www.orellfuessli.ch Open in urlscan Pro
104.16.91.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://finki.ch/
Effective URL:
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Submission: On May 17 via api (May 17th 2024, 1:13:58 am UTC) from CH — Scanned from CH

Summary HTTP 210 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 22 domains to perform 210 HTTP transactions. The main IP is 104.16.91.18, located in and belongs to CLOUDFLARENET, US. The main domain is www.orellfuessli.ch.
TLS certificate: Issued by Thawte TLS RSA CA G1 on August 30th 2023. Valid for: a year.

This is the only time www.orellfuessli.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.10.114.133 176.10.114.133	51395 (AS-SOFTPLUS) (AS-SOFTPLUS)
43	104.16.91.18 104.16.91.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	104.16.4.2 104.16.4.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700::68... 2606:4700::6812:17de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
19	2a01:4f8:10a:... 2a01:4f8:10a:3016::1001	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.2.184 104.17.2.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
2 3	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:214... 2600:9000:214f:cc00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:893::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	95.100.146.16 95.100.146.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	80.89.210.220 80.89.210.220	8758 (IWAY) (IWAY)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
7	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
1	2600:9000:20e... 2600:9000:20eb:1e00:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.75.234.246 54.75.234.246	16509 (AMAZON-02) (AMAZON-02)
1	88.99.70.226 88.99.70.226	24940 (HETZNER-AS) (HETZNER-AS)
210	31

1 176.10.114.133 (Zurich, Switzerland) 1 redirects

ASN51395 (AS-SOFTPLUS, CH)
PTR: cp3.hostmax.ch

finki.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 104.16.91.18 (None, )

ASN13335 (CLOUDFLARENET, US)

www.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 104.16.4.2 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:17de (United States)

ASN13335 (CLOUDFLARENET, US)

images.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a01:4f8:10a:3016::1001 (Germany)

ASN24940 (HETZNER-AS, DE)

mycliplister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.3.184 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.132 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:cc00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:893::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.146.16 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-16.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 80.89.210.220 (Zurich, Switzerland)

ASN8758 (IWAY, CH)

chat.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

9327407.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.48.120.130 (Simonsberg, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemaxserver.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1e00:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.234.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-234-246.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.70.226 (Aachen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.226.70.99.88.clients.your-server.de

es40.mycliplister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	thalia.media assets.thalia.media — Cisco Umbrella Rank: 238476 images.thalia.media — Cisco Umbrella Rank: 255361 ga.thalia.media — Cisco Umbrella Rank: 454470	2 MB
51	orellfuessli.ch www.orellfuessli.ch chat.orellfuessli.ch	496 KB
20	mycliplister.com mycliplister.com — Cisco Umbrella Rank: 83011 es40.mycliplister.com — Cisco Umbrella Rank: 349792	3 MB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	4 KB
7	usemaxserver.de www.usemaxserver.de — Cisco Umbrella Rank: 202824	211 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 9327407.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 159	3 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	155 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 902	5 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	14 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	111 B
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 4500	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	294 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	72 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 911	22 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 31932	64 B
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 9001	154 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 8854	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4588	13 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	248 B
1	finki.ch 1 redirects finki.ch	138 B
210	22

	Domain	Requested by
69	assets.thalia.media	www.orellfuessli.ch assets.thalia.media mycliplister.com
43	www.orellfuessli.ch	www.orellfuessli.ch assets.thalia.media
19	mycliplister.com	assets.thalia.media mycliplister.com
16	images.thalia.media	www.orellfuessli.ch
8	chat.orellfuessli.ch	www.googletagmanager.com chat.orellfuessli.ch
7	www.usemaxserver.de	www.dwin1.com www.usemaxserver.de
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	analytics.tiktok.com	www.orellfuessli.ch analytics.tiktok.com
4	ct.pinterest.com	s.pinimg.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.google.com	2 redirects
3	challenges.cloudflare.com	1 redirects www.orellfuessli.ch challenges.cloudflare.com
3	www.googletagmanager.com	www.orellfuessli.ch www.googletagmanager.com
2	www.facebook.com
2	9327407.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.orellfuessli.ch connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google.ch
2	stats.g.doubleclick.net	www.orellfuessli.ch
1	es40.mycliplister.com	mycliplister.com
1	lantern.roeye.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	lantern.roeyecdn.com	www.dwin1.com
1	ad.doubleclick.net
1	snap.licdn.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	region1.google-analytics.com	www.orellfuessli.ch
1	ga.thalia.media	www.orellfuessli.ch
1	finki.ch	1 redirects
210	31

This site contains links to these domains. Also see Links.

Domain
assets.thalia.media
www.oft.ch
bookcircle.orellfuessli.ch
www.trustedshops.ch
de-de.facebook.com
www.instagram.com
www.tiktok.com
www.youtube.com
www.pinterest.de
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.orellfuessli.ch Thawte TLS RSA CA G1	`2023-08-30` - `2024-09-23`	a year	crt.sh
*.thalia.media Thawte TLS RSA CA G1	`2023-12-20` - `2025-01-05`	a year	crt.sh
images.thalia.media Cloudflare Inc ECC CA-3	`2023-07-29` - `2024-07-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
mycliplister.com R3	`2024-03-24` - `2024-06-22`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
chat.orellfuessli.ch DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-27` - `2024-10-23`	a year	crt.sh
*.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
usemaxserver.de R3	`2024-04-28` - `2024-07-27`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.ch WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.mycliplister.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-26` - `2024-08-25`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Frame ID: 06952E5F511906565FA5364E4F620816
Requests: 210 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/id8jt/0x4AAAAAAAGScWG5hN6qjtSf/light/normal
Frame ID: A0F8D229CA505BC5A5EF47C53559B635
Requests: 1 HTTP requests in this frame

Frame: https://9327407.fls.doubleclick.net/activityi;dc_pre=CPWTsfnAk4YDFRtNQQId-UUPNg;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;ps=1;pcor=2042118250;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub
Frame ID: 2E18DE2A56AD6BD2A97E650F81EB797F
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: EED70E0F36F6B3E10767C18C880A3A3C
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&iframe=1&cbt=1715908408&k0=0&w=1600&h=1200&ci=IHVzbV91bV9ydD01NTE2NDgyMjI1JnxlMWY0M2M=
Frame ID: F08795A9A0BFD6B68393BD72ECA2D6D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kinderclub | Orell Füssli

Page URL History Show full URLs

https://finki.ch/ HTTP 307
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

210
Requests

95 %
HTTPS

45 %
IPv6

22
Domains

31
Subdomains

31
IPs

7
Countries

5663 kB
Transfer

8983 kB
Size

42
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://assets.thalia.media/base/AA-Sonstiges/2023/CH/KinderClub_Malbogen.pdf
Title: Malen mit Finki

Search URL Search Domain Scan URL

URL: https://www.oft.ch/karriere/
Title: Karriere & Jobs

Search URL Search Domain Scan URL

URL: https://bookcircle.orellfuessli.ch/
Title: Book Circle Community

Search URL Search Domain Scan URL

URL: https://www.trustedshops.ch/bewertung/info_X31D6E98C374EA3E5B6AB582709F9185B.html

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orellfuessli/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@orell.fuessli?lang=de-DE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/OrellFuessli/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ch/app/orell-fussli-mein-buch/id1119180724

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.thalia.oft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://finki.ch/ HTTP 307
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

Request Chain 122

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=245317558 HTTP 302
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=245317558&slf_rd=1&random=1543322158

Request Chain 126

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=903773863.1715908409&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He45f0n513TL3v6104277za200&auid=675625613.1715908409 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=903773863.1715908409&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He45f0n513TL3v6104277za200&auid=675625613.1715908409

Request Chain 138

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;ps=1;pcor=2042118250;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub HTTP 302
https://9327407.fls.doubleclick.net/activityi;dc_pre=CPWTsfnAk4YDFRtNQQId-UUPNg;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;ps=1;pcor=2042118250;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub

Request Chain 151

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1715908408705%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%252Fbonusprogramme%252Fuebersicht%252Fkinderclub%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=AQKweqciN34fAwAAAY-EHHhQrgNjn3NZ8kXY6zk56cGg92NqkjALG1dVPlKfxuCI7itESr-q5yBk

210 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kinderclub Show response
www.orellfuessli.ch/bonusprogramme/uebersicht/
Redirect Chain

https://finki.ch/
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

78 KB
16 KB

141ms
78ms

Document
text/html

104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd8d6b521e5887c59cce1f7d69f5c87fcb5774974a8a4e1547f3b4116986719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer: https://www.google.com/
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 16195
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 884fbebced314d49-FRA
content-encoding: gzip
content-language: de
content-type: text/html;charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 17 May 2024 01:13:27 GMT
expires: 0
grace: full
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
vha6-origin: shopcache4
x-cache: HIT
x-content-type-options: nosniff
x-crafter: true
x-frame-options: SAMEORIGIN DENY
x-xss-protection: 1; mode=block

Redirect headers

content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Fri, 17 May 2024 01:13:27 GMT
location: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
server: Apache
vary: Accept-Encoding

GET
H2 200 LatoLatin-Regular.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 39ms
36ms Font
font/woff2 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Regular.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4996211
cross-origin-resource-policy: same-origin
content-length: 43760
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 10:46:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: font/woff2
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 884fbebd7d704d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 LatoLatin-Bold.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 49ms
46ms Font
font/woff2 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Bold.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4737804
cross-origin-resource-policy: same-origin
content-length: 44380
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 10:46:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: font/woff2
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 884fbebd7d714d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 shell.4244653403f2.css
www.orellfuessli.ch/assets/static/ 3 KB
876 B 62ms
59ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.4244653403f2.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4244653403f22bc0739365821d7db9b057c94a49d071af5e58ebc4904e564d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 927352
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 May 2024 07:37:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
cf-ray: 884fbebd7d6e4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 shell.fbb7d133db30.js Show response
www.orellfuessli.ch/assets/static/ 529 KB
157 KB 62ms
59ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.fbb7d133db30.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb7d133db30db1f066bcd9ebb61bdf244d75ca2a380b5d96f3d2f5b4e586f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 48074
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 May 2024 11:52:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
cf-ray: 884fbebd7d724d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.288154f1b7fcdb737c75.js Show response
assets.thalia.media/ocsassets/heimdall/script-consent/ 6 KB
2 KB 37ms
35ms Script
text/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf23c48bd6233118b9daf7d369d1ea218076f0e930eeb75405581b22248e3fe0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5550728
x-originaluniqueid: ZfH8sOotxW806dE6kBZDywAAAK0
x-envoy-upstream-service-time: 2
x-messageid: ZfH8sOotxW806dE6kBZDywAAAK0
last-modified: Thu, 07 Mar 2024 16:23:14 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebe9be665b5-FRA

