www.heidi.com Open in urlscan Pro
2606:4700:20::ac43:45b2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.skizoom.com/
Effective URL:
https://www.heidi.com/
Submission: On December 14 via automatic, source certstream-suspicious (December 14th 2022, 3:59:22 pm UTC) — Scanned from DE

Summary HTTP 79 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2606:4700:20::ac43:45b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heidi.com.
TLS certificate: Issued by E1 on October 31st 2022. Valid for: 3 months.

This is the only time www.heidi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:605e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:44e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700:20:... 2606:4700:20::ac43:45b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	151.101.192.233 151.101.192.233	54113 (FASTLY) (FASTLY)
4	2.20.132.162 2.20.132.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.17.127 108.138.17.127	16509 (AMAZON-02) (AMAZON-02)
7	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
1	34.199.127.187 34.199.127.187	() ()
1	2600:9000:20e... 2600:9000:20eb:2800:10:8536:c280:93a1	() ()
79	21

1 2606:4700::6810:605e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.skizoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

skizoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::ac43:45b2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.heidi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.233 (United States)

ASN54113 (FASTLY, US)

td.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
custom.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.20.132.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-132-162.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-127.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.127.187 (None, )

ASN- ()

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2800:10:8536:c280:93a1 (None, )

ASN- ()

fonts.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	heidi.com www.heidi.com	612 KB
10	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4849	65 KB
8	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2904 fonts.intercomcdn.com	540 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 792	101 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	66 KB
3	yieldify.com td.yieldify.com — Cisco Umbrella Rank: 22078 custom.yieldify.com — Cisco Umbrella Rank: 29989	131 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 643 script.hotjar.com — Cisco Umbrella Rank: 811 vars.hotjar.com — Cisco Umbrella Rank: 936	73 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 371	12 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2210 api-iam.intercom.io	9 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	112 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	158 KB
2	skizoom.com 2 redirects auth.skizoom.com skizoom.com	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6041	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	441 B
79	16

	Domain	Requested by
32	www.heidi.com	www.heidi.com custom.yieldify.com
10	widget.trustpilot.com	www.heidi.com widget.trustpilot.com
7	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
4	analytics.tiktok.com	www.heidi.com analytics.tiktok.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.heidi.com bat.bing.com
2	www.facebook.com	www.heidi.com
2	td.yieldify.com	www.heidi.com td.yieldify.com
2	connect.facebook.net	www.heidi.com connect.facebook.net
2	www.googletagmanager.com	www.heidi.com www.google-analytics.com
1	fonts.intercomcdn.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	www.heidi.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	custom.yieldify.com	td.yieldify.com
1	static.hotjar.com	www.googletagmanager.com
1	skizoom.com	1 redirects
1	auth.skizoom.com	1 redirects
79	23

This site contains links to these domains. Also see Links.

Domain
help.skizoom.com

Subject Issuer	Validity	Valid
*.heidi.com E1	`2022-10-31` - `2023-01-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.yieldify.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.heidi.com/
Frame ID: 337B3C2CBB2358DB938948E8E0944F5D
Requests: 63 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770
Frame ID: FA8F5B78F49973A6F093B1BCD7A8CF2E
Requests: 5 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=6278f879ff1459f2c6e34770
Frame ID: 71DB08C00017B186440FA7767D53604A
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: C671C5A99E520E9A8A9F45E8E61FB3FF
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.60c16743.js
Frame ID: 1281469EBDA2B5D8D5FB1649D926A4AE
Requests: 8 HTTP requests in this frame

Frame: https://fonts.intercomcdn.com/messenger-m4/proximanova-regular.woff
Frame ID: 238F7AC9C1957C98447D5A12FB6AE790
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ski Holidays - Heidi - Let's GoLayer 1Layer 1Layer 1Layer 1

Page URL History Show full URLs

https://auth.skizoom.com/ HTTP 302
https://skizoom.com/ HTTP 301
https://www.heidi.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

79
Requests

99 %
HTTPS

59 %
IPv6

16
Domains

23
Subdomains

21
IPs

3
Countries

1881 kB
Transfer

6038 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://help.skizoom.com/en/
Title: Help Pages

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.skizoom.com/ HTTP 302
https://skizoom.com/ HTTP 301
https://www.heidi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heidi.com/
Redirect Chain

https://auth.skizoom.com/
https://skizoom.com/
https://www.heidi.com/

154 KB
36 KB

128ms
75ms

Document
text/html

2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d5cbdac589332184e933130bafb2c3d4855225fc5a5d898489592c01663e23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7798254cecf9bbd3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 14 Dec 2022 15:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsmtW%2BRr6hYtoV%2BaqtOtSM7GcHKAIgFkAVka1B%2F%2FHl4Ug3k6z4sTthQnlML6tp1muQ7hYG7l5URVlkEm7%2FPTh2SHkQXFWdwrWOHF1Gd59DGbmdRSNRAhIVDdo0vX2GPbGXjov63gO3EDRRw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-nextjs-cache: HIT

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7798254bacbabb50-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 14 Dec 2022 15:59:15 GMT
location: https://www.heidi.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzUIYGgIK1qxS3wtXmHcFIEN5sCNK4iKbrwVxRh0M5s927dVTeDEjiv%2B98XtugH%2FmUPYmcnamlQyDhHtH4gYHH%2Bp68TJy4fpz2rd3UJI%2FFNxeb8VncTAZBP0sKaH0ZrdKbBX9dYFyRfp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000

GET
H2 200 image
www.heidi.com/_next/ 198 KB
199 KB 25ms
24ms Image
image/webp 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heidi.com/_next/image?url=https%3A%2F%2Fa.storyblok.com%2Ff%2F150663%2F4000x2667%2Ff3ab2941fa%2Fzell-am-ziller-ski-resort.jpg&w=1920&q=75

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2ea1c54c276f1af8f76f0a77d2ac69ca8163905e3ecf6891c7c0de3ffe3565

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-security-policy: default-src 'self'; script-src 'none'; sandbox;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10367
x-nextjs-cache: STALE
content-disposition: inline; filename="zell-am-ziller-ski-resort.webp"
content-length: 203022
server: cloudflare
etag: -S6hxUwnbxr4928Kd9KsacqBY5BePs9okcfA3j-+NWU=
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BwQDKrFUoSHk7JpJ1oaN2ac5bWBP1j4tQfzJYv0ItqZNnGuQaW9I1VQvfbRprb%2BWDc1m98jiEjRBrVPBVopb0KljWWH2%2Fx4Y1qijZ0Vb5hK4hyIMM8TfU5YUu3sDH6k3GPj5ftIFXMVPNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2678400, must-revalidate
accept-ranges: bytes
cf-ray: 7798254d6e28bbd3-FRA
expires: Wed, 11 Jan 2023 11:54:54 GMT

GET
H2 200 deff46e802a8546d.css
www.heidi.com/_next/static/css/ 36 KB
8 KB 56ms
55ms Stylesheet
text/css 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7164994cef79a468ae165d031924aae20fd76594d5e02a894bc4243975b09490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11353
etag: W/"8f0d-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1Rjc5eugI7V5g%2BPkkC0Kasww0X6ECxmEdzTpwhCC7aW66smDboeWZhJyMZ%2BW1o4rBLRXxg%2BgxYG8HMHb2TYbX85dF8mJE2ZJR9RLwWPIiuPjmKrtzofyWJcu0dwJCZGGQkoRUi2GCv83kA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 7798254d6e2bbbd3-FRA
expires: Tue, 13 Dec 2022 11:54:20 GMT

GET
H2 200 c3554930095c50ea.css
www.heidi.com/_next/static/css/ 10 KB
4 KB 56ms
56ms Stylesheet
text/css 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/css/c3554930095c50ea.css
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d4838b6c7a0c57fc5345d9075e4f6dbc86f67a2425d1fa7e1e920f9f1d1922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185751
etag: W/"284b-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsQuZ8Bv%2FuxfWqO2mJpqrOptkS8WU6wbmBmsNAqQWSs52jkxiCDgXzfb2UDc%2FMFKhps8Q2FLt40c%2By3RoNoTKdjmQnFb2Wkm1dd8%2B0KYf936yEvxJiJ%2BttDQYwSnImYA79vO1vi653SWYvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 7798254d6e2ebbd3-FRA
expires: Tue, 13 Dec 2022 11:54:23 GMT

