computerformat%204_3-Rheinwelten_Alter%20Torkel%20%282%29-f26e8a5c.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.231.200.190 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
hosting.tso.ch
Software
nginx /
Resource Hash
419e70bca0c0acc7f0d77d48980c5442de912e47202d7e5a55bfb98be9ae7439

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:53 GMT
last-modified
Thu, 12 Oct 2023 02:18:50 GMT
server
nginx
etag
"6527578a-8e74"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
36468
storage.js
chat.guuru.com/storage/ Frame F6BE 		356 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.guuru.com/storage/storage.js
Requested by
Host: chat.guuru.com
URL: https://chat.guuru.com/storage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10989badc924225dddd733e421d26643189a5b017554fcb5161a18aa57a40e62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:54 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e49ff43b2b66e75bed0595a913d3305"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTlNkNv6vAbXOt6fE4Nrc2FDgwcHMTNwbdBq1G2AHtobEy7wDmYByeHplm7bxdtKHQLJ7wXpRBXd7kOUPpmZM8oBMY%2FJHHGQcfl3JnNpomw6JDDuaWIh4xuMaQ%2BTN1TPN7Jeeim1grZBGKRF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=0
cf-ray
816c2206bb855a25-MXP
alt-svc
h3=":443"; ma=86400
config.js
static.guuru.com/partners/heidiland/loader/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.guuru.com/partners/heidiland/loader/config.js
Requested by
Host: static.guuru.com
URL: https://static.guuru.com/loader/v1.0/chat.min.js?_=1697415590156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad48da9c7d04b1d9e97bd289c1921b21c29955e1a9e6fb22864991587ae372d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:54 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdslFyL7Zpincl3FW1fVp58Ngpi6o03PjFmg0PgyVrH3VzsnfjRmCmmIf4THfaV8SJuzmWcngXyADM5mEbh_ceRt_g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 16:10:26 GMT
server
cloudflare
etag
W/"9eb693d7a6ca7e5ebe7cdc0c52740b8e"
vary
Accept-Encoding
x-goog-generation
1690474226421997
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=T2h6eA==, md5=nraT16bKfl6+fNwMUnQLjg==
access-control-expose-headers
*
cache-control
private,max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpiE67rmI3KN6819NxmZpy0%2B0DS5F3%2BD3omikpvrJiln3Q6Z1YJiZi4jh5s2kEjqMiYlyIymP3ArkvTgoafiiyvXQurrCcadnZvkYy203L60CzvlPEHx6MwwdyVXCAyDxcxp1LMGBJ1I40UziW4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
6132
cf-ray
816c2207081cbb11-MXP
expires
Mon, 16 Oct 2023 00:19:54 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R8RBFL040X
Requested by
Host: static.guuru.com
URL: https://static.guuru.com/loader/v1.0/chat.min.js?_=1697415590156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3afdfed7efaad3fb46e4003c90111d9133913f8f5d67630c8a22df7c70064b4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80854
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:54 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R8RBFL040X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSNS54
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3678df669bbd63353dd670d9b0ebb395f412d9b07987ff6a7cd71206268c096f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:19:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:19:54 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R8RBFL040X&gtm=45je3ab0&_p=1487387950&gcs=G111&npa=1&gdid=dMWZhNz&cid=2010297474.1697415591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fuser%3Achat-loaded&sid=1697415594&sct=1&seg=0&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&dt=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&en=page_view&_fv=1&_ss=1&_ee=1&ep.locale=de&ep.partner=heidiland&ep.chat_category=&ep.event_category=chat_loader&ep.viewport_size=1600x1200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8RBFL040X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R8RBFL040X&gtm=45je3ab0&_p=1487387950&gcs=G111&npa=1&gdid=dMWZhNz&cid=2010297474.1697415591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697415594&sct=1&seg=0&dl=https%3A%2F%2Fheidiland.com%2Fde%2F&dt=Ferienregion%20Heidiland%20%E2%80%93%20Urlaub%20in%20den%20Bergen%20der%20Ostschweiz%20-%20Ferienregion%20Heidiland%20%E2%80%93%20DE&en=chat_button_shown&_c=1&_ee=1&ep.event_category=chat_loader&ep.event_action=chat_button_shown&ep.non_interaction=false&ep.locale=de&ep.partner=heidiland&ep.chat_category=&ep.viewport_size=1600x1200&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8RBFL040X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:19:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heidiland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
12357463.fls.doubleclick.net
URL
https://12357463.fls.doubleclick.net/activityi;src=12357463;type=web;cat=pagev0;ord=1694575544772;u1=%2Fde%2F;gtm=45He3ab0;gcs=G111;epver=2;~oref=https%3A%2F%2Fheidiland.com%2Fde%2F?