GET
H2 200 main-module.238743214083792128ec.js Show response
www.orellfuessli.ch/filialbestandsanzeige/resources/abfrage-bestand/ 2 KB
1 KB 62ms
60ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/abfrage-bestand/main-module.238743214083792128ec.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aef3286cef56e8d99cc6eb7c31aadf6f64a3d72a488f635155cac1931d36c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5564366
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 09:38:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd7d734d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.e54f75dbbd4d841e1e90.orellfuessli.css
www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/ 1 KB
754 B 41ms
39ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/style.e54f75dbbd4d841e1e90.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9c7a84d5d586c9945e1ca3b379a766c93cf191f121c6bb8c3f319fd2f7bac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5560233
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 09:38:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd7d6f4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.27bf727e613f7dacb631.js Show response
www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/ 1 KB
650 B 43ms
41ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/main-module.27bf727e613f7dacb631.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52900a78c2cada7f3bf92acdd03a4f71de5cbb2ed0473c959705075036d2439f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5555574
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 09:38:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd7d744d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.e84787360e3d1e79f283.js Show response
www.orellfuessli.ch/affiliate/resources/affiliate-header-script/ 15 KB
5 KB 42ms
40ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/affiliate/resources/affiliate-header-script/main-nomodule.e84787360e3d1e79f283.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe51bd9771317274642c174e0d159b76c57b88adc5b36cefb3060444930dfb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5564351
grace: none
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 13:23:35 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9df44d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.53a2042951c09ab78a28.js Show response
www.orellfuessli.ch/affiliate/resources/affiliate-sentry/ 375 B
409 B 36ms
34ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/affiliate/resources/affiliate-sentry/main-nomodule.53a2042951c09ab78a28.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0259d31fe640d462dabec31f87e8f9a7320d9b824651b756152289d2bce825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1869014
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 513
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 04:34:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9df54d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.e2d9e3ed18c12681efcf.js Show response
www.orellfuessli.ch/filialservice/components/buchhandlung-global-header/ 35 KB
13 KB 43ms
42ms Script
text/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialservice/components/buchhandlung-global-header/main-module.e2d9e3ed18c12681efcf.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce577654af51434e272fb904a5fd35c5924a524f1d9de78535efac0a9a00bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1879021
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
vha6-origin: shopcache5
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Apr 2024 16:57:20 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/javascript;charset=UTF-8
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd7d754d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.18fa392fe8ba31772524.js Show response
www.orellfuessli.ch/club/kunde/components/club-cookie/ 12 KB
4 KB 44ms
42ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/club/kunde/components/club-cookie/main-nomodule.18fa392fe8ba31772524.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb9e1e1c9a189d93363b0bb71255d86a4829dcfb4d0b63fe99b8c389987770d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2473438
grace: none
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 07:43:13 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9df84d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.e90d8b0ebaadd92660be.js Show response
www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/ 2 KB
1 KB 41ms
40ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/main-module.e90d8b0ebaadd92660be.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefb7435c521f71a773ad466654a0d91d448491cf67d9fd65fcb2d0d8d55f125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5550714
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
content-length: 924
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 20:47:21 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
accept-ranges: bytes
cf-ray: 884fbebd7d764d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.5332da9bc41793c7504d.js Show response
www.orellfuessli.ch/login/resources/global-header-login/ 14 KB
5 KB 43ms
41ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.5332da9bc41793c7504d.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47adc77eecd81e10caefe2f005d41533ac0ccaac1a0011bc34cbe63342e8047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1254592
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 11:59:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9df94d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 merkur-7f4f0dd39d194ba28a5130a8e2367848.js Show response
assets.thalia.media/ocsassets/merkur/js/ 6 KB
3 KB 126ms
60ms Script
text/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/merkur/js/merkur-7f4f0dd39d194ba28a5130a8e2367848.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c770c4d465e153f8c9cfa69f9c548a9d67d0212c0e6095326f499a25b6da0cab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4817724
x-originaluniqueid: ZfHHNSo8a0Rtyk9swGBI0gAABCg
x-envoy-upstream-service-time: 1
x-messageid: ZfHHNSo8a0Rtyk9swGBI0gAABCg
last-modified: Wed, 28 Feb 2024 09:38:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdfb9e65b5-FRA

GET
H2 200 main-module.898aca118c638e9b52b2.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/ 27 KB
10 KB 108ms
42ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.898aca118c638e9b52b2.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7f127c5e334ff314f189d9e146f560d7148d8ba984bd9b23086fba8022e07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 5564366
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHHaUNFemIgluXxshNCvAAAAAw
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdda49972f-FRA

GET
H2 200 style.ac3848cac72126ee5c20.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 11 KB
2 KB 98ms
32ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328795e6658d61dff37f8f99257d4fd3d0cdd91f839ed85dc97840044ac4eb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 5564366
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHHaSo8a0Rtyk9swGBN7AAABCY
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebddb7b65b5-FRA

GET
H2 200 main-module.57010d197aa50e35e4bc.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 50 KB
19 KB 109ms
43ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.57010d197aa50e35e4bc.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a80023096c5c4ef05584d8bcef41cef0b4b6c4ad0a9f90817872eb288360cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 5555533
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHp6nReELRFbfv5Bll3hAAAAv8
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdda4a972f-FRA

GET
H2 200 main-module.42d6263c759e6013a5ed.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 37 KB
15 KB 85ms
34ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.42d6263c759e6013a5ed.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b78c93f967d7d7cdac04c8540749f47c15b902e8ed93f683b04192e4511bf82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 5560194
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHXtV7XouUhXP-vku2cRAAAAcM
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdda4c972f-FRA

GET
H2 200 main-nomodule.80c8918f2f1ea9a449a4.js Show response
www.orellfuessli.ch/warenkorb-resources/header-warenkorb/ 14 KB
5 KB 37ms
35ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312dc456b9380d06788ab121df550b43a1f239fe896b29741275c59181c2750f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4740881
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 11:49:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9dfa4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.11a0c199145f771060f1.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/ 3 KB
682 B 46ms
44ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/style.11a0c199145f771060f1.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939df079b2c41a9e69370f1b3e98660e7b84072b36544acd32478499d78cafae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 27163
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Apr 2024 10:50:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd8d7c4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.a6980a6d126a4f21eb9b.js Show response
www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/ 33 KB
12 KB 47ms
46ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/main-module.a6980a6d126a4f21eb9b.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6f4339c6d36961c0fab4d627e4f10b922e9253a6d832de4751f9ad07c03309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5555574
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d844d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.51155b3d0fe5ab2f6519.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/addtocart-button/ 7 KB
1 KB 48ms
46ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/addtocart-button/style.51155b3d0fe5ab2f6519.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f803dd591fb4e35d55eaf557347593f7169e362a79e80f3cc155bf960415a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1221436
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Apr 2024 10:50:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d834d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.a3dc15c539310d87eda3.js Show response
www.orellfuessli.ch/warenkorb-resources/addtocart-button/ 43 KB
16 KB 67ms
65ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/addtocart-button/main-module.a3dc15c539310d87eda3.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b13642881704e22f0efe3b9f6052c1bc3baf8780ee07aed84a2ea7149cb94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5550714
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d864d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.d5673046369bc522ddcb.js Show response
www.orellfuessli.ch/kundeninteressen/resources/kundeninteressen-loader/ 40 KB
14 KB 66ms
65ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/kundeninteressen/resources/kundeninteressen-loader/main-module.d5673046369bc522ddcb.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017507d60a6fe84bec3520bf94e6182d4c80120c489b6cb2185ee1fd5236c117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5560233
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 05 Mar 2024 08:01:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d874d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.5ea31afe71bbca2e470d.js Show response
www.orellfuessli.ch/abokaufen/resources/abodaten-loader/ 39 KB
14 KB 47ms
45ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/abokaufen/resources/abodaten-loader/main-module.5ea31afe71bbca2e470d.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6423ac6a105156f04d2c805a5755b03fa33642158f3096dc546ee8634e3342be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2489529
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 67
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 08:29:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d884d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.d79ebf0dbe7263e4a3d1.orellfuessli.css
assets.thalia.media/red/cms/components/layout-marginal/ 3 KB
1 KB 82ms
31ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/layout-marginal/style.d79ebf0dbe7263e4a3d1.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 721dbe613cba5aaa9ab39799acd16f1beb9614d522015828ab533fcd3b450d4c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5329
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
etag: W/"bc7-610140f690064"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebddb7c65b5-FRA

GET
H2 200 main-module.693d2592da391c2171ee.js Show response
assets.thalia.media/red/cms/components/layout-marginal/ 862 B
784 B 114ms
63ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/layout-marginal/main-module.693d2592da391c2171ee.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cfbeb9386354c865ebacedef829bf97d39ec031e9513b641148fb6de1b38fc7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:51 GMT
server: cloudflare
age: 5330
etag: W/"35e-616d3fdc598c7"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfa6b972f-FRA

GET
H2 200 main-module.ea2d09af5d8ebf64cf75.js Show response
assets.thalia.media/red/cms/components/header-prime/ 38 KB
14 KB 115ms
64ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime/main-module.ea2d09af5d8ebf64cf75.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f48b131cbe8376ff556bfd006117c7d09e9279e0a6e19ad60531d128941c95cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:49 GMT
server: cloudflare
age: 2669
etag: W/"9830-616d3fda81ea4"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfa6d972f-FRA

GET
H2 200 style.9795f7dc25e0d80c98ba.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime/ 5 KB
2 KB 107ms
57ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime/style.9795f7dc25e0d80c98ba.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a354624dca9abdfc95710800d950ece30b4a66f43363b2ee846d50d22d43920d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1335
last-modified: Mon, 27 Mar 2023 14:13:45 GMT
server: cloudflare
etag: W/"1555-5f7e259da056c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9d65b5-FRA

GET
H2 200 main-nomodule.7159af68cbdcfe45f6ed.js Show response
assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/ 13 KB
5 KB 38ms
37ms Script
text/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.7159af68cbdcfe45f6ed.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f2ae2696ab61313c0b1646f79f17acfe9c80c1a0379f3c41be1922edb27b06

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5564384
x-originaluniqueid: ZfHHWMKZXJuZuZ864mlwagAAAAE
x-envoy-upstream-service-time: 1
x-messageid: ZfHHWMKZXJuZuZ864mlwagAAAAE
last-modified: Thu, 07 Mar 2024 16:23:14 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebe9be765b5-FRA

GET
H2 200 style.d9ea7a4b6261e103c251.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-logo/ 322 B
469 B 110ms
60ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-logo/style.d9ea7a4b6261e103c251.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b553e209be98b7ed1a86a019379f7d330e385d24c8b944f4dc388a61acba7acf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 6818
etag: W/"142-616d3fdb1f4e1"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9c65b5-FRA

GET
H2 200 main-module.0e74900085e359bd0fb0.js Show response
assets.thalia.media/red/cms/components/header-prime-kunde/ 20 KB
8 KB 114ms
64ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/main-module.0e74900085e359bd0fb0.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df943af88c3db107309c0a54908165ace64dd8b8ac426408cceaf456f6c7be58

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2612
etag: W/"51ad-616d3fdb08e60"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfa66972f-FRA

GET
H2 200 style.9daced513b73ebba8b4b.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-kunde/ 4 KB
1 KB 104ms
54ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.9daced513b73ebba8b4b.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d85fbf23357335ce361acce7f1b9ff0319b9d32b80f13c8e4c3b096c745e069

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2669
etag: W/"f4f-616d3fdb100f4"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9265b5-FRA

GET
H2 200 style.0396818c1ea729810d29.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-filiale/ 12 KB
2 KB 109ms
59ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.0396818c1ea729810d29.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2af1f1cb2926b094599e533f38673186c99e45fe3b354f2d95f1f39de0b718

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2165
etag: W/"30be-616d3fdae5e67"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9b65b5-FRA

GET
H2 200 style.59dfa9f0cdf8870143ee.orellfuessli.css
assets.thalia.media/ocsassets/suchocs/suche-global/ 28 KB
5 KB 84ms
35ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/style.59dfa9f0cdf8870143ee.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49feee554240f639c7c41be1729c336be4bbaf05d18c4fa9d369e0c563e6c2dc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5555533
x-originaluniqueid: ZfHp6qMhmq3nQr11Tf7IqAAAA5g
x-envoy-upstream-service-time: 10
x-messageid: ZfHp6qMhmq3nQr11Tf7IqAAAA5g
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebddb8065b5-FRA

GET
H2 200 main-module.acbd7d760235a8245e1e.js Show response
assets.thalia.media/ocsassets/suchocs/suche-global/ 74 KB
29 KB 94ms
45ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/main-module.acbd7d760235a8245e1e.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00cd7ef1b2c2288020489e6cf158c5c923e8b1b14b0df955c2865a1942b3cb93

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4263658
x-originaluniqueid: ZfHXhF7XouUhXP-vku2WmQAAAdk
x-envoy-upstream-service-time: 2
x-messageid: ZfHXhF7XouUhXP-vku2WmQAAAdk
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdda50972f-FRA

GET
H2 200 main-module.8fc040370870983c146e.js Show response
assets.thalia.media/ocsassets/suchocs/kategorie-info/ 52 KB
20 KB 113ms
63ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/kategorie-info/main-module.8fc040370870983c146e.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba74bb5389bd06cf0ba8b893de9f885eabc602edc99720da90314a6116fd64da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5555533
x-originaluniqueid: ZfHp6qMhmq3nQr11Tf7IqQAAA40
x-envoy-upstream-service-time: 2
x-messageid: ZfHp6qMhmq3nQr11Tf7IqQAAA40
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdda52972f-FRA

GET
H2 200 main-module.1ef4117f1e3dd1dfdfa1.js Show response
assets.thalia.media/ocsassets/suchocs/dl-search-redirect/ 72 KB
27 KB 113ms
64ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/dl-search-redirect/main-module.1ef4117f1e3dd1dfdfa1.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ba886faae44035ccf1a94ebf94ed6994841826c94ca15ba8f7f8e7269d2d77

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5550715
x-originaluniqueid: ZfH8vZePjWr5@giuLmNfXgAAATc
x-envoy-upstream-service-time: 1
x-messageid: ZfH8vZePjWr5@giuLmNfXgAAATc
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebdfa67972f-FRA

GET
H2 200 style.25e4647c283032e31baa.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-navigation/ 34 KB
5 KB 82ms
34ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/style.25e4647c283032e31baa.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a5ce86a9c7d6c797ab6ebb2dc9b63ba571a75c8cd7882c306beb5926aecd41

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:51 GMT
server: cloudflare
age: 152
etag: W/"8973-616d3fdc0da5c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebddb8165b5-FRA