GET
H2 200 webpack-3f833ee2eb010414.js Show response
www.heidi.com/_next/static/chunks/ 5 KB
3 KB 50ms
46ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/webpack-3f833ee2eb010414.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f6d4b8c0b7520b7385bc5a1dbe6b8ba4def15b3e571c4aaa862bfd7cb5e169f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 14:59:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11352
etag: W/"158e-1850bff7c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EStzs%2BPZ0DjMyHNhlFJqVg9U2UKL7gLtOe%2Bxua0uDvkKY8y2l0uL%2B8USizCn6ih0rzODmU3PulwtJ%2BfYaKwAZOnwkcyuXClTWcx0USMcDyKbTJQomqO12YCX5tmo0COu%2BrnmfRNTDmTFMbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d8e80bbd3-FRA

GET
H2 200 framework-93b89dc25365d5c7.js Show response
www.heidi.com/_next/static/chunks/ 127 KB
42 KB 60ms
56ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/framework-93b89dc25365d5c7.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b114b0bbc2d83c65f6a4408083f214d028f53bda15adbc117ecd492a9142d980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"1fbd2-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlM8WGpV1OeFAdQ3C%2Bs%2FdGXMusuXrE5knyrYvA5lhbrZd7P8ieSY4BUIQjrST%2FmeObMtkss6SWYbMJ0bPdVkTJXZ79rtWx5dKOb3KmScsa6qKB5gdP7jIi2z0DRDHo7RtHLVuYBnV9KvRC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e84bbd3-FRA

GET
H2 200 main-25a9b2a68b47f739.js Show response
www.heidi.com/_next/static/chunks/ 104 KB
31 KB 57ms
53ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/main-25a9b2a68b47f739.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375f632f180ac339a743d5fa51e72fbbb0f0465569d796143cf71334e183938c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"19ef7-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvMBio%2F0NTGxxZo0nifj99T4jkkvCwMO9Is8QqZQfjjHZ9%2BoF%2BWyKy1whWpZyIw%2F3ZSuAU9lVI%2FoNstvaG80q9AUSndZDYVuKAcbBcN6JDZE9ooxOsJ6TuJVvXwJ5%2BfkKvZkY7B564KOAtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e87bbd3-FRA

GET
H2 200 _app-d67f6bdd77f41cb3.js Show response
www.heidi.com/_next/static/chunks/pages/ 92 KB
28 KB 81ms
77ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/pages/_app-d67f6bdd77f41cb3.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88c124b79646233a01e9abb2d3e4bb3847f35e13f2f7086aec29194ac89a550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"16f3d-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op9%2Bf08YedXPiKIll3XgquYGw0B4IPzkzgS8O8cMUGEeXX%2FSrNZpR6SmKP631u9wtJWSOVLc209e16ObC96o0fsvZ8kS7htTkfuv%2FlJlTLvtG0o8yfjrSD8WcHvUTzFfNb8%2Fx3z0KNjwrAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e8abbd3-FRA

GET
H2 200 9594-4f0d6ec8281cd3af.js Show response
www.heidi.com/_next/static/chunks/ 11 KB
4 KB 86ms
83ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/9594-4f0d6ec8281cd3af.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86de1c1fa071885514bd93b96bcdc6490fd25e22e7e2366966fad8f7a547a507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"2a82-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvzXfuYTblwUkac7NovbJhYZh9EVraTGxLCqGefIC5BkIVVQTlk4itL4hfZfFQI0PIMdkubrLcirkUN%2BqHmsvK8Q%2F1riXGTTr%2FXI8lm0bZGEXDA7rZ1uUWakM5MCdcVNChxM63YzFPkEoYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e8cbbd3-FRA

GET
H2 200 721-96b43feb0d88ce2d.js Show response
www.heidi.com/_next/static/chunks/ 82 KB
27 KB 51ms
48ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/721-96b43feb0d88ce2d.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c62043d4066ef6d7d12bb49a2833f5799da678aa1b8df6ba348a92a9b7148c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78461
etag: W/"14658-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOk1I%2Bfkby56qrFz%2BRL52BzbK5GOkMsc6Urq51lgXBOTOhRw938GjtkonBUx%2F6EVpcEXqrVV%2BNNl1xEEfmYmWMINpHCraOuwDPVJnSl456eDKqR%2ByUXx44OusLetMu%2Bl28cigk7L%2BLCr0Oc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e8ebbd3-FRA

GET
H2 200 5675-d9b6a58f1395448d.js Show response
www.heidi.com/_next/static/chunks/ 10 KB
4 KB 58ms
54ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/5675-d9b6a58f1395448d.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef52d585d7ac164219056be3cb1f8fdeaf601133877142b24f4a27d0c11bb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11350
etag: W/"2658-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfQEQcvEZyA9HUeETgpWYvONOKPf9LcOCQqETYhTAawpl8RCfohf%2F4IsluQ3l7AedsVZEVxllmkkWa0AneCBS0kmrmHCb43KKvKKrHL7HnZe5h5EVUQecihTs7wACyfrPf1ALQVmIZHQrgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e90bbd3-FRA

GET
H2 200 8700-7063679cabbf1fe7.js Show response
www.heidi.com/_next/static/chunks/ 30 KB
10 KB 50ms
47ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/8700-7063679cabbf1fe7.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df559c9abced5dd075c61e546dc2c53cf1da3a0d96b274a5510f97f8ebce3466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11350
etag: W/"771a-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpVvZNPAotFwGFWPsf3LD%2FrM9i9UMg%2BuRNIaQD8Q%2FLj7Xcu0pZC3Z3nHBy%2FQeJFntd8pw03UAVQaNCsJF0v2z7aGE%2F1%2BmGv0A6U%2FlmI1mDTBm4NDYFgfE9MDSlARVZ79Og1YIqRbHGI7b0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e93bbd3-FRA

GET
H2 200 912-fc62ff099416a66c.js Show response
www.heidi.com/_next/static/chunks/ 64 KB
17 KB 31ms
28ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/912-fc62ff099416a66c.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced0c376d5332882ed05d3017ce488c3bdb010f71e36112bec97f1878b76c2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78461
etag: W/"1014f-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VOzZ89LvLsyCyYVmv3QCNHGtANhuMvRPsosycR51KyoFAhcD6t5VV%2FNIrjV3pMlZz8uipTmd17xK9CDHXyS9kcRSeAtieYLZdMf1gYaU1Iwv6sgRqWqKBYECj5daqMp%2FnYApREsu%2FWZHps%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e96bbd3-FRA

GET
H2 200 9235-5fa9d77eec455024.js Show response
www.heidi.com/_next/static/chunks/ 29 KB
10 KB 55ms
52ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/9235-5fa9d77eec455024.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23908840dd80a4fbb972956364cf9b25091359a6e2aef57630e2a92b6c6adfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"73b9-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSTyx9SVlasYOto2CxhEP5VxOZjW0mvEuXEIhBfBk19zSJi9IzaVvfIDVOQTTknrgJ%2BP97NqFLXY3vqoslJWzoAC8W4xyrIK8WJ1yH6LMjeGGuLTCYlrGkZYaF2sgLb4AGfvL746A4Pw8mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254d9e98bbd3-FRA

GET
H2 200 5098-78d3843788d9840d.js Show response
www.heidi.com/_next/static/chunks/ 100 KB
32 KB 73ms
70ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/5098-78d3843788d9840d.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123d7fa1b4da9d509d1313b3702151c3b1fafb28137451ed8d64e08e6de6be8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 14:59:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78461
etag: W/"191b8-1850bff7c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYJqg00pR4cQ4%2BWPsJjFJaRTtSXEU%2BDN7SpdLg9gcGC3D2xKCgLJFtQ%2BJULH7cSilPtBoA%2B%2BdfAoYzk7NEyZads%2BwKcMy4a6S7ULQOgaUVsaVRV9dGARc6a91T58Fo5iM%2BtaXvR5NSCbItU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daeb5bbd3-FRA