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| $ function| jQuery function| CP object| dataLayer object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot function| __tcfapi object| CookieConsent number| CB_jQueryHoldReadyStarted function| sm_format_twitter function| sm_format_twitter2 function| sm_format_twitter3 function| relative_time function| ssc_init function| ssc_scrollArray function| ssc_wheel function| ssc_keydown function| ssc_mousedown function| ssc_setCache function| ssc_overflowingAncestor function| ssc_addEvent function| ssc_removeEvent function| ssc_isNodeName function| ssc_directionCheck function| ssc_pulse_ function| ssc_pulse function| onYouTubeIframeAPIReady function| uncamel function| setUnit function| setFilter function| isTouchSupported function| debounce function| onScrollSliderParallax number| ssc_framerate number| ssc_animtime number| ssc_stepsize boolean| ssc_pulseAlgorithm number| ssc_pulseScale number| ssc_pulseNormalize boolean| ssc_keyboardsupport number| ssc_arrowscroll boolean| ssc_frame object| ssc_direction boolean| ssc_initdone boolean| ssc_fixedback object| ssc_root object| ssc_activeElement object| ssc_key object| ssc_que boolean| ssc_pending object| ssc_cache function| ssc_uniqueID boolean| ischrome object| ytp function| getYTPVideoID string| nAgt function| getOS undefined| nameOffset number| verOffset number| ix undefined| start undefined| end object| portfolioUrlHashMatches undefined| hash undefined| regexp boolean| requesting function| killRequesting object| SEMICOLON function| jRespond function| Instafeed function| Stellar function| JQClass function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| imagesLoaded function| Swiper function| ResizeSensor object| toastr function| moment object| lazySizes object| CookieConsentIABCMP object| CookiebotCMPControl object| iabbundle object| google_tag_manager object| google_tag_data object| CookieConsentDialog string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| Getback object| GetbackConfig string| gb_ls function| startGetback function| gb_getItem function| gb_setItem function| gb_removeKey function| gb_getCookie function| gb_conversion function| gb_optOut function| gb_trigger function| gb_getVar function| gb_optout function| gb_tag function| gb_pool function| gb_check_pool function| gb_check_tag function| gb_disable_push function| gb_enable_push function| gb_translate function| gbAskPermission function| gb_push_widget function| gb_push_lastsale function| gbAjaxSubmit function| GetbackDOM function| gb_selector function| gb_parse_cart function| gb_parse_links boolean| isGetback_hkaVB string| gb_lang object| GetbackUser undefined| _gb_new_lang_id object| _gbdata object| _gb_settings boolean| isClosing object| mouseover number| hasOpenLayer number| hasChangedTitleTag object| last_mouse_position