GET
H2 200 main-module.f40cca30c189e6b33658.js Show response
assets.thalia.media/red/cms/components/header-prime-navigation/ 38 KB
13 KB 113ms
64ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/main-module.f40cca30c189e6b33658.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d5522a6b63d2f4b7e58538ed8da8b5cff24c06dae7e942ed706fa0a0608901

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:51 GMT
server: cloudflare
age: 2612
etag: W/"9708-616d3fdc05471"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfa68972f-FRA

GET
H2 200 style.8e536af8f378dd0d819d.orellfuessli.css
www.orellfuessli.ch/login/resources/cclogin-banner/ 346 B
283 B 61ms
60ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/cclogin-banner/style.8e536af8f378dd0d819d.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80f3437104722d25b2a6f77a6391902738f5f491ad5c23730c131a69e25b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5560233
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 11:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d894d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.50b20483713795abe852.js Show response
www.orellfuessli.ch/login/resources/cclogin-banner/ 5 KB
2 KB 44ms
43ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/cclogin-banner/main-nomodule.50b20483713795abe852.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05f707fa9d5252f752e713b608c96854a15fb1b84db7c070c41de82bd25ef730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1255067
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 11:59:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9dfc4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.0951a85fa65ed0ad1eb0.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize-schmuckbanner/ 8 KB
2 KB 84ms
36ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize-schmuckbanner/style.0951a85fa65ed0ad1eb0.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d850b066ebe29c2e692489d84a64f6a68de3c97ffdad075b6b1f3a80f1356a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:47 GMT
server: cloudflare
age: 4141
etag: W/"1e79-616d3fd840776"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebddb8365b5-FRA

GET
H2 200 style.474e8dcb7828cb21f81e.orellfuessli.css
assets.thalia.media/red/cms/components/content-text/ 14 KB
2 KB 104ms
56ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/style.474e8dcb7828cb21f81e.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7737bbc0a00422db35647fd8dac34ad4299ef88ad6909c7795b1556ddc88f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 May 2024 09:55:36 GMT
server: cloudflare
age: 5330
etag: W/"37b7-61852e30fd42f"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9465b5-FRA

GET
H2 200 main-module.9269e2343506562cdb54.js Show response
assets.thalia.media/red/cms/components/content-text/ 1 KB
830 B 89ms
41ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/main-module.9269e2343506562cdb54.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab21b11c588b2c13d736330a62d85185e6e808840519fcf8d61dd1a0e96a6e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 May 2024 09:55:36 GMT
server: cloudflare
age: 5329
etag: W/"4cc-61852e30f19f7"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdda51972f-FRA

GET
H2 200 style.5b75a8ee89b1811b4e0c.orellfuessli.css
assets.thalia.media/red/cms/components/content-button/ 8 KB
2 KB 106ms
58ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-button/style.5b75a8ee89b1811b4e0c.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 261563e00103ed008c756ee6c3ce452aea585961678e5fcfc7de7b4c62fb22cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:48 GMT
server: cloudflare
age: 2083
etag: W/"1fdb-616d3fd990b68"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb8d65b5-FRA

GET
H2 200 style.2ec3b6e501775f436b8e.orellfuessli.css
assets.thalia.media/red/cms/components/banner-textbox/ 7 KB
2 KB 109ms
61ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-textbox/style.2ec3b6e501775f436b8e.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d56b02386e690dfe02496e01198ed62608a7a0cb72a0cb11d6ac9d095f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 2604
last-modified: Wed, 27 Mar 2024 09:36:38 GMT
server: cloudflare
etag: W/"1de2-614a124bac87d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9a65b5-FRA

GET
H2 200 style.30ad910966448c1231e6.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize/ 5 KB
1 KB 105ms
57ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/style.30ad910966448c1231e6.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf922dfd5ce8d0846e5347f1287b14e356a15b9cd535d804f16f22326a55fc9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1088
last-modified: Thu, 22 Feb 2024 09:27:09 GMT
server: cloudflare
etag: W/"147f-611f50c2df325"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9365b5-FRA

GET
H2 200 main-module.55effca42b0a87390529.js Show response
assets.thalia.media/red/cms/components/banner-fullsize/ 25 KB
9 KB 88ms
40ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/main-module.55effca42b0a87390529.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e21b99206c4c2353442b9a0da5da773f748ea02803c0b7a87289e9eabac6071

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:47 GMT
server: cloudflare
age: 1087
etag: W/"6216-616d3fd830025"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdda4e972f-FRA

GET
H2 200 style.1947263d82686aaeef27.orellfuessli.css
assets.thalia.media/red/cms/components/content-video/ 22 KB
3 KB 116ms
68ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/style.1947263d82686aaeef27.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab95c04ea77b6ab083a93b31b01590a42017032fb6b0f9113d931ab73b7c85e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:49 GMT
server: cloudflare
etag: W/"5780-616d3fda27305"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9665b5-FRA

GET
H2 200 main-module.03da2eda5bace6d1cc5c.js Show response
assets.thalia.media/red/cms/components/content-video/ 3 KB
2 KB 132ms
84ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/main-module.03da2eda5bace6d1cc5c.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7129501b189418fb239b6a4a40408c29181b6d708f47741f5adc5db39c00ac25

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 16 Apr 2024 14:13:55 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"a48-61637592c2a95"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfa69972f-FRA

GET
H2 200 style.9af3b217feed0e9e9dc8.orellfuessli.css
assets.thalia.media/red/cms/components/artikel-fokus/ 16 KB
3 KB 78ms
38ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/artikel-fokus/style.9af3b217feed0e9e9dc8.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c514264f96cd460d9336fd18ab33c18c27732cc0815726150953cea2be97d3c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:46 GMT
server: cloudflare
age: 4127
etag: W/"3ed3-616d3fd7bc8a1"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebddb8465b5-FRA

GET
H2 200 style.b7ee49559128a57c2f75.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/ 8 KB
1 KB 56ms
55ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/style.b7ee49559128a57c2f75.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372fe35b8719da99e5698b606693fdf643640fd3de6a8fb2667220c002e7fd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5550492
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d8d4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.3174a655de850bebf636.js Show response
www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/ 42 KB
15 KB 56ms
55ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/main-module.3174a655de850bebf636.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273719d6c07b987e9906b9bf60ea9502301b05f5272c6419ec81c1b729768966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4835507
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 11:49:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebd9d904d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.fa1ac1e3f7d969828ff2.orellfuessli.css
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 2 KB
1 KB 94ms
55ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/style.fa1ac1e3f7d969828ff2.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2950d2260bcd95444f687efd4368d98ec9c359d5a6a2416e81730d4ba0c966ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5550722
x-originaluniqueid: ZfH8tleK@We0@rPP7e63ZgAAB6A
x-envoy-upstream-service-time: 0
x-messageid: ZfH8tleK@We0@rPP7e63ZgAAB6A
last-modified: Mon, 04 Mar 2024 10:03:58 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
cf-ray: 884fbebdfb9765b5-FRA
x-robots-tag: noindex
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.8eaa5cedc4eb759a2050.js Show response
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 28 KB
11 KB 103ms
64ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/main-module.8eaa5cedc4eb759a2050.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d765337f0bd0aa25f29dcec8e9e750d56ab339bb0ac112da6ea96bf7bc54e816

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5550715
x-originaluniqueid: ZUMEV0fZtG@yHnXQ90RkFAAAAA0
x-messageid: ZUMEV0fZtG@yHnXQ90RkFAAAAA0
last-modified: Mon, 30 Oct 2023 12:51:55 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
cf-ray: 884fbebdfa6a972f-FRA
x-robots-tag: noindex
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.c4a2f88e96b0c1fda2ae.orellfuessli.css
assets.thalia.media/red/cms/components/customer-contact/ 4 KB
1 KB 102ms
62ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/customer-contact/style.c4a2f88e96b0c1fda2ae.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2a7a85ef1ef5fb19548cd1ef1d49b9be19a39a65d68decd30346443473430d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1335
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"105c-611f50c431538"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdfb9865b5-FRA

GET
H2 200 style.9cd6268149266d9416b0.orellfuessli.css
assets.thalia.media/red/cms/components/footer-sitemap/ 4 KB
1 KB 72ms
33ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/style.9cd6268149266d9416b0.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ca7d41db73658983ffa90ef29e7e119a304fc14dc98f8a19667c2fc0507e09

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 418
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"fdf-611f50c465bcb"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebddb7e65b5-FRA

GET
H2 200 main-module.e1f841c9633749486659.js Show response
assets.thalia.media/red/cms/components/footer-sitemap/ 522 B
605 B 83ms
44ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/main-module.e1f841c9633749486659.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16fbc0805e269461252d6aa054fca96cdfb61c5a9b4edcfa7a9a7387a3e6211

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5698
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"20a-5f5e79ef990ca"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebdda4f972f-FRA

GET
H2 200 style.4a11ef5f64ef9e26add0.orellfuessli.css
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 13 KB
3 KB 48ms
48ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/style.4a11ef5f64ef9e26add0.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2214189306ff7d35d45e5f7031ec11611ab48ed0c5704a2e3712db96c5b316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5560233
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Mar 2024 07:58:24 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebdad924d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.379c40874c487cd28daf.js Show response
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 14 KB
5 KB 45ms
43ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/main-nomodule.379c40874c487cd28daf.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29c7a027de269cd511d5a2c5c8cc0ac98473b2b8dc0bdadf95e5f3770415362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5550715
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Mar 2024 07:58:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebe9dfd4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.10caa02e793e97378b6f.orellfuessli.css
assets.thalia.media/red/cms/components/footer-badges/ 532 B
515 B 70ms
39ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-badges/style.10caa02e793e97378b6f.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf3b82857bf409edd43b6a8a1bfbaa3231eb4b907ec23625b72a2195feb674b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:27 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5280
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"214-611f50c43cffd"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebddb7d65b5-FRA

GET
H2 200 VISA.png
images.thalia.media/Footer/-/62d2df7c259d44bf94d670f81c222181/ 2 KB
2 KB 111ms
32ms Image
image/png 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/62d2df7c259d44bf94d670f81c222181/VISA.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ba56d6a99cddcfe86db31ec372ca319ea2b1964c03cd0d97a2440afa8df0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5560247
cf-polished: origSize=1710, status=webp_bigger
content-length: 1616
cf-bgj: imgq:85,h2pri
last-modified: Fri Dec 01 2023 06:57:02 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "0c1f72ec540cd12611e46310d19aa8e5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476035378
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe2f54038e-FRA

GET
H2 200 Mastercard.png
images.thalia.media/Footer/-/da800919a9a340fba77e003a3c1ff5f2/ 1 KB
2 KB 108ms
30ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/da800919a9a340fba77e003a3c1ff5f2/Mastercard.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ae044b3ec3f36c75cc03143d2cafdb2dfa5ba5f93ce0092e28eb6346db2147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 23752
cf-polished: origFmt=png, origSize=1512
content-disposition: inline; filename="Mastercard.webp"
content-length: 1424
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 10:07:30 GMT
server: cloudflare
etag: "93f7db9a4116c103f6edea1fed29e297"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=461589116
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe2f53038e-FRA

GET
H2 200 PayPal.png
images.thalia.media/Footer/-/eb62f0aa0d6e49208d6175e932933cfa/ 1 KB
2 KB 34ms
34ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/eb62f0aa0d6e49208d6175e932933cfa/PayPal.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38690f2102776166b54a4358877c28754c27facdc913b72d16f653af523cd9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 37325
cf-polished: origFmt=png, origSize=1465
content-disposition: inline; filename="PayPal.webp"
content-length: 1384
cf-bgj: imgq:85,h2pri
last-modified: Fri, 26 Apr 2024 14:42:57 GMT
server: cloudflare
etag: "e5556f5c98528b4f79b53271adbf3b3e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463306623
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe8f7c038e-FRA

GET
H2 200 AMEX.png
images.thalia.media/Footer/-/145d7716f7f54c4cbf5852d2f7d19127/ 654 B
845 B 30ms
30ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/145d7716f7f54c4cbf5852d2f7d19127/AMEX.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2bef013423b2a37c201e376947b30c34835448bb0e092fa6a162aa8afc5f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 34673
cf-polished: origFmt=png, origSize=729
content-disposition: inline; filename="AMEX.webp"
content-length: 654
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Apr 2024 06:21:18 GMT
server: cloudflare
etag: "e37070838809052cbc0e2b64a12e8c36"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=461579154
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe8f7d038e-FRA

GET
H2 200 Apple%20Pay.png
images.thalia.media/Footer/-/d2a4da97546649f0817e1b205aeb7f31/ 446 B
642 B 33ms
30ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/d2a4da97546649f0817e1b205aeb7f31/Apple%20Pay.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1900c6bca2f59ee2a5ae2daa37a9d889693c4d14ab41d856eb2521f701418a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 25936
cf-polished: origFmt=png, origSize=615
content-disposition: inline; filename="Apple%20Pay.webp"
content-length: 446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Apr 2024 06:21:17 GMT
server: cloudflare
etag: "62a1171a2d7098e83de1f29377d23e45"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=462013116
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f86038e-FRA