GET
H2 200 7904-4a880c2c667c80c3.js Show response
www.heidi.com/_next/static/chunks/ 11 KB
5 KB 61ms
58ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/7904-4a880c2c667c80c3.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55491efe3a3d60569fa38cef67261b706f5115f6cfffc93955eb798aa5c56de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"2d44-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7AOJEiUpeLPCQwUlqLvZ939js%2FMZiSpUXu5G14o2cW08sDWywT77vXKGn1KS05j3Nn42cuZxm27%2B%2Bq0yFd1fK4PiIKpQjCxbAdMAH%2BSf1iC5hRX5YZBJZsYN5NZCCaS9dGiDQxC0zDSu6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daeb8bbd3-FRA

GET
H2 200 9810-f4d80cfdd1d1cad9.js Show response
www.heidi.com/_next/static/chunks/ 18 KB
7 KB 74ms
71ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/9810-f4d80cfdd1d1cad9.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2edf900a7159493111499aaaaa4855faf3311e251da6c09ff0ebc0cc7c72c539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11349
etag: W/"469d-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Enr2OTWof7S9%2BEdzXzgVk9MaaGT%2FNdjd5n9iywN9Ilw32x%2FTFQQtL6av2mgxGoROAKi7nJaoOENd%2BSZTGxTiB7w0OaI%2FHCuMM1DWBiYLpTNAwuYC3sF%2BrtznPX9kkGgtkEsOtWkyVz0ul38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daeb9bbd3-FRA

GET
H2 200 3976-df2ea16b79ff8027.js Show response
www.heidi.com/_next/static/chunks/ 18 KB
6 KB 72ms
69ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/3976-df2ea16b79ff8027.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903659dbdc9cd421b339ad11c3d3cf010ce0a5ea1a63b22fb1fb5baac94cbdca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185772
etag: W/"48ac-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4RS%2Folu3QXlLcWn381kGZyc8MCw1r%2BcHcrRZ%2Bev2nk0V86vX9gGWqS9870%2B69tvLzMmr6frCH9tqH%2F40a4RKKTolBbj2LEbaWEp33PyvaiPWhU4xyOlXxgJBm9z9DUiMFndzyD2Mgzbln8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daebbbbd3-FRA

GET
H2 200 index-1da2b3ae77d3c079.js Show response
www.heidi.com/_next/static/chunks/pages/ 12 KB
5 KB 90ms
88ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/chunks/pages/index-1da2b3ae77d3c079.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775e2f3986d567b9ec7d1e5778ce7cdaf67283b44fa78048bda49a610a9bd877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11349
etag: W/"2f7f-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2C52w%2FWUTcCZtwBctpmUVN5ODiNqHZ7GqYraqDkLklv56tCCP5IBmsk4uTdETQfyzD9CkuCKaqpHkn7E%2Bg7%2FufgiIqkgdiWwgKdkUC3keTX6ilABKTgtRBR%2FP2khpnZxKHWxnZ%2FwkTdV1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daebebbd3-FRA

GET
H2 200 _buildManifest.js Show response
www.heidi.com/_next/static/JenPVfqehWmJLtISLqork/ 4 KB
2 KB 77ms
75ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/JenPVfqehWmJLtISLqork/_buildManifest.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45ae6b5e8dd2062c4a1fb3780b9e59641f64045d72f1fa76dd4a046524173d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 14:59:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11349
etag: W/"fac-1850bff7c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQZ3JgGUaJIU0QIdK8kKLc8Lp2lWJfCaZ9hKf1h98H2c0EJTuyxOTy5EFkR6t8Ny2hyY8fvlneL4z1lptfofEgEaaBWvJlZh%2BzsFDFHn8Wh3U7OJN7%2BQNNj6CsIqt7ffq4xR8ysBbwUJD6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daec0bbd3-FRA

GET
H2 200 _ssgManifest.js Show response
www.heidi.com/_next/static/JenPVfqehWmJLtISLqork/ 358 B
545 B 66ms
64ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/JenPVfqehWmJLtISLqork/_ssgManifest.js
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c4ac764a0a3899c242c2e31ae7bb9f5dca5b2c6c02b7b9f89bfb51f6aa3921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 14:59:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78461
etag: W/"166-1850bffbea0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xqvTwwRvSQwW7e7KcSCDgLBExkh49JQ5p2hBXjQGcB%2BLSei141IXiSL9r4qh%2FuQWCEYc7Ocl89c2004Qi7f3kqh6NW7NecetHAzrDqTLKXdNisL3D%2BmbeYHc47egHE%2Bxl%2F2sI8NXx9uAJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7798254daeccbbd3-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
83 KB 145ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPPV952

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68caf486bc6c8a3e3870d844d49d35b3ca59c78f5e077a810d5598c236ef0ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84695
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 15:59:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 61ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 14 Dec 2022 15:59:15 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1DC9FEDA7EF49349FD4BA7995306BE6 Ref B: FRAEDGE1714 Ref C: 2022-12-14T15:59:16Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2434584e5610064b6c2e3d3c5f33643dfc68ac76a7cfc29b9bb5912233a2d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34df1c5eb18e26977aff89b8428e19fc94c62fd3e183219f1abec65ce3161b52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 email-decode.min.js Show response
www.heidi.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heidi.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 12:08:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639719b1-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sn7rvjni46xjcae4vJcKfua0tC8sLSPOUig77jmsM3nrq%2FoumdNwSziIxxSQnq04yeNCLeqERH%2B9eldVpgCVYsZ7iA3pENcZA6gmRbVmls6JBhOA8lSWQ9QM3tkIprllARybu1jcO0IYD8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7798254daecfbbd3-FRA
expires: Fri, 16 Dec 2022 15:59:16 GMT

GET
H2 200 Beatrice-Semibold.woff2
www.heidi.com/fonts/Beatrice/ 36 KB
36 KB 124ms
123ms Font
font/woff2 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/fonts/Beatrice/Beatrice-Semibold.woff2
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8245d21cd422390965a23c14a72d37336563b2e7d090be5865c7e7874cbedf

Request headers

Referer: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Origin: https://www.heidi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 13 Dec 2022 14:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8f9c-1850bf8f458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYedTpbCb3Gsyg%2F73Rsx7grSQSCfutSD4AXyrbGW23c%2FE438gcmBVS6DlDDBzNDVAhdDszgbOH%2Bnnb%2F1cVLoLQ%2B1AMkiJeBl4xEpnpSyBCQuFPELVhjUoXEy9uQhNhjMjvZHggJSFRZ3v0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7798254ddf1ebbd3-FRA
content-length: 36764

GET
H2 200 Beatrice-Regular.woff2
www.heidi.com/fonts/Beatrice/ 37 KB
37 KB 148ms
148ms Font
font/woff2 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/fonts/Beatrice/Beatrice-Regular.woff2
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0cbfae9ae714a295f2ae15b551a5ea932337c8810a98d78d45a4171e5e3757

Request headers

Referer: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Origin: https://www.heidi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 13 Dec 2022 14:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9290-1850bf8f458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbjmGeeZGQCSiR9GLRzAt8%2FIY%2BDnSR3PN0Pk6wWJIsIFrsN6lsgDfx%2Bau%2FZ0rgL7nrTF1MicF3ec0zhGmonQ4lyJWnUDQtGtP982O8N%2Bf1%2FTysP1bfLgawOuNW9D7gs3KEOfIenn4NXUqYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7798254ddf24bbd3-FRA
content-length: 37520

GET
H2 200 font.woff2
www.heidi.com/fonts/JessiNeueMedium/ 47 KB
47 KB 77ms
77ms Font
font/woff2 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/fonts/JessiNeueMedium/font.woff2
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9914437b7334cd600e41ea8076b29d4e4e105f9a066dd5a48193039572021306

Request headers

Referer: https://www.heidi.com/_next/static/css/deff46e802a8546d.css
Origin: https://www.heidi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 13 Dec 2022 14:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"baa4-1850bf8f458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B%2BsP2hRpKF3oyDqvk%2FGc5KgVUYryb8fswJGJ6QyGvlmynNImW7TF70BofFjBjH67B3CiLqvN849qYrNIYjSIKIuN%2BNr3I8mWXNiaMg5Uty8a%2BtArWnp%2FwucISlx9HNTzDwSUmC2otspPY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7798254ddf29bbd3-FRA
content-length: 47780