number| pageload_date number| max_cookie_age object| _layer_features boolean| gb_has_push_support boolean| gb_is_push_subscriber function| gb_send boolean| getback_loaded string| AppCartCountUrl number| curTime number| day string| url function| hj object| _hjSettings undefined| istimeforuserlike number| CB_OnTagsExecuted_Processed function| Guuru object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| guuru function| gtag function| addEventListenerBase

25 Cookies

Domain/Path Name / Value
heidiland.com/ Name: csrf_https-contao_csrf_token
Value: U_z5jztl_c-C7ec6F95tWR39SCN85FrB7P78S2n4Nps
heidiland.com/ Name: CookieConsent
Value: {stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:2%2Cutc:1697415590553%2Ciab2:%27%27%2Cregion:%27CH%27}
.heidiland.com/ Name: _gcl_au
Value: 1.1.686034203.1697415591
.heidiland.com/ Name: _gid
Value: GA1.2.942265902.1697415591
.heidiland.com/ Name: _dc_gtm_UA-8043867-1
Value: 1
.heidiland.com/ Name: _ga_01WN1W9EZZ
Value: GS1.1.1697415590.1.0.1697415590.60.0.0
.heidiland.com/ Name: _ga
Value: GA1.1.2010297474.1697415591
.heidiland.com/ Name: _ga_TSN6Q9JQ10
Value: GS1.1.1697415590.1.0.1697415590.60.0.0
.heidiland.com/ Name: _ga_8RNXX9KVS0
Value: GS1.1.1697415590.1.0.1697415590.60.0.0
.tiktok.com/ Name: _ttp
Value: 2Wp3FUei8yI02BPDzBa9G7wVCwj
.doubleclick.net/ Name: IDE
Value: AHWqTUmUdvqK_jOExVPDGxX71BcI0ulSiX8e5XpQIdkOgVM6H_ph8h-B2j1vZdMZ
.heidiland.com/ Name: _fbp
Value: fb.1.1697415590916.1693145833
.heidiland.com/ Name: _tt_enable_cookie
Value: 1
.heidiland.com/ Name: _ttp
Value: NrOLM8haO8ZvdkW79dlFZWJrkzj
.heidiland.com/ Name: _gbs
Value: %7B%22hkaVB%22%3A%22a9770979ccd347f8af8de7ef436269ef%22%7D
.heidiland.com/ Name: _gbc
Value: %7B%22hkaVB%22%3A%22ce550ae8a6c34505beeadea51617d7dd%22%7D
.heidiland.com/ Name: _gb_lh
Value: %7B%22hkaVB%22%3A%22heidiland.com%22%7D
.heidiland.com/ Name: _hjFirstSeen
Value: 1
.heidiland.com/ Name: _hjIncludedInSessionSample_1754695
Value: 1
.heidiland.com/ Name: _hjSession_1754695
Value: eyJpZCI6IjJmYWRjNTdlLTNlYWUtNDQwYi05ZDJlLTFhYmVhMjcxY2JhMiIsImNyZWF0ZWQiOjE2OTc0MTU1OTIxMTIsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.heidiland.com/ Name: _hjSessionUser_1754695
Value: eyJpZCI6IjhmN2RlNmNlLTkzN2EtNWJkNC1iZjEwLWQ1NjJlMmQwODExMSIsImNyZWF0ZWQiOjE2OTc0MTU1OTIxMTEsImV4aXN0aW5nIjp0cnVlfQ==
.heidiland.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.heidiland.com/ Name: _gb_views
Value: %7B%22hkaVB%22%3A2%7D
heidiland.com/ Name: guuruGa_ga
Value: GA1.1.2010297474.1697415591
heidiland.com/ Name: guuruGa_ga_R8RBFL040X
Value: GS1.1.1697415594.1.0.1697415594.0.0.0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12357463.fls.doubleclick.net
adservice.google.ch
adservice.google.com
analytics.tiktok.com
cdnjs.cloudflare.com
chat.guuru.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
geissenleasing.ch