GET
H2 200 Google%20Pay.png
images.thalia.media/Footer/-/22b8199b175549548fc403043c5a54da/ 730 B
903 B 39ms
37ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/22b8199b175549548fc403043c5a54da/Google%20Pay.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02cf1ffa5d924dc753ccd51dd873eaba01ee014bc5b26d8ea24666d80c23e78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 32494
cf-polished: origFmt=png, origSize=812
content-disposition: inline; filename="Google%20Pay.webp"
content-length: 730
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Apr 2024 06:21:17 GMT
server: cloudflare
etag: "f37c6735630c8d01cf5a811be77ca3c3"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463306621
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f88038e-FRA

GET
H2 200 PickMup.png
images.thalia.media/Footer/-/3e5652cfe24b416993e78760dd1bf598/ 2 KB
2 KB 34ms
32ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3e5652cfe24b416993e78760dd1bf598/PickMup.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c7ffbae66efe0ea23398ca3e49f06e2cc5f87238a306e1502b7cbb7c073dbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 891
cf-polished: origFmt=png, origSize=1791
content-disposition: inline; filename="PickMup.webp"
content-length: 1628
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 Apr 2024 13:24:00 GMT
server: cloudflare
etag: "330a53fff7903dd1651d1c9c893001a8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=464088960
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f89038e-FRA

GET
H2 200 Trusted%20Shop.png
images.thalia.media/Footer/-/5c7a7645d3c7439c96493c0f07cf368b/ 2 KB
3 KB 39ms
38ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/5c7a7645d3c7439c96493c0f07cf368b/Trusted%20Shop.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b716dff6ab71cfa1f58d6c8ce87e24aca839760335acb08f4a97289aafc3941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 80202
cf-polished: origFmt=png, origSize=2734
content-disposition: inline; filename="Trusted%20Shop.webp"
content-length: 2482
cf-bgj: imgq:85,h2pri
last-modified: Fri, 19 Apr 2024 18:23:34 GMT
server: cloudflare
etag: "eb4cc3179881b7ac16918fa41025a3ed"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463898186
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f8b038e-FRA

GET
H2 200 style.445675e54f78b9ed4af4.orellfuessli.css
assets.thalia.media/red/cms/components/footer-benefits/ 3 KB
946 B 38ms
36ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-benefits/style.445675e54f78b9ed4af4.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e06a0f817d8fa4be7f2dd108b068000bee54a5f97f87825cc4c7debe7867ae

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6752
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"ab5-611f50c44641d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebe9be565b5-FRA

GET
H2 200 Book%20Circle%20Community.png
images.thalia.media/Footer/-/c18c97e9238e4f67a8a5295ca491d288/ 1 KB
1 KB 35ms
34ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/c18c97e9238e4f67a8a5295ca491d288/Book%20Circle%20Community.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15f018f66d62ac7ab96d85dd4e253a0338a6143a9b68fddfbe881d245c2e7282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 252098
cf-polished: origFmt=png, origSize=1253
content-disposition: inline; filename="Book%20Circle%20Community.webp"
content-length: 1120
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 09:42:23 GMT
server: cloudflare
etag: "a73b7fcb807df9332835460ff01a3fa4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463306623
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f8d038e-FRA

GET
H2 200 Facebook.png
images.thalia.media/Footer/-/f3ab2209619a458ab9f049e58fb45cbb/ 634 B
827 B 34ms
33ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/f3ab2209619a458ab9f049e58fb45cbb/Facebook.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbdb897a4ff7ebf898594e8056cab0a3d75ee9025c7718764831277023e6dba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 28135
cf-polished: origFmt=png, origSize=777
content-disposition: inline; filename="Facebook.webp"
content-length: 634
cf-bgj: imgq:85,h2pri
last-modified: Thu, 14 Sep 2023 12:34:00 GMT
server: cloudflare
etag: "f454122a6c93e09d78a74460c0975f23"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463756433
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f8f038e-FRA

GET
H2 200 Instagramm.png
images.thalia.media/Footer/-/323c0decad694b80bb019605c85d10d5/ 2 KB
2 KB 40ms
38ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/323c0decad694b80bb019605c85d10d5/Instagramm.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dd42c60f23e4d38c1f1e048c5742691cf6fa1c278838d95555be545cc7005f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 28295
cf-polished: origFmt=png, origSize=2415
content-disposition: inline; filename="Instagramm.webp"
content-length: 1962
cf-bgj: imgq:85,h2pri
last-modified: Fri, 26 Apr 2024 14:42:57 GMT
server: cloudflare
etag: "809c0863d4c638e7b2e8d6c524408ee2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463306623
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebe9f91038e-FRA

GET
H2 200 TikTok.png
images.thalia.media/Footer/-/17b9a0625daf4e40aacffb34e371f803/ 1 KB
1 KB 40ms
39ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/17b9a0625daf4e40aacffb34e371f803/TikTok.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16217342bf945260ef457e550015621ce812a152b98741083a95bbd22abe6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 737
cf-polished: origFmt=png, origSize=1334
content-disposition: inline; filename="TikTok.webp"
content-length: 1170
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 08:57:08 GMT
server: cloudflare
etag: "070adf4e853248fff4ecb977aa639c64"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=461589109
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebeaf94038e-FRA

GET
H2 200 YouTube.png
images.thalia.media/Footer/-/59250fff0d3848c0b62ed3de9aa84eeb/ 340 B
534 B 47ms
46ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/59250fff0d3848c0b62ed3de9aa84eeb/YouTube.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8e6e31935ffd9efb0a6d2131503cdf67b0d333b56b695cf64cc487ab187c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 32475
cf-polished: origFmt=png, origSize=483
content-disposition: inline; filename="YouTube.webp"
content-length: 340
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Sep 2023 12:00:32 GMT
server: cloudflare
etag: "6cdae66935ff30d3d990ae93a15d1856"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=461681849
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebeaf95038e-FRA

GET
H2 200 Pinterest.png
images.thalia.media/Footer/-/406f870d713e42ee871e174e7805f0d7/ 860 B
1 KB 48ms
47ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/406f870d713e42ee871e174e7805f0d7/Pinterest.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227d717a844fe9859ee8cec565c8a5bc23ff34d582d80e11c1aa897928b6bea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 28908
cf-polished: origFmt=png, origSize=960
content-disposition: inline; filename="Pinterest.webp"
content-length: 860
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 Apr 2024 13:23:12 GMT
server: cloudflare
etag: "3182b317187cf87fd615cd34ea5a82ef"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=464089008
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebeaf96038e-FRA

GET
H2 200 App%20Store.png
images.thalia.media/Footer/-/3321bd1aaa1742f5959051b75c6603a0/ 1 KB
1 KB 40ms
40ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3321bd1aaa1742f5959051b75c6603a0/App%20Store.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe66844981bc11610d8cf60013586056e0183cf4f3359d8c5b0f889b03410af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 166050
cf-polished: origFmt=png, origSize=1389
content-disposition: inline; filename="App%20Store.webp"
content-length: 1214
cf-bgj: imgq:85,h2pri
last-modified: Thu, 14 Sep 2023 12:17:27 GMT
server: cloudflare
etag: "e764119031acf0488d16d0466310e9c5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463306623
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebeaf98038e-FRA

GET
H2 200 Google%20Play%20Store%20(App)%20.png
images.thalia.media/Footer/-/0310c32acdc041538492009709235387/ 1 KB
2 KB 41ms
40ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/0310c32acdc041538492009709235387/Google%20Play%20Store%20(App)%20.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb00484924af8e1b5b481ccbfd1a8f05555602460a99e7cc27646b6e3628ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 27851
cf-polished: origFmt=png, origSize=1728
content-disposition: inline; filename="Google%20Play%20Store%20(App)%20.webp"
content-length: 1486
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Apr 2024 07:11:54 GMT
server: cloudflare
etag: "0f74229ca54818713b66d5e821dfeb72"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=463306622
x-server: vds
accept-ranges: bytes
cf-ray: 884fbebeaf99038e-FRA

GET
H2 200 icon-brandlogo--orellfuessli.4da5ffc844d40c703788.svg
assets.thalia.media/red/cms/components/header-prime-logo/assets/ 2 KB
803 B 37ms
37ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-logo/assets/icon-brandlogo--orellfuessli.4da5ffc844d40c703788.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-logo/style.d9ea7a4b6261e103c251.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68024b0859845915cf2072abed7941e77c0d5b24a29fea9ca9ca0610c43c6f4e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2527
etag: W/"63f-616d3fdb1810c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabec65b5-FRA

GET
H2 200 icon-location--orellfuessli.3e4b5885899a272ffdfb.svg
assets.thalia.media/red/cms/components/header-prime-filiale/assets/ 493 B
539 B 40ms
40ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/assets/icon-location--orellfuessli.3e4b5885899a272ffdfb.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.0396818c1ea729810d29.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43f18f1f4038133549b86360d12c44dbfc1e6d9a4894613fd61b74fbc13b517

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2527
etag: W/"1ed-616d3fdad96b8"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeab22972f-FRA

GET
H2 200 icon-account--orellfuessli.190968655ff7305b4f28.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 413 B
518 B 41ms
40ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-account--orellfuessli.190968655ff7305b4f28.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.9daced513b73ebba8b4b.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67da0087618efe66ace68962d3d33dae0a4adf2eb7bf53b0382e8a547b28c58a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2527
etag: W/"19d-616d3fdaed3ad"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeab29972f-FRA

GET
H2 200 icon-favourites--orellfuessli.630ef2d0bcfb2161bc17.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 755 B
710 B 43ms
43ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-favourites--orellfuessli.630ef2d0bcfb2161bc17.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.9daced513b73ebba8b4b.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2abf3114b589522e32e94c39c99879cdcb7cf792ceae5f50b717f38022939c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 2527
etag: W/"2f3-616d3fdaf239e"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeab2d972f-FRA

GET
H2 200 icon-warenkorb--orellfuessli.a28dbd77a81367a9d31a.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 423 B
552 B 39ms
39ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-warenkorb--orellfuessli.a28dbd77a81367a9d31a.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.9daced513b73ebba8b4b.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d42d28872139ddccb30468fdaad30332f178399ebda9bfdfce1d941e63140f5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:50 GMT
server: cloudflare
age: 3163
etag: W/"1a7-616d3fdb0660d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeab2e972f-FRA

GET
DATA 200
OK truncated
/ 774 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 534814fc10c5c6becfe063d84c59c911e4be6a46.jpg
assets.thalia.media/img/cms/ 38 KB
38 KB 52ms
52ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/534814fc10c5c6becfe063d84c59c911e4be6a46.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bad66b09042ee7024482f58709d52cda75d5fca767016459d3bb59f3704479

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
cf-polished: origSize=42165
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabf165b5-FRA

GET
H2 200 5f20722b32171f41adaba6fc2b14fcf464bd6da6.jpg
assets.thalia.media/img/cms/ 38 KB
38 KB 77ms
77ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/5f20722b32171f41adaba6fc2b14fcf464bd6da6.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9221abfd641f20f8d9517f6b9036904c0f1323f175fcba9faec077460145bb2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
cf-polished: origSize=42248
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabf265b5-FRA

GET
H2 200 b3a4bc4f2a5fdf434b296c9963ec9121c9e9cfc9.jpg
assets.thalia.media/img/cms/ 39 KB
39 KB 76ms
75ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/b3a4bc4f2a5fdf434b296c9963ec9121c9e9cfc9.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dab51349ecc104c1e73517543f3f3ce09f4a43b68b445ba8fb26f3ca01d54ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
cf-polished: origSize=43261
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabf465b5-FRA

GET
H2 200 f435f2b03dabec5912d1afcabf9d81b4af89d23c.jpg
assets.thalia.media/img/cms/ 61 KB
62 KB 77ms
76ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/f435f2b03dabec5912d1afcabf9d81b4af89d23c.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351a3d58c6bf84633a50d9adf1dd2dbd8911a78bdb1c051cba944e03923ca073

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
cf-polished: origSize=67928
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabf665b5-FRA

GET
H2 200 fa8d85075c3b6cc7ec32b5073488a555f6590637.jpg
assets.thalia.media/img/cms/ 117 KB
117 KB 76ms
76ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/fa8d85075c3b6cc7ec32b5073488a555f6590637.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b927b95aa61814389841d31ca9eafa0e3f1c8fd6d7184005551dc7d5ad1c079e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
cf-polished: status=not_needed
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabf765b5-FRA