GET
H2 204 52012301.js Show response
bat.bing.com/p/action/ 0
118 B 124ms
122ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52012301.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 14 Dec 2022 15:59:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 384A664EB33E44EB9DF525327315F0DF Ref B: FRAEDGE1714 Ref C: 2022-12-14T15:59:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52012301&Ver=2&mid=552c46a9-fc11-4a2a-81a4-ce3e6703a640&sid=42bc9af07bc811ed8bb8f54693b1ef41&vid=42bcbb007bc811eda4a67784507d5289&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ski%20Holidays%20-%20Heidi%20-%20Let%27s%20Go&p=https%3A%2F%2Fwww.heidi.com%2F&r=&evt=pageLoad&sv=1&rn=102333

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Dec 2022 15:59:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB05F9AC2D264F4194809955FD0EF59F Ref B: FRAEDGE1714 Ref C: 2022-12-14T15:59:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 36ms
7ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/_next/static/chunks/main-25a9b2a68b47f739.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 04:46:05 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 40392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ftyrbODsNZOm1hcwZFktlgKrXFGp6jiBbjLt5qG7qDuFoE8Q5aXzhA==

GET
H2 200 session Show response
www.heidi.com/api/auth/ 2 B
535 B 79ms
79ms Fetch
application/json 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/api/auth/session
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/chunks/9594-4f0d6ec8281cd3af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bwc9mymkdm2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koNRszIw6zFXaRzrTg%2FduDt4w3NAkgkGpS0mI%2BOisMHwH0AJLKsdOXnl9DcB1uYKw5fO5LK5G6lfEzE4NRmkxDygMDeHeKOJ2MiJwEwe48Uhk1Khtdblr1bvG48xbXmVtRukRKDm%2FhGfBig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7798254e8895bbd3-FRA
content-length: 2

GET
H2 200 index.json Show response
www.heidi.com/_next/data/JenPVfqehWmJLtISLqork/ 8 KB
3 KB 102ms
102ms Fetch
application/json 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/data/JenPVfqehWmJLtISLqork/index.json
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/chunks/main-25a9b2a68b47f739.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5c3cbbfccea15dc09fed14fd377b1136dd5725255c7785d541527fe594a4fa

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://www.heidi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
x-nextjs-matched-path: /
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ulnrwrjec61p"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nR1YuwBM5839Sw1PP9eSCkx0BgnmWbasl%2B%2B1eHf%2FHeLNBY2ll4fO89ziPYa8izdcTNhRBGgNd0e4Ca2ihxWWGlkVpjhNIFbY3S0jn5lyOIoiUyXfkCQSTOJRTEhK4U0L6Lc0kITwjwcL9sI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-nextjs-cache: HIT
cache-control: s-maxage=60, stale-while-revalidate
cf-ray: 7798254ee982bbd3-FRA

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame FA8F 8 KB
3 KB 9ms
9ms Document
text/html 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36303
cache-control: max-age=86400
content-encoding: gzip
content-length: 2109
content-type: text/html
date: Wed, 14 Dec 2022 05:54:14 GMT
etag: "991f71c8583c65f71143c6e83300ea2e"
last-modified: Tue, 04 Oct 2022 10:32:17 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id: 9B67XAiPHLy_lRSduRqammf6PUcRlHjvKemtTxa7TLh0SfLlxrtUzw==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 71DB 14 KB
4 KB 9ms
8ms Document
text/html 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=6278f879ff1459f2c6e34770

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70592
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Tue, 13 Dec 2022 20:22:45 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Tue, 04 Oct 2022 10:24:57 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id: k_BBH_U5NO8CRzwf8tS9V71P5NoJFGA4Zv3iNopheYfwQ6YFIIOsuQ==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 119 KB
46 KB 130ms
50ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PKC3F8D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPPV952

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f86b4fd919463d55487df2b8eb335f215c625bdc4a7751e7d6ac3647fbb2b87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:59:16 GMT

GET
H2 200 hotjar-3202073.js Show response
static.hotjar.com/c/ 8 KB
4 KB 85ms
40ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3202073.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPPV952

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

39e2e5a71b08fdd04fb0eef8a9c292f3688a1b97f62eb3c3db96b69e037dc97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/7127a65166eb39a670a82e2325b3ad0a
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: obuwu3ASLhrN7X35L9fZaWTFfRtxdifMh_0fWhmwcFwpFl7NIpa-Zg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 26ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 15:59:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27320
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Z+/r55xHsicEQt3o5QARuw+waf/jd1AYoHNUT/+jcMaxYVdpN6m2qKgnX4q+3PzjCfV1aDmr8bbT7dajj3tvWg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 code.js Show response
td.yieldify.com/yieldify/ 265 KB
53 KB 42ms
11ms Script
text/javascript 151.101.192.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://td.yieldify.com/yieldify/code.js?w_uuid=ffb93252-1f59-4cfd-8462-0da07c5a4bcb&k=1&loca=https://www.heidi.com/

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7189b28bdea1498d4c96afd5cae3dd93768361db3415ff91ce9ceac532533c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:59:16 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
x-device: desktop
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220069-HHN
content-length: 53706
last-modified: Wed, 14 Dec 2022 15:04:23 GMT
x-timer: S1671033556.367188,VS0,VE2
etag: "435505f55f65970e4c4e1a9f1af8ded1"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 171ms
121ms Script
application/javascript 2.20.132.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDVMRERC77UFHEHJEIR0&lib=ttq
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.132.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-20-132-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ed6dbf9f9cd64f579d8a0a9e05c56b92c992c445768a1d1ef3b18413139b9e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 30103307
date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-20-132-49.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=110
content-length: 1447
pragma: no-cache
server: nginx
x-tt-logid: 20221214155916398180A8546F2F681202
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 110,2.20.132.49
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d78c3e11002834d303fcf283eb55a9f7a4dac28deb8bc3c0dfcaa5630a977ec947513da666a0d5e18afaf1cb9bc26e369147df6827c0f19f7d6799b3cded34a3
expires: Wed, 14 Dec 2022 15:59:16 GMT

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame FA8F 52 KB
16 KB 10ms
10ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

80cf4d4a0fa7dfd8ce546e188fb709b48200951ce93bfc8d3918510c4818f380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 60843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16226
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 10:32:18 GMT
server: AmazonS3
etag: "be304360d5bd0cba7648033665b08a45"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Qn4n45KiJUBcFrdpHu51rVwNDd1pIKHXDQwPkwox_i14Q25A2puQxA==

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 71DB 108 KB
30 KB 8ms
8ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=6278f879ff1459f2c6e34770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

64fee55dbfb407c1fd13837da9212e0b9851677272b288012193432e851ddd87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=6278f879ff1459f2c6e34770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 01:15:37 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 53026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29756
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 10:24:58 GMT
server: AmazonS3
etag: "5b76b943a9533254775b33e002b1c884"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: DiLKdUrdx1Yp87XeFZ_zvgzJKRyPm7BX_DECRfbgjcUUIbzhXo5Hew==

GET
H2 200 1277518249454333 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 195ms
194ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1277518249454333?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

860438950bcc2f0fd634ec1f46ad61bc693c38052de0b4e48a887e99fd1ad035

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 15:59:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ysZVHakIgQT1Xoin2dK4ppv+mjbkRiJY+CEgJ7+A6PuWJx1aXCjnUAoamIGrvDXn4nYUTMtLLPuwvrhHbuokQQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5406e65db0d04a09e042d5fc Show response
widget.trustpilot.com/trustbox-data/ Frame FA8F 949 B
872 B 14ms
13ms XHR
application/json 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5406e65db0d04a09e042d5fc?businessUnitId=6278f879ff1459f2c6e34770&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

c89ba68243aa811fca8cfc3bc7a9cad6c24b8dbede808275bf79ab016a9cadaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:57:04 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 131
x-cache: Hit from cloudfront
content-length: 443
x-xss-protection: 1; mode=block
server: Kestrel
etag: "353f42d24781ae20b4432cd61afc8fc6"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: J4Xfr2FRdcK1EhQCjHCenK25LvIPkZuwGeOYdFut5cFB9Iql5bZ0fw==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame FA8F 0
323 B 42ms
41ms XHR
text/plain 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=28px&styleWidth=150px&theme=dark&textColor=%23fff&url=https%3A%2F%2Fwww.heidi.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=6278f879ff1459f2c6e34770&widgetId=5406e65db0d04a09e042d5fc