googleads.g.doubleclick.net
heidiland.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.getback.ch
static.guuru.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.getback.ch
www.google-analytics.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
12357463.fls.doubleclick.net
13.32.27.54
134.119.0.177
142.250.186.70
172.217.18.2
18.172.226.50
18.172.226.91
2.19.96.249
2001:4860:4802:32::36
2606:4700:20::681a:f46
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c03::9d
2a02:26f0:480:d::210:f150
2a02:26f0:ab00:4a0::f09
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
46.231.200.190
52.48.140.7
52.58.210.34
007b9aa4dc9940c38cc6036fa27744ceb8e48eed42ef3ac4829fe6caa1202c45
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
03780b71b12461d407fc351d7dea02ab6717344d45a248f0d959bd66df98bf87
0416d839426651de600eec8c9f76e35694ef05ec0589acaa7cfd92298ed4c188
054b7bc9207a7680dc2c2c4baac32fa0e1e75335a9652e944a89ae8398ce5069
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
077b7b6e1ba61f072d98392a864c4f412d3f8cc1690bf0e1d5eb1c3ee414358b
09d39f49d4cdbed981f59d7c21ce058f68777b7b25f6d60e2f07a0ad1d8b68ac
0a08e09da699822bb0a3b41bd2800c3877f0148d0c1ccecb8bbe59cd6c317473
0c73891322be8964d3ba912a896c9555d0a8dc9a638401b3f1741b4097c1684d
10989badc924225dddd733e421d26643189a5b017554fcb5161a18aa57a40e62
12d6c218fe8a300ee98d6acb85ebfd9d08d53b4febc4f1571d8a900c8fdeae2b
1309dc23dcd04dd98895563315c141ad27b4d1470270fcfac09cbb4a72ee3e33
16aa2072a5c26bb96a9ed7462d1ea97d93781df96d8d1aa5ccef5a9530697f69
1768230cfcabe24e8d33f6a0092265d15dfb85c4b58a9f6257580d97fcdd0a09
186b939100aaaac1b099984a22c28c1d8843e3d7fca658ffbd91a9487ee17359
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e340aa9db245dd1d03ed572c2655c863e5c748845304b2accd622433db6c276
1ec9d2222fcfbefc3582353fadc1776bafed5bb659ef9b86dc8caccd753d2946
1f3506073f7e64ca83e30dc2ab9ab680db088155b4a906146357608a1dbfa0b9
247c9c7cecb01a7cf8376689b56bdd5fe8e548900d809e41694b3ffa951cca81
34e5e2561e569549ea7c179bde3c7d5ac9d6e05c246003c4fdd6f24bc26ef403
35088627931271fb5158dda2e139dceec2ba0d2e7313a0cd72eae01cfdbd39ba
3678df669bbd63353dd670d9b0ebb395f412d9b07987ff6a7cd71206268c096f
3863f27ca285534e79b82a76277ca65899377f528af5df0fa56ce526c09828f7
3a9f5342893705b95cf6afa7303df92efa94c546a0715fb9577e570f68955a49
3afdfed7efaad3fb46e4003c90111d9133913f8f5d67630c8a22df7c70064b4e
3b96305ed481f9f54f479c6eaed5426c591cc11a512296c37624de44bdd661d2
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
419e70bca0c0acc7f0d77d48980c5442de912e47202d7e5a55bfb98be9ae7439
4642a7829a20324787795cb039788ce6403cd098c6fd1861a54778a8814f0522
47c03f416eae2102271a939fe7283d56986bb0df9c711a359fe6c76e7b7e8fa2
48374dd01ef259aa458e21dcc387c02c205e8c1f59ef161f5e31434f0eaabfb9
4e5a90f9afa7c09c0d5fbb92de72b2356445b99e1cf1126502081e365c188acb
4f6bfb27f8eac39b667b0d59452cabccfbf85c5cfbaaa342bc8e9356d009d230