GET
H2 200 icon-link-standard-arrow--orellfuessli.e9b6869bd8323a6ae821.svg
assets.thalia.media/red/cms/components/content-video/assets/ 243 B
459 B 62ms
62ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/icon-link-standard-arrow--orellfuessli.e9b6869bd8323a6ae821.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/content-video/style.1947263d82686aaeef27.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58fa8504dd5a1b32415927fa233fe4ca99aed9583196331604553d849abeac0b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:49 GMT
server: cloudflare
etag: W/"f3-616d3fda13feb"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeab2f972f-FRA

GET
H2 200 icon-star-inactive--orellfuessli.7e9098d97b5045249032.svg
assets.thalia.media/red/cms/components/artikel-fokus/assets/ 243 B
261 B 35ms
34ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/artikel-fokus/assets/icon-star-inactive--orellfuessli.7e9098d97b5045249032.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/artikel-fokus/style.9af3b217feed0e9e9dc8.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbb1ddc03500924a03572449799e19e69cf927bc9880b7407a67b6c7eed1391

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:46 GMT
server: cloudflare
age: 4128
etag: W/"f3-616d3fd7b65ac"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabf965b5-FRA

GET
H2 200 icon-star--orellfuessli.4d9927e2e9ab018977d2.svg
assets.thalia.media/red/cms/components/artikel-fokus/assets/ 243 B
288 B 34ms
34ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/artikel-fokus/assets/icon-star--orellfuessli.4d9927e2e9ab018977d2.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/artikel-fokus/style.9af3b217feed0e9e9dc8.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7f91298c9e334a99ae240d30e1f9bf4cc4f2cd7d6793245444d4c6bddd0373

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 09:06:46 GMT
server: cloudflare
age: 4128
etag: W/"f3-616d3fd7b0ca3"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabfa65b5-FRA

GET
H2 200 icon-cart-add--orellfuessli.844ccbe3f804bc539eb1.svg
www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/assets/ 576 B
444 B 38ms
37ms Image
image/svg+xml 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/assets/icon-cart-add--orellfuessli.844ccbe3f804bc539eb1.svg

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/style.b7ee49559128a57c2f75.orellfuessli.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558b21cdbac5b1fd99f24cd1952711f0e140f6cd880ed0db010dd272f8dc2641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5563089
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: image/svg+xml
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebeae034d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 c9cb8359f8068abf5a95091febee50f25ada81d6.jpg
assets.thalia.media/img/cms/ 84 KB
84 KB 54ms
54ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/c9cb8359f8068abf5a95091febee50f25ada81d6.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdeaf36274affcde02bfb13f68cc592b3eb6da8b6402150f9fc177977f241c7c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
cf-polished: origSize=95723
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbebeabfb65b5-FRA

GET
H2 200 d12a190a5ced918abbcb9754c120825857b2ea3d.png
assets.thalia.media/img/cms/ 15 KB
15 KB 68ms
68ms Image
image/webp 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/d12a190a5ced918abbcb9754c120825857b2ea3d.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d31b5aedf8ff4ee7a289b3cc3e5fd1a38560e0bae5f2f62b818861a4544c927c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=19868
content-disposition: inline; filename="d12a190a5ced918abbcb9754c120825857b2ea3d.webp"
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:35 GMT
server: cloudflare
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebebc0065b5-FRA

GET
H2 200 shell-consent.80cd7b415346.js Show response
www.orellfuessli.ch/assets/static/ 127 KB
38 KB 47ms
42ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell-consent.80cd7b415346.js

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80cd7b41534625f5cef8cf9143d525c6b22a7ce234f6d4824a035f7e281e73c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 747609
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 May 2024 09:33:14 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: max-age=31536000, public
cf-ray: 884fbebeee2a4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-heimdall-nomodule.0c5f7f84cacdbf2c16cd.js Show response
assets.thalia.media/ocsassets/cookiemonster/cookiemonster-tracking-code/ 1 KB
777 B 44ms
39ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/cookiemonster/cookiemonster-tracking-code/main-heimdall-nomodule.0c5f7f84cacdbf2c16cd.js
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3430ada06e93710c0d8c33de52206b350cca35415ac20c03a3346e07872d0b31

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5560239
x-originaluniqueid: ZWg8JaO4K1QzBzYdUsQqMAAAAmY
x-envoy-upstream-service-time: 0
x-messageid: ZWg8JaO4K1QzBzYdUsQqMAAAAmY
last-modified: Fri, 17 Nov 2023 16:06:44 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebeec1265b5-FRA

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 477 KB
132 KB 119ms
65ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2621c27627eeff09e36bc0434d79049d8b88f58786978216637794cd5d1ac821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134362
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:13:28 GMT

GET
H2 200 header-overlay Show response
www.orellfuessli.ch/include/login/ 5 KB
2 KB 55ms
55ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/login/header-overlay

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.5332da9bc41793c7504d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeae8b70c401283984cad93d7719a2ba0c306b99537cdc44aaaf9a0abd780776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 121
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: text/html;charset=UTF-8
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 884fbebefe324d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 artikelnummern Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/ 22 B
224 B 50ms
50ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/artikelnummern

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.57010d197aa50e35e4bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding,Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebf0e374d49-FRA
expires: 0

GET
H2 200 style.e1695595b8871cf7074d.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 13 KB
2 KB 37ms
37ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/style.e1695595b8871cf7074d.orellfuessli.css

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.42d6263c759e6013a5ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946f422273409c3d264097c31e7b4cd2b27f2ead64ba86b9ee5f030316a092df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 4654807
content-encoding: br
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-messageid: ZfHp67FyuPKeN0jOUjGYPQAABLQ
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebf0c2165b5-FRA

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
164 B 76ms
76ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebf0e3c4d49-FRA
expires: 0

GET
H2 200 abodaten Show response
www.orellfuessli.ch/abokaufen/api/rest/ 104 B
295 B 47ms
47ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/abokaufen/api/rest/abodaten

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/abokaufen/resources/abodaten-loader/main-module.5ea31afe71bbca2e470d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e05496608e58c334abae70368801cfb1f07d3cbe4713bc8a8eef8fd74d0de5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 492
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json
content-language: de
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebf2e474d49-FRA

GET
H2 200 icon-dislike--orellfuessli.44adb20d1782c72db80e.svg
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/assets/ 1 KB
1 KB 32ms
32ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/assets/icon-dislike--orellfuessli.44adb20d1782c72db80e.svg

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbf45aaa253b03ac76a20a1ef45c100799ce5d6a011db5e97c960c44f71d7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Origin: https://www.orellfuessli.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 4263658
content-encoding: br
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-messageid: Zf733rQjGYc8brQmCJCZRQAAAmY
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebf2bd6972f-FRA

GET
H2 200 ajax Show response
www.orellfuessli.ch/include/heimdall/v1/consent/ 0
46 B 49ms
49ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/heimdall/v1/consent/ajax

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.7159af68cbdcfe45f6ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-language: de
content-type: text/html;charset=UTF-8
cf-ray: 884fbebf2e4c4d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 flyout.json Show response
www.orellfuessli.ch/cms/api/1/services/ 90 KB
16 KB 47ms
47ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/cms/api/1/services/flyout.json?tenantId=37&storeUrl=L3NpdGUvY29tcG9uZW50cy9waW5uZWQvb3JlbGxmdWVzc2xpX2NoL25hdmlnYXRpb24vMjkzZTVmNzktMjFlMC05MGI3LWFmN2MtYWFlY2ZmODIzYjNjLnhtbA==

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/main-module.f40cca30c189e6b33658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c9d76c9c5271a072523bab3fa8e68839162c464dc7433e62214451f436d2944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 380
grace: none
x-crafter: true
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json;charset=UTF-8
content-language: de
cache-control: max-age=600,must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebf4e594d49-FRA

GET
H2 200 merge Show response
mycliplister.com/ 450 KB
106 KB 300ms
189ms Script
text/javascript 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/content-video/main-module.03da2eda5bace6d1cc5c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

57559c54129b88bc4a17cfb96c730b15320fc032a505e095797d32c934ce5b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-server: he52
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 style.b30b9261c52e15203179.orellfuessli.css
www.orellfuessli.ch/login/resources/login-form-kompakt/ 15 KB
3 KB 37ms
37ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/login-form-kompakt/style.b30b9261c52e15203179.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.5332da9bc41793c7504d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e34c8fb0157c0a7d9c0f8cd7b9bd819df92d7b61ce1ba0d9a3fe8a40c53db8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1255021
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 11:59:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebf8e814d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.f5c74ffac8baec56a2ea.js Show response
www.orellfuessli.ch/login/resources/login-form-kompakt/ 15 KB
5 KB 33ms
33ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/login-form-kompakt/main-nomodule.f5c74ffac8baec56a2ea.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.5332da9bc41793c7504d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ba148a5496be8cec74cc1d30fa7923323f3a3b62c94971193198b03b586114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1255010
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 11:59:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 884fbebf8e824d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js

42 KB
14 KB

29ms
29ms

Script
application/javascript

104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H3
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
cf-ray: 884fbec02a305d93-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 17 May 2024 01:13:28 GMT
server: cloudflare
vary: Accept-Encoding
location: /turnstile/v0/g/1b3559406bc8/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
cf-ray: 884fbebffa1d5d93-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 kundenfiliale
www.orellfuessli.ch/api/rest/ 0
0 45ms
45ms Fetch 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/kundenfiliale

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/main-module.e90d8b0ebaadd92660be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbebfce984d49-FRA
expires: 0

GET
H2 200 kundezuordnen
www.orellfuessli.ch/include/warenkorb/ 0
0 49ms
48ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/warenkorb/kundezuordnen

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
content-language: de
accept-ranges: bytes
cf-ray: 884fbebfce994d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
retry-after: 5

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
95 B 47ms
47ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbec01ec84d49-FRA
expires: 0

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/id8jt/0x4AAAAAAAGScWG5hN6qjtSf/light/ Frame A0F8 0
0 54ms
31ms Document
text/html 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/id8jt/0x4AAAAAAAGScWG5hN6qjtSf/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer: https://www.google.com/
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 884fbec09ced1a47-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 01:13:28 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 anzahl.html Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/ 1 B
89 B 54ms
54ms Fetch
text/plain 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/anzahl.html

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.898aca118c638e9b52b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 1
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: text/plain; charset=utf-8
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbec0ef1c4d49-FRA
expires: 0

GET
H2 200 send
ga.thalia.media/j/ 2 B
0 131ms
121ms Fetch
text/plain 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.thalia.media/j/send?v=1&ds=web&aip=1&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&sd=24-bits&dt=Kinderclub%20%7C%20Orell%20F%C3%BCssli&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&ul=de-ch&de=UTF-8&sr=1600x1200&vp=1600x1200&_r=1&jid=896364086&z=562066079&t=pageview&cm11=528

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.80cd7b415346.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
cf-ray: 884fbec1cd80972f-FRA
content-length: 2
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
0 95ms
28ms Fetch
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=392030484

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.80cd7b415346.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 May 2024 01:13:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.ch/ads/
Redirect Chain

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=245317558
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=245317558&slf_rd=1&random=1543322158

42 B
0

86ms
32ms

Fetch
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=245317558&slf_rd=1&random=1543322158

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 May 2024 01:13:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=29840969-1717-41ed-8f63-3c40021b9046&jid=896364086&z=245317558&slf_rd=1&random=1543322158
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 115ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BE2W3ZY94G&_p=551901723&sr=1600x1200&ul=de-ch&cid=6490865824.1715908408589&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dr=undefined&dt=Kinderclub%20%7C%20Orell%20F%C3%BCssli&sid=1715908408589&_s=1&en=page_view&gtm=45je32m0&cu=CHF&uafvl=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&uap=Win32&_dbg=1&_gaz=1&sct=1&seg=0&_fv=1&_ss=1&mri=1715908408589&gcs=G111&gcd=11r1r1r1r5&dma=0&dma_cps=sypham&epn.perf_fcp=528&ep.debug_data=1715908408589%2C1715908408589
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.80cd7b415346.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 98ms
33ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BE2W3ZY94G&cid=6490865824.1715908408589&gtm=45je32m0&aip=1&gcs=G111&gcd=11r1r1r1r5&dma=0&dma_cps=sypham
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.80cd7b415346.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite03.png
www.orellfuessli.ch/cookiemonster/v1/ 95 B
212 B 45ms
44ms Image
image/png 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orellfuessli.ch/cookiemonster/v1/sprite03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 95
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
content-language: de
cache-control: no-cache, must-revalidate
cf-ray: 884fbec1cfa14d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=903773863.1715908409&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He45f0n513T...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=903773863.1715908409&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=...