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: iM-xzE7ILXZpOHnKPc3aESAZQj8F_Y1iKdHQOeS5z0rYKqP_1aHwjg==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame FA8F 0
323 B 39ms
38ms XHR
text/plain 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=en-GB&styleHeight=28px&styleWidth=150px&theme=dark&textColor=%23fff&url=https%3A%2F%2Fwww.heidi.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=6278f879ff1459f2c6e34770&widgetId=5406e65db0d04a09e042d5fc

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=6278f879ff1459f2c6e34770
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: 4xscyhSRQSjgiWHLM-qNoqNZLCLNfy1-pI_jLGJ9itH4TUKeIDBbNw==
x-xss-protection: 1; mode=block

GET
H2 200 53aa8912dec7e10d38f59f36 Show response
widget.trustpilot.com/trustbox-data/ Frame 71DB 12 KB
5 KB 10ms
10ms XHR
application/json 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=6278f879ff1459f2c6e34770&locale=en-GB&includeReviews=true&reviewsPerPage=15

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

48a166464f567ec8a6d9102b2f823ab72278470bb22bffb4a3e3a072439554a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=6278f879ff1459f2c6e34770
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Dec 2022 15:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
age: 1470
etag: "b688fbe10a592844d981929071115d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: YGtu06tHt67zAAD0fkcUrPoGVn19bhuZPi1wnPXRCjwbxX3rgS54dg==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 71DB 0
322 B 54ms
54ms XHR
text/plain 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=130px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.heidi.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=6278f879ff1459f2c6e34770&widgetId=53aa8912dec7e10d38f59f36

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=6278f879ff1459f2c6e34770
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: xrLzulgnrKi2USmY5eWoDeSdPnMEYWhDs6FLI4IeZdPS-Dwc6155Kg==
x-xss-protection: 1; mode=block

GET
H2 200 c3554930095c50ea.css Show response
www.heidi.com/_next/static/css/ 10 KB
4 KB 48ms
48ms Fetch
text/css 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/_next/static/css/c3554930095c50ea.css
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/chunks/main-25a9b2a68b47f739.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d4838b6c7a0c57fc5345d9075e4f6dbc86f67a2425d1fa7e1e920f9f1d1922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185751
etag: W/"284b-1850622f380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXEtop%2F%2BPV6sCaivVL%2F%2BEo8sCSxM8YSfG22btwH6PolP3C9V%2FyGd4h9X%2Fjp4XWTLvQMkWWNacqIzXJ7QWQNPQ3%2FK967FMWHIRJBwFvA43AMHERdI6R4HqULPfE2ci5rZjX3vlTMCPhj07tU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 7798254f6ae1bbd3-FRA
expires: Tue, 13 Dec 2022 11:54:23 GMT

GET
H2 200 bundle.js Show response
custom.yieldify.com/v1/100584/100930/bd4dc4b5af/ 41 KB
12 KB 166ms
158ms Script
text/javascript 151.101.192.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://custom.yieldify.com/v1/100584/100930/bd4dc4b5af/bundle.js

Requested by

Host: td.yieldify.com
URL: https://td.yieldify.com/yieldify/code.js?w_uuid=ffb93252-1f59-4cfd-8462-0da07c5a4bcb&k=1&loca=https://www.heidi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f3b01fc0c7169181cd5bdeada62431c788dabf091609ce1ae3c74a0868cb5f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:59:16 GMT
via: 1.1 varnish
x-amz-request-id: NVR2590AAQQ153QB
age: 0
x-cache: MISS
content-length: 12210
x-amz-id-2: dporce6B0bTYH9i1D+teplq8W+jLyDv98Atw6rMi4AZteSZew+YMR5cDD9yKkQffqRnGNnFS/hA=
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220069-HHN
last-modified: Wed, 14 Dec 2022 15:01:29 GMT
server: AmazonS3
x-timer: S1671033556.471088,VS0,VE133
etag: "52631f8d21c4744cd0604cca6ad2ccee"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, public
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main-web-worker.js Show response
td.yieldify.com/0.0.1/tag/1.305.0/ 241 KB
66 KB 23ms
7ms Fetch
text/javascript 151.101.192.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://td.yieldify.com/0.0.1/tag/1.305.0/main-web-worker.js

Requested by

Host: td.yieldify.com
URL: https://td.yieldify.com/yieldify/code.js?w_uuid=ffb93252-1f59-4cfd-8462-0da07c5a4bcb&k=1&loca=https://www.heidi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

289126473b7eb385e21d4fd56f3e4d6962a0c276a3b838062eda01cd4fa02d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:59:16 GMT
via: 1.1 varnish
age: 534408
x-cache: HIT
x-device: desktop
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220039-HHN
content-length: 67333
last-modified: Thu, 08 Dec 2022 11:31:16 GMT
server: AmazonS3
x-timer: S1671033556.463787,VS0,VE0
etag: "71af367f702d8b7b9d12faafbfd6e6fe"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 11930

GET
H2 200 modules.e446dd48ad4c173d0779.js Show response
script.hotjar.com/ 263 KB
68 KB 36ms
8ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e446dd48ad4c173d0779.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3202073.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 14:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 91750
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68690
last-modified: Tue, 13 Dec 2022 14:30:02 GMT
etag: "e594ec8e48bfdcd811b3aa8ce1ff2044"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 0uwxNvOM5kLjpATUHnVsckdqIA5YET7gIiAplY7p06k-axnTjFW7FQ==

GET
BLOB 200
OK df747222-4046-4808-b2b1-de34c0229552
https://www.heidi.com/ 241 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heidi.com/df747222-4046-4808-b2b1-de34c0229552
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 289126473b7eb385e21d4fd56f3e4d6962a0c276a3b838062eda01cd4fa02d94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 246899
Content-Type: application/javascript

GET
H2 200 main.MWI5ZjkwYWMwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 248 KB
68 KB 9ms
9ms Script
application/javascript 2.20.132.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDVMRERC77UFHEHJEIR0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.132.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-20-132-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81d9b8c783c89f06c8a538482842a9e68d79a105014b824522bc6de6b536ab59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 3010338e
date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2022121314062736D375BD3F6F74275FB6
vary: Accept-Encoding
x-cache: TCP_HIT from a2-20-132-49.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016303e1b3b183f985e28f10aee0da4f65156d4434d625261b3c703903917057ce52d098bb901a3310187b92f83cd46e09b86203f22c5d8d15ba6656937913acf6901970747ea72e5b43aa8730f12d3eea
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 68554

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
35ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPPV952

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 17:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 126ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8QXCX6T2R1&l=dataLayer&cx=c

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/optimize.js?id=GTM-PKC3F8D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ada263fbdef1eb60a899a616e803301cab7dd6f0a090788ef9bc745c2d61c28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:59:16 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame C671 2 KB
1 KB 34ms
7ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3202073.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.heidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1824550
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-id: ObfdHAdKFMd01e5XigifhnLjqC4jebpvymzLHuTUyr7d8ReAh8HX-Q==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 identify_a213e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 15ms
15ms Script
application/javascript 2.20.132.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_a213e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.132.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-20-132-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 301033dd
date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2022121314053936D375BD3F6F742755EC
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-132-49.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010768da96b727b882256448423e47a4dad403ce3477765a6b637e88a6b304ae30084ebd96b9ea89e7a4d2821f40b5ce2c9f21c9df9024791e4ecfdcb4549f70f09e2a79b3654a1c8fd56f949397cb5b00
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30831

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
545 B 126ms
126ms Ping
application/octet-stream 2.20.132.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.132.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-20-132-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heidi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
x-akamai-request-id: 3010340d
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20221214155916F3F64FDE11507E68A93C
x-cache: TCP_MISS from a2-20-132-49.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,2.20.132.49
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d78c3e11002834d303fcf283eb55a9f7b22ac05c0d2a716ba7115a5a4a4c521c9b91cc5f83d429471a4364ffeb70658c81fa4c3cf91e3336f7a729a21650fe77
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=4, origin; dur=107
content-length: 0
expires: Wed, 14 Dec 2022 15:59:16 GMT

GET
H2 200 favicon_original.svg Show response
www.heidi.com/ 1 KB
1022 B 51ms
50ms Fetch
image/svg+xml 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/favicon_original.svg
Requested by: Host: custom.yieldify.com
URL: https://custom.yieldify.com/v1/100584/100930/bd4dc4b5af/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd982d0f88ad7328f94a35663340ee4b2d04f236da89255154a45893a364d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 13 Dec 2022 14:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4ff-1850bf8f458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4hw8jhozBcwycTXSfGjpGYxv347eOdR48ULatTIRRqoKn%2BgMWWUfR%2FMy3xTgTvGZGOnGgA511hDFw7dmtXfIq5m%2Br3ZlWpSA5DxFDUxiG364240T%2BxUVun24nH37xPCD8NrV8xG44QPeeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 779825513f09bbd3-FRA