54f4c33087b29fc96a9de1af8621a081e27bab0baa5f69b27bf37a534f0b58b9
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
5d455e72f644a0aa6f89080f8be41d98f958e917b11a8f42b7a788b64ae76629
5d5761dbede9a44c22e392eee7ed4af23e273bbf6b1c444a2ebda14d740d5360
620da347bf733bdc440275a7d8aed5f5a00dcdbe76e16fd6ed08ee3d95ff7463
667589a89cfea75817df5755619a87435a83e283eaeb79334c10467a1bca5f6a
66b780668774f8dcf70d497506fc3e719506a2ebaec629e32d47612c1f4c1c3f
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6cd92e30acefa48c35b13f59c0546bbaa1ac433729e9419622f7cf9af1c8dc9b
6d5768ebfbbe4754cda8f077aa765f5b0f462e1dc7e2937f48c44b9c390bb527
6fe04cc16e4da41a7438043be893b3999fdf5a80d96de925f19d52a8f1a0b190
72b4d5bd6a2eacfa3a11fe450ca05cc7d2a2c6378a025d2b45dba1cc9973646e
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7a382da7d88be8e967fb35e6de20e87b2bab51ecd0ff595b14018ae371dccbbb
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b76e136d52d7dde92ad7fd8c2150395e37384dd6757e6deda6cca4bf355d087
7b87bbc93a42bbb5236109b92506251486a87009abdc5107a2cd8839b826c208
811fb3e1699642a4d9a1e61faff7b36984bbd53652fecf4cb4b7aa6cad0d7b4b
83ac9e239fde558f5d88ce17d3c9ff70f016285b31925cc7cf199142c8f65c2b
895137038a2b6b7c399a438d130680ccbc5dc515664d3aac7532707b45d62cbe
941a03f50002bcc86786643fe70df5d632e11948dffb121e0ef8aa9cbaf58026
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
a295ea05903029e280a3c2e04d0f71de39c1ecf3156bfc0f84606ca3c54c9ce2
a2dc595b3cb3f4cebcbb894f8e68ad157c04fbb540fdd081e44c9cb1b17d8259
a2f4de345bb91c75f4944e29abafd45ba1f14e1c6e92694605569d1d994faf1d
a616a74103c4952ccb8ab88782f9062b3304853f5eedce1a43807912d5c19bfe
ac9b9c8963beab2889a08a94753f7b384e8f934b5aeead05fffb69df4a70610f
b4287603382042861ca92a984c71bc63ac184a26e166e0b201f12f444bcf0206
b8d1a27f9878c0c2a4f47e31a45db23da4f8f6ef1ab91de7e69e3fafb2f44e8a
bad48da9c7d04b1d9e97bd289c1921b21c29955e1a9e6fb22864991587ae372d
bbcb2ac1c49d3840748713fd50332eec364c15f8ce30156836a1e5a4bd578c04
bec7427848c4f13d1d0d8b4c0362ef4b109350ea28410d74a157feb1af003025
c50a36bc2f639f12752211a41c4c1f8608f393c2b9c386e840a00c2605ac81b6
c54cc923c53a3ae7b6125d87d732de9f27cfc7b603b92b52f0d796022c5b82ea
c9159d6b2937d5b2dc32464e407ab02a76daaef186cf64a9f60718f5e5e92908
d228ced2877c3ce9c52944dfc76c821048bb30107b524e283411f3c0c3c2fb68
dac09156b94d2b3570d5ce45f56f9b9c2dfa86b79c43c4cd850152ed829c58ff
dd45a822bd9d378dc2399cbacb60f26a3fa1fdd19a58557e5902e626da88f365
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd7604fda2c790a88968673935a6c6eaae37f1e9d69351fe9647e504dbcb5d7
ec907d5b3a3dcc07da42758076671ef1e1717dc9ceb42907c58925fd2c70bd5f
ecfd1c35d3c7957ed053b922fd6f2ee58778fd6390201d1cde7dd724a75f223c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a1829755506438734fb14f0f41e6eb3dc98198113d6afaa43d0c262a5cb557
f88f992baedffbe4fb89fc3a84784c5387af25abe81d6abeb93ed2e23daeb6e0