42 B
65 B

66ms
32ms

Ping
image/gif

216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=903773863.1715908409&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He45f0n513TL3v6104277za200&auid=675625613.1715908409

Protocol

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=903773863.1715908409&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He45f0n513TL3v6104277za200&auid=675625613.1715908409
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-978673102&l=newDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eb9be155e0e65892605ee44911ccfa83d23c09db23bf9dc978df1b2584d6f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91502
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:13:28 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 92ms
47ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 17 May 2024 01:13:28 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2732D90DDA3D499986999FA42572E44B Ref B: ZRHEDGE1516 Ref C: 2024-05-17T01:13:28Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 200 KB
73 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9327407&l=newDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b896a16fe5f267e6ec21c07d35880e36167a09e77224769dc2b7684a3597bb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74321
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:13:28 GMT

GET
H2 200 13971.js Show response
www.dwin1.com/ 48 KB
13 KB 88ms
24ms Script
application/javascript 2600:9000:214f:cc00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/13971.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:cc00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea73585dc52c22c72253bd4aed12eec989d4b8ae09bef718a1fca67c7064bcd2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r7b5Ix.cqxstCi0MJNLv_7aooYFSkWvW
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
date: Fri, 17 May 2024 01:09:44 GMT
x-amz-cf-pop: FRA53-C1
age: 242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 May 2024 14:30:34 GMT
server: AmazonS3
etag: W/"be74e4d6ca4a849f7980790e4f97de1c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: agkeiIZXcO2C9KWO7haryoXWxPa_63sUnr6sTCFDZnJqoK_Tz39FLw==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 104ms
21ms Script
application/javascript 2a02:26f0:3500:893::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1881

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 85ms
21ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=29487
accept-ranges: bytes
content-length: 16683

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 76ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 01:13:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1208, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: A0hku+uXMoJKYriAPH6Wzl96uSI436hS6EqhhOBmZiM3N3XoQBItYTkNh/46YF3v71QPcKdsoqlIOfB+upNBFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 229ms
148ms Script
application/javascript 95.100.146.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LKHMN177STLBSB54OG&lib=ttq
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6ab8bddc3f64d99e46482cbfa8435a4b62515ca91b728565b0e341a0794f3c70

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1db74ae
date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240517011328EB87D1064F57FA0A24FA-59F14CA14DFF01E1-00
x-cache: TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=110
content-length: 2194
pragma: no-cache
server: nginx
x-tt-logid: 20240517011328EB87D1064F57FA0A24FA
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 110,95.100.146.12
x-tt-trace-host: 015faff82ad69f86bf2dfd80cb627089482354e9cf917b575e59d343a4acb9a5ab421ac1d5b391ed0ceb016b467a1f007f0df2fbe6de7560b7f16038edf264d8b363d519563dc965dd2a32b715ab8dfd6f962a5001200c578feb6da85f2878968b
expires: Fri, 17 May 2024 01:13:28 GMT

GET
H2 200 Controller.js Show response
chat.orellfuessli.ch/Chat/ 48 KB
48 KB 124ms
41ms Script
text/javascript 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 22bcfcb4f9f8a275e009ea9ca1c9bcb4cd8636a35539f6a20f4465522d8c74fd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:28 GMT
cache-control: private
access-control-allow-credentials: true
server: Chat
content-length: 48735
content-type: text/javascript; charset=utf-8

GET
H2 200 icon64.png
www.orellfuessli.ch/assets/images/meta/oft/ 485 B
633 B 41ms
40ms Other
image/png 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/images/meta/oft/icon64.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17134b8027532c3b08cefde6c202c8d1405aee2edede1da9c1e661bfade905c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5555597
cross-origin-resource-policy: cross-origin
content-length: 485
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 07:37:05 GMT
server: cloudflare
cross-origin-opener-policy: cross-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: image/png
content-language: de
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 884fbec1efb84d49-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/ 4 KB
1 KB 78ms
36ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/?random=1715908408668&cv=11&fst=1715908408668&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9178896824z86104277za201&gcd=13r3r3r3r5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&hn=www.googleadservices.com&frm=0&tiba=Kinderclub%20%7C%20Orell%20F%C3%BCssli&npa=0&pscdl=noapi&auid=675625613.1715908409&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%3Bads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-978673102&l=newDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b6de5efc3af27ad93ee6cd3ac8eef98091736776ab4a1bffd00501e615242363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1495
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPWTsfnAk4YDFRtNQQId-UUPNg;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefin...
9327407.fls.doubleclick.net/ Frame 2E18
Redirect Chain

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undef...
https://9327407.fls.doubleclick.net/activityi;dc_pre=CPWTsfnAk4YDFRtNQQId-UUPNg;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;...

0
0

39ms
38ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9327407.fls.doubleclick.net/activityi;dc_pre=CPWTsfnAk4YDFRtNQQId-UUPNg;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;ps=1;pcor=2042118250;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9327407&l=newDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer: https://www.google.com/
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 489
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 01:13:28 GMT
expires: Fri, 17 May 2024 01:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 01:13:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9327407.fls.doubleclick.net/activityi;dc_pre=CPWTsfnAk4YDFRtNQQId-UUPNg;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;ps=1;pcor=2042118250;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefin...
ad.doubleclick.net/ 0
23 B 88ms
57ms Image
image/png 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9327407;type=pageview;cat=global00;ord=7622023904911;npa=0;auiddc=675625613.1715908409;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;ps=1;pcor=2042118250;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7992607142332224216"}],"aggregatable_trigger_data":[{"filters":[{"14":["8546837"]}],"key_piece":"0xa75a0d9c7faf9cfc","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xce5b77274b9f74f7","not_filters":{"14":["8546837"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":[{"14":["8546837"]}],"key_piece":"0xb30a5ed5bfa2fc55","source_keys":["12","13","14","15","16","17","18","19","20","21","628665336","628665337","628665338","628665339","628675472","628675473","628675474","628675475","628683492","628683493","628683494","628683495"]},{"key_piece":"0x924ca0bd0a8e28fb","not_filters":{"14":["8546837"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628665336","628665337","628665338","628665339","628675472","628675473","628675474","628675475","628683492","628683493","628683494","628683495"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"628665336":32,"628665337":32,"628665338":32,"628665339":3177,"628675472":32,"628675473":32,"628675474":32,"628675475":3177,"628683492":32,"628683493":32,"628683494":32,"628683495":3177,"7":327,"8":5570,"9":327},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17070452630691352501","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7992607142332224216","filters":[{"14":["8546837"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7992607142332224216","filters":[{"14":["8546837"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7992607142332224216","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7992607142332224216","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9327407"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 432 B
893 B 312ms
225ms XHR
application/json 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2YWJnQmRLaFRGNHE3M19LbThmbTdia3ZtYmt5MldrQ3IiLCJsYW5nIjoiIyMifV0=

Requested by

Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

89e42e9cdb6766845a09adc859246d0415e4dc29b10feb565751582a13788119

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he56
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 432

GET
H2 204 12000244.js Show response
bat.bing.com/p/action/ 0
116 B 47ms
47ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/12000244.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 17 May 2024 01:13:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E029F1B169743AFB3609D490480C306 Ref B: ZRHEDGE1516 Ref C: 2024-05-17T01:13:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 107ms
107ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=12000244&tm=gtm002&Ver=2&mid=05f70ece-4662-4a6b-8d4c-d546880724e6&sid=ab2ed05013ea11ef82ec7f64844826a3&vid=ab2ee3b013ea11ef8bd10713bd7b2767&vids=1&msclkid=N&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=Kinderclub%20%7C%20Orell%20F%C3%BCssli&p=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&r=&lt=1004&evt=pageLoad&sv=1&rn=456631

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 May 2024 01:13:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1415E3FD2A04A46A95FDF1B48ACF379 Ref B: ZRHEDGE1516 Ref C: 2024-05-17T01:13:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 432 B
893 B 295ms
213ms XHR
application/json 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2MldybFVLc0NtYTM4aTVHbTlIemZveWNIRl80cFRGOG4iLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

24511874594ec6f952ef9ff5410d6a05e2c6c2c2118961fb5138648f92df76c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he50
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 432

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 432 B
893 B 306ms
224ms XHR
application/json 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2M183XzdfNlNsTl9fTjlHb19Tc0hCXzNhMlB4WVR1YWIiLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

d5851031a9255a0ef55774bd65644772db3839e4462c667c8a958fd80c86c643

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he46
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 432

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 432 B
893 B 316ms
234ms XHR
application/json 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2Y3pxY3U2U2ptXzRveWN2aTdhYV83OUhESEI5RVdvd0ciLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

8fd74e0a320590fb7e045fb1be3b36518fba0bfe7b88693b94199289d2b8be12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he48
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 432

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 432 B
893 B 302ms
220ms XHR
application/json 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2ZFBfRjRubTRqaV9fTjFCOF9ZSl8wZm0wZmhPdFBEdmciLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

ca165b6447c76a809f4fbce0d15cc39163290102e0eaf5d2662c9dcef1f1c022

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he52
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 432

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 432 B
893 B 309ms
227ms XHR
application/json 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2NldqdFBJVHUzNlJfMzF3Q19Lbm02WHhOXzF5YV8xRVEiLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

d9235342afd290a828ad25fc3b823442ed5b76568d5c0d450d7d1d36e866d0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he54
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 432

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 5 KB
2 KB 115ms
29ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: c033d29c6d4d08178a802f85c17fe1b36175a6d740aab5fb84c960212ed478b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 17 May 2024 01:13:28 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=70
Content-Length: 1639
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 lantern_global_13971.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 81ms
22ms Script
application/octet-stream 2600:9000:20eb:1e00:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_13971.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1e00:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9aff8fcbf9e3e27085f01a8e7943e17703de8de0d5943245eaa1eb0f375e4ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8gvMpeqJyeQkoXN0oo9ZIr.JIIgkLUyc
date: Thu, 16 May 2024 05:36:05 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 14:39:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 70644
etag: "737e0adf687635be2fadd7f2ef253675"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1815
x-amz-cf-id: KhYqLMZNXDIYJcmPj6ni2rBgBSMzsUWIR0f8EcnPfP8BRB0I7eisyA==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
812 B 252ms
199ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 53A2E36D300D46D28AECBCE6E17AA263 Ref B: ZRHEDGE1010 Ref C: 2024-05-17T01:13:28Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYYnA8tLLecni4LF3OTXA==
x-fs-uuid: 0006189c0f2d2cb79c9e2e0b1773935c

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1715908408705%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=A...

0
266 B

232ms
192ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=AQKweqciN34fAwAAAY-EHHhQrgNjn3NZ8kXY6zk56cGg92NqkjALG1dVPlKfxuCI7itESr-q5yBk
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FD9C5CBACCFA4106BC98BC6B787EE209 Ref B: ZRHEDGE0817 Ref C: 2024-05-17T01:13:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYYnA85e+CmpV8BmW2dHw==

Redirect headers

date: Fri, 17 May 2024 01:13:29 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F155CE6C23D142228575D6FEB4BF6983 Ref B: ZRHEDGE0922 Ref C: 2024-05-17T01:13:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1715908408705&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=AQKweqciN34fAwAAAY-EHHhQrgNjn3NZ8kXY6zk56cGg92NqkjALG1dVPlKfxuCI7itESr-q5yBk
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYYnA81xU2i6ipT7uo/Aw==

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:893::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19942