GET
H2 200 favicon-32x32.png Show response
www.heidi.com/ 905 B
1 KB 45ms
44ms Fetch
image/png 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/favicon-32x32.png
Requested by: Host: custom.yieldify.com
URL: https://custom.yieldify.com/v1/100584/100930/bd4dc4b5af/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e30e6341d25005ce3dba421d9acd47a0ec93f3c24d64513ef9200250b973f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:35:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185770
etag: W/"389-185061e6770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBsbWVH60QfacGSRb5TM4JPjE%2F3y2YfqWSCKtQIRyIUFQYbjzkcuLrZJ7u5Qv%2BXYF5wV2QOSX%2F2fGfeDr9i95ZmUP7e2NHQu%2BcECc70WCCFwChDJIVrQ3D1v2zfDfscDrCpGFEorjvTS0Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 779825513f0bbbd3-FRA
content-length: 905
expires: Fri, 10 Feb 2023 11:54:23 GMT

GET
H2 200 favicon-16x16.png Show response
www.heidi.com/ 467 B
938 B 44ms
44ms Fetch
image/png 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heidi.com/favicon-16x16.png
Requested by: Host: custom.yieldify.com
URL: https://custom.yieldify.com/v1/100584/100930/bd4dc4b5af/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02b676513eef4831f6380446184bb1aacd689e7be74cd6fade71897702d2976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 11:35:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 185770
etag: W/"1d3-185061e6770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV%2BJ%2BevahGf3%2FFOclBMwYSK1tgSaEfCwgrNpC01IepxPqZrxoBVAKmON%2FdOXzA66uvJSUqyuaV64dT62N0la3%2FUoL4z63xQBfnD1eE4Wu20DMY6NU95nyhcGYhH28MWi%2Bke4fcjQsbMOyk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 779825513f0ebbd3-FRA
content-length: 467
expires: Fri, 10 Feb 2023 11:54:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 42ms
42ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1668958305&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heidi.com%2F&ul=en-us&de=UTF-8&dt=Ski%20Holidays%20-%20Heidi%20-%20Let%27s%20Go&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=313231406&gjid=970621072&cid=919785595.1671033557&tid=UA-124156486-1&_gid=1700256984.1671033557&_r=1&gtm=2wgbu0PPPV952&z=1762829132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heidi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heidi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 108ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8QXCX6T2R1&gtm=2oebu0&_p=1668958305&cid=919785595.1671033557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671033556&sct=1&seg=0&dl=https%3A%2F%2Fwww.heidi.com%2F&dt=Ski%20Holidays%20-%20Heidi%20-%20Let%27s%20Go&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QXCX6T2R1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heidi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon_original.svg
www.heidi.com/ 1 KB
942 B 50ms
50ms Image
image/svg+xml 2606:4700:20::ac43:45b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heidi.com/favicon_original.svg
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd982d0f88ad7328f94a35663340ee4b2d04f236da89255154a45893a364d7e

Request headers

Referer: https://www.heidi.com/
Origin: https://www.heidi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:59:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 13 Dec 2022 14:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4ff-1850bf8f458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwYR%2B6JLcm9g5Z1m34ddRsnh7TZ64h3WploClENYu4970RezF4C%2B4NkBRdTRu355rINMD7ZRVpAkyXlbmw%2F0DtEwiwdCr%2Fezuehpi09pxYuyn7Pwqf91ujqdcK8bylMURAVcJ1g7r9d9Wp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 779825519ff1bbd3-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-124156486-1&cid=919785595.1671033557&jid=313231406&gjid=970621072&_gid=1700256984.1671033557&_u=YEBAAEAAQAAAACAAI~&z=1186479067

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heidi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 15:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heidi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1277518249454333&ev=PageView&dl=https%3A%2F%2Fwww.heidi.com%2F&rl=&if=false&ts=1671033556748&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671033556747.2056904138&it=1671033556378&coo=false&exp=a0&rqm=GET

Requested by

Host: www.heidi.com
URL: https://www.heidi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 15:59:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 146ms
62ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-124156486-1&cid=919785595.1671033557&jid=313231406&_u=YEBAAEAAQAAAACAAI~&z=706086827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 148ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-124156486-1&cid=919785595.1671033557&jid=313231406&_u=YEBAAEAAQAAAACAAI~&z=706086827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 17ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1277518249454333&ev=Microdata&dl=https%3A%2F%2Fwww.heidi.com%2F&rl=&if=false&ts=1671033557251&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ski%20Holidays%20-%20Heidi%20-%20Let%27s%20Go%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_GB%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Ski%20Holidays%20-%20Heidi%20-%20Let%27s%20Go!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fa.storyblok.com%2Ff%2F150663%2F5943x3967%2F1f86287223%2Ffravo_w_loicbouchet-avoriaz1800_1.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Heidi%22%2C%22image%22%3A%22https%3A%2F%2Fwww.heidi.com%2F_next%2Fimage%3Furl%3Dhttps%253A%252F%252Fa.storyblok.com%252Ff%252F150663%252F3738x2103%252F0a76c914fe%252Fskizoom_photography_skiier-in-snow.jpg%26w%3D2048%26q%3D75%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.heidi.com%2Fstatic%2Fheidi.svg%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heidi.com%22%2C%22telephone%22%3A%220117%20457%206000%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Ftwitter.com%2FHeidiHolidays%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fheidi.holidays%2F%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fheidi.holidays%2F%22%2C%22https%3A%2F%2Fwww.tiktok.com%2F%40heidi.holidays%22%5D%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22streetAddress%22%3A%2236%20King%20Street%22%2C%22addressLocality%22%3A%22Bristol%22%2C%22postalCode%22%3A%22BS1%204DZ%22%2C%22addressCountry%22%3A%22United%20Kingdom%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671033556747.2056904138&it=1671033556378&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 15:59:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 m0d6vw7y Show response
widget.intercom.io/widget/ 18 KB
7 KB 58ms
11ms Script
application/javascript 108.138.17.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/m0d6vw7y
Requested by: Host: www.heidi.com
URL: https://www.heidi.com/_next/static/chunks/pages/_app-d67f6bdd77f41cb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f2033ac8a8a5e9c5365bd3bbc82c3ed2bdda34196ce05bc7efaed3604114af7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0l_BCNxgWfYmLCz.RCzG4WVh7JdG4UwC
content-encoding: gzip
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 15:46:25 GMT
x-amz-cf-pop: FRA56-P7
age: 776
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6169
last-modified: Wed, 14 Dec 2022 13:10:59 GMT
server: AmazonS3
etag: "a468c8b6bc2cc2fd8a338eef8cf8b5fa"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: MkK-Tk7IrkRq3pIGn_CdHJhQ6in69PuUo__Ft8BONfu3U5G0BdXRwQ==

GET
H2 200 frame-modern.60c16743.js Show response
js.intercomcdn.com/ Frame 1281 461 KB
126 KB 46ms
8ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.60c16743.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/m0d6vw7y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

764a3ff1b9315bd7d629b3ad41e47d72d51da5a2ffbcd3eea133698d5d8c5413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: JMNBfjQueitzrHveJtrtwSdyHDzmH8qk
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 15:11:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 128120
last-modified: Wed, 14 Dec 2022 13:09:30 GMT
server: AmazonS3
etag: "ff581b9a2a0995b9deae4dee37b08c12"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: LbcXy6WbB_H6--xQSsRn747Cb13wc0LhI_QoewRkzVYG9-fOGXfAsg==

GET
H2 200 vendor-modern.36ed38c1.js Show response
js.intercomcdn.com/ Frame 1281 236 KB
73 KB 59ms
22ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.36ed38c1.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/m0d6vw7y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4475a08c95b869199ca5bdbc8493bcdb1e5dca212d29d234117c32b32444ba11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4vun2YlxxxLdaoabhH2zQlgl.uLOfhth
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 15:09:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74429
last-modified: Wed, 14 Dec 2022 13:09:30 GMT
server: AmazonS3
etag: "92d069eaabf3b558c0e41c73e56cd888"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: U8eDYIgOAW0KJUD0g0AK_7ZVzvTH8oHX0EP1wJhNln_L6Vm8EnXVvQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 1281 5 KB
3 KB 1627ms
644ms XHR
application/json 34.199.127.187

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60c16743.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.127.187 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

67c17a7b85faad54d93240369fa653dde62acf88717f93eb2395918351943bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Dec 2022 15:59:21 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-02c0cfe17eb72be22
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0000li4pc96v5sih84j0
x-runtime: 0.507168
server: nginx
etag: W/"67c17a7b85faad54d93240369fa653dd"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heidi.com
x-intercom-version: e5d6a975cdae3bd325393f5acbc146c730d8d485
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1671033570
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H3 200 vendors~app~tooltips-modern.4065ae86.js Show response
js.intercomcdn.com/ Frame 1281 503 KB
97 KB 178ms
11ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app~tooltips-modern.4065ae86.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60c16743.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c745312ec1846dea3a139a3de0d59bc7d360c962462bc33a36452825727fc5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: YB_PmsvJR9ysXdNiUyoq3KHcCB.7P_ca
date: Wed, 14 Dec 2022 14:50:47 GMT
x-amz-cf-pop: FRA60-P4
age: 4115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 99354
last-modified: Wed, 14 Dec 2022 12:15:46 GMT
server: AmazonS3
etag: "b0e4ca525c5caf6618a0114ef97e3564"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: zY-9iX-mON0wOP3swUw-7c3E63m938rqrI3e6Qs2JfmDqso1n1slWQ==

GET
H3 200 vendors~app-modern.306521c7.js Show response
js.intercomcdn.com/ Frame 1281 45 KB
13 KB 178ms
12ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app-modern.306521c7.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60c16743.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d7e3458e06a6ff5d3e01ba0d219bd1fd1fd69c6352c4f70f78e2d2df694d0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: qqZUW3Q0BFiH5rl0oOhm6aG6EJGSB41m
date: Wed, 14 Dec 2022 14:50:48 GMT
x-amz-cf-pop: FRA60-P4
age: 4114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12931
last-modified: Wed, 14 Dec 2022 12:15:46 GMT
server: AmazonS3
etag: "321c87bce0ef8ca2da7f26405f32efbe"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: tsZieQUd1egElbV3xITCgCVfd3iDwudKEGjBZ8nOyTlxj4Vs6vVoyg==

GET
H3 200 app~tooltips-modern.70dc5ab1.js Show response
js.intercomcdn.com/ Frame 1281 213 KB
53 KB 178ms
12ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app~tooltips-modern.70dc5ab1.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60c16743.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

360493e0c462238e887eb0ce4ca4e31afcbf356d83b7c96340829af558046178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: Bfne.7vH.vzOjOUKK1fTvXcRfKkt4n0T
date: Wed, 14 Dec 2022 14:50:43 GMT
x-amz-cf-pop: FRA60-P4
age: 4119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 53954
last-modified: Wed, 14 Dec 2022 12:15:46 GMT
server: AmazonS3
etag: "0a651d399b61958295ea86cafa164d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: jyUd2nLKKwrptvby5nSM-P8We7K_Z4JBMB1y6qLzxaCM2pHx-WlwLQ==

GET
H3 200 app-modern.0ace31b9.js Show response
js.intercomcdn.com/ Frame 1281 563 KB
144 KB 174ms
8ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app-modern.0ace31b9.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60c16743.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f3681b57009123d64fd06ed417fc0c1e2fe3e68306c84a556ee90f60ba6126a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: Ru3ecea3PiE6HdLe20rBJlp.Ctz4tYPy
date: Wed, 14 Dec 2022 15:11:21 GMT
x-amz-cf-pop: FRA60-P4
age: 2880
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 147100
last-modified: Wed, 14 Dec 2022 13:09:30 GMT
server: AmazonS3
etag: "c2011d70f802e85b1e4e20245b7576d7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Gvdn0IDzprhdArd0-4vD8XciZFPVoUxKELwMQxmjhGoTF1kY-TTmqA==

GET
H3 200 banner-modern.221b2828.js Show response
js.intercomcdn.com/ Frame 1281 12 KB
4 KB 8ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/banner-modern.221b2828.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60c16743.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c0c63b1e52f3062ba61c3c9d40c3610b84284bfdb8c27d6a290bfa99c5596bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: F3nXQE_j0lGVCBBFe8RByOTxcasnyaxi
date: Wed, 14 Dec 2022 15:19:30 GMT
x-amz-cf-pop: FRA60-P4
age: 2393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3901
last-modified: Tue, 13 Dec 2022 15:36:55 GMT
server: AmazonS3
etag: "54463c29e29e5ad443b62e807a72e8d4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: h2olILfQJCaH5ta5DLaibONpA0QkFi9m9Qpg2Kfy-AtajjIh94vibQ==

GET
H2 200 proximanova-regular.woff
fonts.intercomcdn.com/messenger-m4/ Frame 238F 28 KB
29 KB 87ms
11ms Font
binary/octet-stream 2600:9000:20eb:2800:10:8536:c280:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.intercomcdn.com/messenger-m4/proximanova-regular.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:2800:10:8536:c280:93a1 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Origin: https://www.heidi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 05:52:44 GMT
x-amz-version-id: ebq9pyRY7kszwAwVrH2DKI_ekdqtL0.L
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C1
age: 900398
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 28960
last-modified: Thu, 17 Nov 2022 13:54:45 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: zdXHuOyCuoRyYQeLsYxqiygBqw_-_gN0kfHaGd7RCpJkLjeiESXFdQ==

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.auth.skizoom.com/	1970-01-20 08:10:35	Name: __cf_bm Value: hHmlxSIRtzkyZVXBJg9qnifoteEcY6wH9YGlxMMG1nY-1671033555-0-AWt5XSBRl2jdRv+ZX6dZaIADw/lm0zLQ2liGaEK2ZVk/GcJRakaD3MSd2HbZ+45WoaD2HuSm3u4AMM117KcIxD8=
.bing.com/	1970-01-20 17:32:09	Name: MUID Value: 31F160BEEA25666122CF72C4EB256794
.heidi.com/	1970-01-20 08:11:59	Name: _uetsid Value: 42bc9af07bc811ed8bb8f54693b1ef41
.heidi.com/	1970-01-20 17:32:09	Name: _uetvid Value: 42bcbb007bc811eda4a67784507d5289
www.heidi.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: 93d22239cd831217a422f5d22b478eeb992ab74fe54f124e914c1f18afabb5b9%7C91d5713360ec26ac5ed22676e463378a0b80c7c551846a00cb7880a13aa2c542
www.heidi.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.heidi.com
.tiktok.com/	1970-01-20 17:32:09	Name: _ttp Value: 2IuZiZDHs7oGK9io6cBUL5iO1JO
www.heidi.com/	1970-01-20 16:56:09	Name: _y2 Value: 1%3AeyJjIjp7fX0%3D%3AMTc0OTg2MjMwNA%3D%3D%3A99
.heidi.com/	1970-01-20 17:32:09	Name: _tt_enable_cookie Value: 1
.heidi.com/	1970-01-20 17:32:09	Name: _ttp Value: gvIk-UuXTUSSnKUZd1MHPKCUYTw
.heidi.com/	1970-01-20 08:11:59	Name: _gid Value: GA1.2.1700256984.1671033557
.heidi.com/	1970-01-20 08:10:33	Name: _gat_UA-124156486-1 Value: 1
.heidi.com/	1970-01-20 16:56:09	Name: _hjSessionUser_3202073 Value: eyJpZCI6IjlhMThmMWQ2LTE5NzgtNWFkNC05MzJlLTA3YWI2ZDNjZjE0NSIsImNyZWF0ZWQiOjE2NzEwMzM1NTY1NjYsImV4aXN0aW5nIjpmYWxzZX0=
.heidi.com/	1970-01-20 08:10:35	Name: _hjFirstSeen Value: 1
www.heidi.com/	1970-01-20 08:10:33	Name: _hjIncludedInSessionSample Value: 0
.heidi.com/	1970-01-20 08:10:35	Name: _hjSession_3202073 Value: eyJpZCI6ImM0NmIxNjE0LTc5MjUtNGY0MS1hZTdmLWM0ODk5MmQxZjAyNiIsImNyZWF0ZWQiOjE2NzEwMzM1NTY2ODAsImluU2FtcGxlIjpmYWxzZX0=
.heidi.com/	1970-01-20 08:10:35	Name: _hjAbsoluteSessionInProgress Value: 0
.heidi.com/	1970-01-20 17:46:33	Name: _ga_8QXCX6T2R1 Value: GS1.1.1671033556.1.0.1671033556.0.0.0
.heidi.com/	1970-01-20 17:46:33	Name: _ga Value: GA1.1.919785595.1671033557
.heidi.com/	1970-01-20 10:20:09	Name: _fbp Value: fb.1.1671033556747.2056904138
www.heidi.com/	1970-01-20 16:56:09	Name: _yi Value: 1%3AeyJsaSI6bnVsbCwic2UiOnsiYyI6MSwiZWMiOjUsImxhIjoxNjcxMDMzNTU5NTE0LCJwIjoxLCJzYyI6M30sInUiOnsiaWQiOiI4Njk2NjgzZC00OGEwLTQyZWYtYTgyMi0wNzlhMTc3OWRmYTAiLCJmbCI6IjAifX0%3D%3ALTE4MDY5MDc0ODg%3D%3A99