GET
H2 200 1990369294524981 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1990369294524981?v=2.9.156&r=stable&domain=www.orellfuessli.ch&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4fe2eb2f3f95a6dec9f22b538d2037b2d95219b23c10bdfc8c5750b8c9623d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 01:13:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13608
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=68, mss=1208, tbw=63359, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: TnZ3g/vsw2WduDRJR+7zViEWtTR52JUzxIxckcwSf4uUOKISeu3CHZekhLoorRhBM6CjMP2wecEC50QMgbrNdg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
636 B 97ms
48ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1715908408746&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1568243005154397
content-length: 188
pin-unauth: dWlkPU9UTTVZVFE1WWpBdE1EVXhNaTAwTnprd0xUa3hPR010TTJWbVpUZ3laRFJtTkRKag
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5c8bfc366c53ef4acca5f606987646193351b3ab
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 97ms
49ms Fetch
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.60%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1715908408747
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.orellfuessli.ch
pinterest-version: 5c8bfc366c53ef4acca5f606987646193351b3ab
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4351313303744481
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/978673102/ 42 B
64 B 33ms
32ms Image
image/gif 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978673102/?random=1715908408668&cv=11&fst=1715907600000&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9178896824z86104277za201&gcd=13r3r3r3r5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&hn=www.googleadservices.com&frm=0&tiba=Kinderclub%20%7C%20Orell%20F%C3%BCssli&npa=0&pscdl=noapi&auid=675625613.1715908409&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%3Bads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqmgptXGs1m1QJf0901SaamrHGNsns3w&random=1487550897&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ch/pagead/1p-user-list/978673102/ 42 B
64 B 58ms
31ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/978673102/?random=1715908408668&cv=11&fst=1715907600000&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9178896824z86104277za201&gcd=13r3r3r3r5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&hn=www.googleadservices.com&frm=0&tiba=Kinderclub%20%7C%20Orell%20F%C3%BCssli&npa=0&pscdl=noapi&auid=675625613.1715908409&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%3Bads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqmgptXGs1m1QJf0901SaamrHGNsns3w&random=1487550897&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:13:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 78ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1990369294524981&ev=PageView&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&rl=&if=false&ts=1715908408776&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715908408774.727897671&cs_est=true&ler=empty&cdl=API_unavailable&it=1715908408739&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1208, tbw=2793, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 May 2024 01:13:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 273ms
218ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1990369294524981&ev=PageView&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&rl=&if=false&ts=1715908408776&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715908408774.727897671&cs_est=true&ler=empty&cdl=API_unavailable&it=1715908408739&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe5a0a390b42bdc47","source_keys":["1","2"]},{"key_piece":"0x176186ec60e05e99","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 17 May 2024 01:13:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1208, tbw=3111, tp=-1, tpl=-1, uplat=197, ullat=0
pragma: no-cache
x-fb-debug: 4Bvwo30CMO7Bs19ti6q67uuDYNEECyj31BInMWLa9xXrY9x69nRzH91VYyNjlXKodE8w+fVkRjpfzAdFrXgpUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 track.php
lantern.roeye.com/ 0
154 B 132ms
41ms Image
image/gif 54.75.234.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=a4196916-392d-437d-8c27-b6a3bb165b07&referrer=&landingpage=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&site=13971
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.234.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-234-246.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 55 KB
9 KB 49ms
49ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1715908408&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 7b4ef3ea2bbf02ca51f02db47768ba915b02e03233cd31b7c65e48489c885ba3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 17 May 2024 01:13:28 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=69
Content-Length: 8822
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 main.MWNkMWZjOGNjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 59ms
58ms Script
application/javascript 95.100.146.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LKHMN177STLBSB54OG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1db752c
date: Fri, 17 May 2024 01:13:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240509122012C8965AC91BDCD3927E7C
x-tt-trace-id: 00-240509122012C8965AC91BDCD3927E7C-3EFCE0F588ABF6D0-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fe8e1c4608944745a71ea425f7ce0ca07d5b0a9f463a2ba4ffc88a75097f39e88fb2f7de7bd5f8fbf1e348aa218743904622dead69370c5982daff71ab93932006123b735d5f4262ae6285ad593ccfca18d63bdbd67c9532ce58cfd840e29bb9
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=19
content-length: 116189

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 23ms
21ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:28 GMT
x-cdn: fastly
age: 6858
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame EED7 0
0 94ms
51ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer: https://www.google.com/
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 01:13:28 GMT
pinterest-version: 5c8bfc366c53ef4acca5f606987646193351b3ab
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1327816014470863

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 92ms
32ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Fri, 17 May 2024 01:13:28 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
155 B 34ms
33ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
dataType: json
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:28 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK rt.php
www.usemaxserver.de/ Frame F087 0
0 93ms
31ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&iframe=1&cbt=1715908408&k0=0&w=1600&h=1200&ci=IHVzbV91bV9ydD01NTE2NDgyMjI1JnxlMWY0M2M=
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1715908408&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer: https://www.google.com/
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 581
Content-Type: text/html
Date: Fri, 17 May 2024 01:13:28 GMT
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Keep-Alive: timeout=3, max=70
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache/2.4
Vary: Accept-Encoding

GET
H/1.1 200
OK exint_close.png
www.usemaxserver.de/images/ 3 KB
3 KB 27ms
26ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/images/exint_close.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 01:13:28 GMT
Last-Modified: Tue, 28 Jun 2016 13:42:27 GMT
Server: Apache/2.4
ETag: "a51-53656cebaf6c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=68
Content-Length: 2641

GET
H/1.1 200
OK newsletter_012020.png
www.usemaxserver.de/partner/orellfuessli/onsite/ 193 KB
194 KB 50ms
27ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/partner/orellfuessli/onsite/newsletter_012020.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 01:13:28 GMT
Last-Modified: Wed, 08 Jan 2020 13:33:48 GMT
Server: Apache/2.4
ETag: "305b7-59ba0f13e0700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=67
Content-Length: 198071

GET
H2 200 identify_93546.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 56ms
55ms Script
application/javascript 95.100.146.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1db756c
date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240508162132A0D6B7841F621DD9E667
x-tt-trace-id: 00-240508162132A0D6B7841F621DD9E667-70C756FE34F66FC3-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018d5bc42629b6c34ba885c13b9b8763a7a344b7c14bab807f1afe93fb47cbbda60ef67d89b7473f189b504b20d03b690032a53a8fef3b3e59b323f80076339f0d90d40ae3978b4cfbeef2ad301653887b773223c76a1464aa0ffc4ff6ac332e94
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 37047

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 166ms
166ms Ping
text/plain 95.100.146.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 31fa97cc.1db7584
date: Fri, 17 May 2024 01:13:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240517011329BAB79FF6D5CF660C05CB-65016C196E6D6856-00
x-cache: TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 125,95.100.146.12
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=30, inner; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240517011329BAB79FF6D5CF660C05CB
x-cache-remote: TCP_MISS from a23-15-7-232.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.15.7.232
x-tt-trace-host: 015faff82ad69f86bf2dfd80cb627089488f263c3d24d5e30b4286912c8a1aaaa3510f3b4fc3c59288b0489217b48965ed0399f04e64d7d4e53f3008f0245a4a6c49e48a20922c8a24c0142103f7738759aa16cf9c03308e40a844bcd7afce37561543b193687e542c97fac733c64804d8
access-control-allow-headers: Authorization,*
expires: Fri, 17 May 2024 01:13:29 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 playButton.png
assets.thalia.media/red/cms/components/content-video/assets/ 2 KB
2 KB 38ms
38ms Image
image/webp 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/playButton.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef9012ae967969da4cb43d4899d23ddb84a2eba79392a91836feff02dbe689e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
thaliainternalrequest: true
cf-cache-status: HIT
age: 722810
cf-polished: origFmt=png, origSize=4351
content-disposition: inline; filename="playButton.webp"
content-length: 1750
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: "10ff-5f64a6f44e1b2"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600, public
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 884fbec47e4d65b5-FRA

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 80ms
78ms XHR
text/html 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec49f2e972f-FRA

GET
H2 200 1a7d73fc590959a437532b70854a4ecbb43971206d8e473b8e53ac2c615a747de288c30901fb8ade74216fcbb271ef5ef1efe206ab013ccdc974f499757195a996565c03e9ed58e23dd41111514bf8e98_x4c002731b13c1f45b3e232a7d57a46cbe4... Show response
mycliplister.com/jplist/187751/ 4 KB
2 KB 131ms
129ms XHR
text/plain 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1a7d73fc590959a437532b70854a4ecbb43971206d8e473b8e53ac2c615a747de288c30901fb8ade74216fcbb271ef5ef1efe206ab013ccdc974f499757195a996565c03e9ed58e23dd41111514bf8e98_x4c002731b13c1f45b3e232a7d57a46cbe4fb216470e861554faff7a5c5f2eb5f9dc6ed6b101fa38b4b9ab99aa342bbaa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

74b5972d2e1377d57f72be2e411895e8fb0af6341b1355e7f3bdd15ac9dd4216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he48
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
0 80ms
80ms XHR
text/html 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec49f2e972f-FRA

GET
H2 200 1a7d73fc590959a437532b70854a4ecbb7a14e20c86d010e571bc0aa05053828fd1c1477e062e1b66b11f988aaf87b68231498439ae5a12e96353eccf326b58cfa21773263de277ec53a5541b95a5252c_x4c002731b13c1f45b3e232a7d57a46cbe4... Show response
mycliplister.com/jplist/187751/ 4 KB
2 KB 128ms
127ms XHR
text/plain 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1a7d73fc590959a437532b70854a4ecbb7a14e20c86d010e571bc0aa05053828fd1c1477e062e1b66b11f988aaf87b68231498439ae5a12e96353eccf326b58cfa21773263de277ec53a5541b95a5252c_x4c002731b13c1f45b3e232a7d57a46cbe4fb216470e861554faff7a5c5f2eb5f9dc6ed6b101fa38b4b9ab99aa342bbaa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

26ec5701c489f99ad0aba2b1a779fc3ec59c8c7b09653ffb86fc3e87721aef98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he50
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
0 80ms
80ms XHR
text/html 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec49f2e972f-FRA

GET
H2 200 197b10ae970b7c0c3ce08f1b932530910e1d31fabe166e878a735f1f95a1b5945f9819f9f0d81c4c89e29ad23d52adda67a80bb673fc37ce9d83d56ae0d513cb55052aac829784551a97368ab2253a4cd_x4c002731b13c1f45b3e232a7d57a46cbe4... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 138ms
137ms XHR
text/plain 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/197b10ae970b7c0c3ce08f1b932530910e1d31fabe166e878a735f1f95a1b5945f9819f9f0d81c4c89e29ad23d52adda67a80bb673fc37ce9d83d56ae0d513cb55052aac829784551a97368ab2253a4cd_x4c002731b13c1f45b3e232a7d57a46cbe4fb216470e861554faff7a5c5f2eb5f9dc6ed6b101fa38b4b9ab99aa342bbaa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

6760cf4baa74f47721401050682ca2ba5a578fd946c71aafc190c254d1ac6674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he46
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
0 80ms
80ms XHR
text/html 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec49f2e972f-FRA

GET
H2 200 1909f71da75ffe2243d4d91e01cfbb4286399c5956b451ca919350654eda0fbd776b7c23bb5fcb0989a9a2c2bf739f1778a6508699735d6e5e4a277a3f914a92560ae878c5cec76046f72e72b24d178b8_x4c002731b13c1f45b3e232a7d57a46cbe4... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 136ms
135ms XHR
text/plain 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1909f71da75ffe2243d4d91e01cfbb4286399c5956b451ca919350654eda0fbd776b7c23bb5fcb0989a9a2c2bf739f1778a6508699735d6e5e4a277a3f914a92560ae878c5cec76046f72e72b24d178b8_x4c002731b13c1f45b3e232a7d57a46cbe4fb216470e861554faff7a5c5f2eb5f9dc6ed6b101fa38b4b9ab99aa342bbaa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

b542156d745f19a93644b7682e9cb610fe070eab0ef58b0d2b6b9daa8e8a6c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he52
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
0 81ms
81ms XHR
text/html 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec49f2e972f-FRA

GET
H2 200 1909f71da75ffe2243d4d91e01cfbb428b44a78a702f92a5fc06034f1f392687b537d9869e9975c7a651446f0bdf43c016ab76ed00e6b48425a99ca448ea4cd1b51b932e6e86480f6579162daec125fe6_x4c002731b13c1f45b3e232a7d57a46cbe4... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 141ms
140ms XHR
text/plain 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1909f71da75ffe2243d4d91e01cfbb428b44a78a702f92a5fc06034f1f392687b537d9869e9975c7a651446f0bdf43c016ab76ed00e6b48425a99ca448ea4cd1b51b932e6e86480f6579162daec125fe6_x4c002731b13c1f45b3e232a7d57a46cbe4fb216470e861554faff7a5c5f2eb5f9dc6ed6b101fa38b4b9ab99aa342bbaa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

d505b35499fff053a417ecdb1274fe00c048719197a0de59f89d7e4894d71a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he54
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
0 82ms
82ms XHR
text/html 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec49f2e972f-FRA

GET
H2 200 1958f1678124b09408fba8afc0233f185280331e76e40f9f1948d372a2e4a673e850b85374ff46e00b3745e45e198f70ccb1eb59afa8dc5a1e736b763c8df8a9940659cbd6b10bff2089f6d3236392ee7_x4c002731b13c1f45b3e232a7d57a46cbe4... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 126ms
125ms XHR
text/plain 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1958f1678124b09408fba8afc0233f185280331e76e40f9f1948d372a2e4a673e850b85374ff46e00b3745e45e198f70ccb1eb59afa8dc5a1e736b763c8df8a9940659cbd6b10bff2089f6d3236392ee7_x4c002731b13c1f45b3e232a7d57a46cbe4fb216470e861554faff7a5c5f2eb5f9dc6ed6b101fa38b4b9ab99aa342bbaa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

e706e40740749d46bd59509965132e0942a5aff12c4aa7f7906ad048b334e48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he56
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H/1.1 200
OK load_module.php Show response
www.usemaxserver.de/ 8 KB
3 KB 28ms
28ms Script
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/load_module.php?kid=40238&project_id=7441&ci=IHVzbV91bV9ydD01NTE2NDgyMjI1JnxlMWY0M2M=&pid=744111
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1715908408&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: b96082066002651f59c4895ada04ef93ba13ac121587579d9847b5383044c803