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-iam.intercom.io
auth.skizoom.com
bat.bing.com
connect.facebook.net
custom.yieldify.com
fonts.intercomcdn.com
js.intercomcdn.com
region1.google-analytics.com
script.hotjar.com
skizoom.com
static.hotjar.com
stats.g.doubleclick.net
td.yieldify.com
vars.hotjar.com
widget.intercom.io
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.heidi.com
108.138.17.127
151.101.192.233
18.66.147.116
18.66.147.43
18.66.97.53
2.20.132.162
2001:4860:4802:34::36
2600:9000:20eb:2800:10:8536:c280:93a1
2606:4700:20::ac43:44e1
2606:4700:20::ac43:45b2
2606:4700::6810:605e
2620:1ec:c11::200
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.199.127.187
52.222.236.122
52.222.236.94
0d7e3458e06a6ff5d3e01ba0d219bd1fd1fd69c6352c4f70f78e2d2df694d0f4
0f5c3cbbfccea15dc09fed14fd377b1136dd5725255c7785d541527fe594a4fa
123d7fa1b4da9d509d1313b3702151c3b1fafb28137451ed8d64e08e6de6be8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
289126473b7eb385e21d4fd56f3e4d6962a0c276a3b838062eda01cd4fa02d94
28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed
2c0cbfae9ae714a295f2ae15b551a5ea932337c8810a98d78d45a4171e5e3757
2edf900a7159493111499aaaaa4855faf3311e251da6c09ff0ebc0cc7c72c539
34df1c5eb18e26977aff89b8428e19fc94c62fd3e183219f1abec65ce3161b52
360493e0c462238e887eb0ce4ca4e31afcbf356d83b7c96340829af558046178
375f632f180ac339a743d5fa51e72fbbb0f0465569d796143cf71334e183938c
39e2e5a71b08fdd04fb0eef8a9c292f3688a1b97f62eb3c3db96b69e037dc97c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475a08c95b869199ca5bdbc8493bcdb1e5dca212d29d234117c32b32444ba11
45ae6b5e8dd2062c4a1fb3780b9e59641f64045d72f1fa76dd4a046524173d90
48a166464f567ec8a6d9102b2f823ab72278470bb22bffb4a3e3a072439554a9
4e30e6341d25005ce3dba421d9acd47a0ec93f3c24d64513ef9200250b973f79
54d5cbdac589332184e933130bafb2c3d4855225fc5a5d898489592c01663e23
55491efe3a3d60569fa38cef67261b706f5115f6cfffc93955eb798aa5c56de7
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
5f2033ac8a8a5e9c5365bd3bbc82c3ed2bdda34196ce05bc7efaed3604114af7
5f3681b57009123d64fd06ed417fc0c1e2fe3e68306c84a556ee90f60ba6126a
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
64fee55dbfb407c1fd13837da9212e0b9851677272b288012193432e851ddd87
67c17a7b85faad54d93240369fa653dde62acf88717f93eb2395918351943bed
68caf486bc6c8a3e3870d844d49d35b3ca59c78f5e077a810d5598c236ef0ab1
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
7164994cef79a468ae165d031924aae20fd76594d5e02a894bc4243975b09490
7189b28bdea1498d4c96afd5cae3dd93768361db3415ff91ce9ceac532533c1d
764a3ff1b9315bd7d629b3ad41e47d72d51da5a2ffbcd3eea133698d5d8c5413
775e2f3986d567b9ec7d1e5778ce7cdaf67283b44fa78048bda49a610a9bd877
80cf4d4a0fa7dfd8ce546e188fb709b48200951ce93bfc8d3918510c4818f380
81d9b8c783c89f06c8a538482842a9e68d79a105014b824522bc6de6b536ab59
84c4ac764a0a3899c242c2e31ae7bb9f5dca5b2c6c02b7b9f89bfb51f6aa3921
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84
860438950bcc2f0fd634ec1f46ad61bc693c38052de0b4e48a887e99fd1ad035
86de1c1fa071885514bd93b96bcdc6490fd25e22e7e2366966fad8f7a547a507
8c62043d4066ef6d7d12bb49a2833f5799da678aa1b8df6ba348a92a9b7148c6
8f6d4b8c0b7520b7385bc5a1dbe6b8ba4def15b3e571c4aaa862bfd7cb5e169f
903659dbdc9cd421b339ad11c3d3cf010ce0a5ea1a63b22fb1fb5baac94cbdca
9914437b7334cd600e41ea8076b29d4e4e105f9a066dd5a48193039572021306
9bd982d0f88ad7328f94a35663340ee4b2d04f236da89255154a45893a364d7e
a23908840dd80a4fbb972956364cf9b25091359a6e2aef57630e2a92b6c6adfa
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
ada263fbdef1eb60a899a616e803301cab7dd6f0a090788ef9bc745c2d61c28e
ae2434584e5610064b6c2e3d3c5f33643dfc68ac76a7cfc29b9bb5912233a2d9
b114b0bbc2d83c65f6a4408083f214d028f53bda15adbc117ecd492a9142d980
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b88c124b79646233a01e9abb2d3e4bb3847f35e13f2f7086aec29194ac89a550
c0c63b1e52f3062ba61c3c9d40c3610b84284bfdb8c27d6a290bfa99c5596bc2
c745312ec1846dea3a139a3de0d59bc7d360c962462bc33a36452825727fc5ca
c89ba68243aa811fca8cfc3bc7a9cad6c24b8dbede808275bf79ab016a9cadaf
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
ced0c376d5332882ed05d3017ce488c3bdb010f71e36112bec97f1878b76c2c2
d0d4838b6c7a0c57fc5345d9075e4f6dbc86f67a2425d1fa7e1e920f9f1d1922
da8245d21cd422390965a23c14a72d37336563b2e7d090be5865c7e7874cbedf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df559c9abced5dd075c61e546dc2c53cf1da3a0d96b274a5510f97f8ebce3466
e02b676513eef4831f6380446184bb1aacd689e7be74cd6fade71897702d2976
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6dbf9f9cd64f579d8a0a9e05c56b92c992c445768a1d1ef3b18413139b9e54
eef52d585d7ac164219056be3cb1f8fdeaf601133877142b24f4a27d0c11bb59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f3b01fc0c7169181cd5bdeada62431c788dabf091609ce1ae3c74a0868cb5f1a
f86b4fd919463d55487df2b8eb335f215c625bdc4a7751e7d6ac3647fbb2b87f
fd2ea1c54c276f1af8f76f0a77d2ac69ca8163905e3ecf6891c7c0de3ffe3565

www.heidi.com Open in urlscan Pro 2606:4700:20::ac43:45b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

59 %IPv6

16 Domains

23 Subdomains

21 IPs

3 Countries

1881 kBTransfer

6038 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heidi.com Open in urlscan Pro
2606:4700:20::ac43:45b2 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

59 %
IPv6

16
Domains

23
Subdomains

21
IPs

3
Countries

1881 kB
Transfer

6038 kB
Size

21
Cookies

79 HTTP transactions
3 data transactions