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 01:13:29 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: text/html
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Connection: Keep-Alive
Keep-Alive: timeout=3, max=66
Content-Length: 2261
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 0
362 B 29ms
29ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?action=view&pid=7441&device=0&ci=IHVzbV91bV9ydD01NTE2NDgyMjI1JnxlMWY0M2M=&campaign_id=40238&laa=&u=1&exint=1
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1715908408&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 17 May 2024 01:13:29 GMT
Server: Apache/2.4
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=70
Content-Length: 0
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 controls-map.svg
assets.thalia.media/red/cms/components/content-video/assets/skin/img/ 24 KB
7 KB 53ms
53ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/img/controls-map.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 110b2b2e359aca1e1b080f935fc4c95dab0d61873b67be1b3c9935c980bba5c0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"6161-5f64a6f457ceb"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec53e9c65b5-FRA

GET
H2 200 bbd65a02282a29a48b9bf3c776e8e5c6135028d5.jpg Show response
assets.thalia.media/img/cms/ 0
338 KB 62ms
61ms Fetch
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/bbd65a02282a29a48b9bf3c776e8e5c6135028d5.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:36 GMT
server: cloudflare
cf-polished: origSize=383641
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec56fa3972f-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 38ms
38ms XHR
image/png 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.48700880321528506

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he52
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Sun, 16 Jun 2024 01:13:29 GMT

GET
H/1.1 200
OK 82df45fc966303af3d615f357b9f1fd65db5bdd3c3b75a059e6c9973f564e2fc7fe479f50789798ce727ccd6f194d6a0 Show response
es40.mycliplister.com/cls/static/ 0
87 KB 107ms
41ms Fetch 88.99.70.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://es40.mycliplister.com/cls/static/82df45fc966303af3d615f357b9f1fd65db5bdd3c3b75a059e6c9973f564e2fc7fe479f50789798ce727ccd6f194d6a0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.99.70.226 Aachen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.70.99.88.clients.your-server.de

Software

Cliplister GmbH /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 May 2024 01:13:29 GMT
Server: Cliplister GmbH
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88581
X-Frame-Options: SAMEORIGIN

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 105ms
105ms XHR
image/png 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.42666437866673834

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he56
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Sun, 16 Jun 2024 01:13:29 GMT

GET
H2 200 ff9e50cc2530294569aa25a7dbcee8087448375e.jpg Show response
assets.thalia.media/img/cms/ 0
86 KB 77ms
77ms Fetch
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/ff9e50cc2530294569aa25a7dbcee8087448375e.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:36 GMT
server: cloudflare
cf-polished: origSize=96488
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec57fa9972f-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 134ms
134ms XHR
image/png 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.5088717090611112

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he48
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Sun, 16 Jun 2024 01:13:29 GMT

GET
H2 200 9965bdf63caf2453488e276e06a93fb4168a5e26.jpg Show response
assets.thalia.media/img/cms/ 0
220 KB 58ms
58ms Fetch
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/9965bdf63caf2453488e276e06a93fb4168a5e26.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:36 GMT
server: cloudflare
cf-polished: origSize=254233
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec57fad972f-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 131ms
131ms XHR
image/png 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.7957703711118198

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he54
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Sun, 16 Jun 2024 01:13:29 GMT

GET
H2 200 79f193c7b6b8865b9d5d8cc6537c443635b96314.jpg Show response
assets.thalia.media/img/cms/ 0
188 KB 51ms
51ms Fetch
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/79f193c7b6b8865b9d5d8cc6537c443635b96314.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:36 GMT
server: cloudflare
cf-polished: origSize=205142
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec57faf972f-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 130ms
130ms XHR
image/png 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.27229144614959244

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he50
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Sun, 16 Jun 2024 01:13:29 GMT

GET
H2 200 cfe1470bd3b994acf265180f005dc34774dcee6e.jpg Show response
assets.thalia.media/img/cms/ 0
87 KB 70ms
70ms Fetch
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/cfe1470bd3b994acf265180f005dc34774dcee6e.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 May 2024 23:51:36 GMT
server: cloudflare
cf-polished: origSize=97841
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 884fbec57fb4972f-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 127ms
127ms XHR
image/png 2a01:4f8:10a:3016::1001
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.23959050890511913

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10a:3016::1001 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he52
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Sun, 16 Jun 2024 01:13:29 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 169ms
168ms Ping
text/plain 95.100.146.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.google.com/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 511dfc2.1db7626
date: Fri, 17 May 2024 01:13:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24051701132937DEA215EAEC0E0984ED-7D6558277DA03D2F-00
x-cache: TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 123,95.100.146.12
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=28, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024051701132937DEA215EAEC0E0984ED
x-cache-remote: TCP_MISS from a184-28-17-143.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,184.28.17.143
x-tt-trace-host: 015faff82ad69f86bf2dfd80cb62708948ddff74c2fbee2e79e14dc463c2d856a173b31f78b4e6b6fcc6ba54b39d46065b14a20588563d595a7992bdbeeb8be80f957b8fc34a09d04c2256496aca1dc8423a0c4c7a8dd8b03ddb5c2d676bcb86574f0368ed5f9baa973cceb4bd8103d2b1
access-control-allow-headers: Authorization,*
expires: Fri, 17 May 2024 01:13:29 GMT

GET
BLOB 200
OK 1909e100-4852-46ed-ab58-378899f29e86
https://www.orellfuessli.ch/ 85 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/1909e100-4852-46ed-ab58-378899f29e86
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c0acb23ae3bb0bbb88864de4e46041f2df81a2c10f52eea3cb2143b6a0be9cf

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 87385
Content-Type: image/jpeg

GET
BLOB 200
OK 9775185b-58a9-417c-80a0-dee80d6b7763
https://www.orellfuessli.ch/ 337 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/9775185b-58a9-417c-80a0-dee80d6b7763
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a93fc2a1473e7f62d40e842c4778f668c0adf24d57f28bd11215005aaa8be034

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 345035
Content-Type: image/jpeg

GET
BLOB 200
OK b2c91e02-77b0-4cd5-8457-abf4e0266190
https://www.orellfuessli.ch/ 219 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/b2c91e02-77b0-4cd5-8457-abf4e0266190
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3379224d58b4eeefb42494dff134d80c1e0a49b74f299d570c989d9dfdb8b74e

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 224548
Content-Type: image/jpeg

GET
BLOB 200
OK 24c96d85-33c3-47ce-acc0-64e01ac33268
https://www.orellfuessli.ch/ 86 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/24c96d85-33c3-47ce-acc0-64e01ac33268
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa6425559fcb8d76b6c80d276e490afeb1066c214cb354512c4f8f8890e57766

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 88531
Content-Type: image/jpeg

GET
BLOB 200
OK 2c2cca15-95c3-4726-9569-a73ab48faf98
https://www.orellfuessli.ch/ 187 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/2c2cca15-95c3-4726-9569-a73ab48faf98
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed39c56e40a4baef604b004fcd5283206b38984bc0a87373b25921f20730fc1f

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 191881
Content-Type: image/jpeg

GET
BLOB 200
OK 2d8ccf7e-074d-443a-8123-53de846ff235
https://www.orellfuessli.ch/ 87 KB
0 Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/2d8ccf7e-074d-443a-8123-53de846ff235
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3653a7268b62cce306c88d5fb523719c5bacbe068728f9256ebd97184d864eb7

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 88581
Content-Type

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 190ms
189ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:29 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A7A25A0997C645A0A5BABBAEB2E254D1 Ref B: ZRHEDGE0922 Ref C: 2024-05-17T01:13:29Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.orellfuessli.ch
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYYnA88fh1hdsnG8FvMmA==

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 17ms
16ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
dataType: json
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:34 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 42ms
41ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
dataType: json
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:38 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 23ms
22ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
dataType: json
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:43 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 30ms
29ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
dataType: json
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:48 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 27ms
27ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
dataType: json
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.google.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Fri, 17 May 2024 01:13:53 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orellfuessli.ch/	1970-01-21 06:14:28	Name: gcor Value: "SIDZkavNxpQ7qkOP1xN8ZfrEQAAAG8"
www.orellfuessli.ch/	1970-01-21 05:34:09	Name: ab_bucket Value: 1
www.orellfuessli.ch/	1970-01-21 05:34:09	Name: ab_container Value: 6
.thalia.media/	1970-01-20 20:38:30	Name: __cf_bm Value: IN4Na7VTaJz5IP3d7Ope0YceIxdMAdmgqfqgWNXoSfc-1715908408-1.0.1.1-0.J.6KlHaNqAxaCwkFQB_58taq._MWAO2ntFXTAhA8Drrx9nYd9HL5bOTDs0kh9azSQhnCJOgpgDtqEIgdL2tw
www.orellfuessli.ch/	1970-01-20 20:38:39	Name: club Value: KEIN_MITGLIED
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: MERKZETTEL-XSRF-TOKEN Value: 53a70015-bfdb-46c1-b8ed-f1c336c2fcca
www.orellfuessli.ch/	1970-01-20 20:38:32	Name: hatAbo Value: false
www.orellfuessli.ch/	1970-01-20 20:38:32	Name: anzahlGuthaben Value: 0
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: WARENKORB-XSRF-TOKEN Value: 6603f572-8b2c-4fff-8628-447754aeed22
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 9bf0ca0c-290f-412c-98ba-2081bd9e1fbf
.www.orellfuessli.ch/	1970-01-21 05:24:04	Name: _ga_hitcounter Value: 1
.www.orellfuessli.ch/	1970-01-21 05:24:04	Name: _ga Value: GA1.1.6490865824.1715908408589
.www.orellfuessli.ch/	1970-01-21 05:24:04	Name: _ga_BE2W3ZY94G Value: GS1.1.1715908408589.1.0.1715908408589.0
.orellfuessli.ch/	1970-01-20 22:48:04	Name: _gcl_au Value: 1.1.675625613.1715908409
.orellfuessli.ch/	1970-01-20 20:39:54	Name: _uetsid Value: ab2ed05013ea11ef82ec7f64844826a3
.orellfuessli.ch/	1970-01-21 06:00:04	Name: _uetvid Value: ab2ee3b013ea11ef8bd10713bd7b2767
.orellfuessli.ch/	1969-12-31 23:59:59	Name: dmChatSessionId Value: abtja5tf2ke1omnyosyrufif
.orellfuessli.ch/	1970-01-20 22:48:04	Name: _fbp Value: fb.1.1715908408774.727897671
.doubleclick.net/	1970-01-20 21:21:40	Name: ar_debug Value: 1
.orellfuessli.ch/	1970-01-20 21:21:40	Name: lantern Value: a4196916-392d-437d-8c27-b6a3bb165b07
.bing.com/	1970-01-21 06:00:04	Name: MUID Value: 35B516D7FC8A6D3537420255FDFA6C35
.tiktok.com/	1970-01-21 06:00:04	Name: _ttp Value: 2gZcBxI3jhsGQypwOnTpsArvzDd
.pinterest.com/	1970-01-21 05:24:04	Name: ar_debug Value: 1
.orellfuessli.ch/	1970-01-21 05:24:04	Name: _pin_unauth Value: dWlkPU9UTTVZVFE1WWpBdE1EVXhNaTAwTnprd0xUa3hPR010TTJWbVpUZ3laRFJtTkRKag
.doubleclick.net/	1970-01-21 06:14:28	Name: IDE Value: AHWqTUlvktwt1mLXhHxxMCNuYS2cHMKd4Ql4OY32T1azg72aq-BAm7_1xjB54vtMxpo
.doubleclick.net/	1970-01-21 00:57:40	Name: receive-cookie-deprecation Value: 1
www.orellfuessli.ch/	1970-01-21 05:24:04	Name: usm_um_rt Value: 5516482225
.linkedin.com/	1970-01-20 22:48:04	Name: li_sugr Value: bb4f8b54-c51e-4469-8554-b305c43b38f3
.linkedin.com/	1970-01-21 05:24:04	Name: bcookie Value: "v=2&b990f896-114f-4d14-817a-8c31b7494568"
.linkedin.com/	1970-01-20 20:39:54	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2969:u=1:x=1:i=1715908408:t=1715994808:v=2:sig=AQFq-Rp9ntbu2Whr-FvI0K5RFs8iN3mc"
.orellfuessli.ch/	1970-01-21 06:00:04	Name: _tt_enable_cookie Value: 1
.orellfuessli.ch/	1970-01-21 06:00:04	Name: _ttp Value: 4l1p166KtSNGLH9VhYWHrRuolXO
.linkedin.com/	1970-01-20 21:21:40	Name: UserMatchHistory Value: AQIhjhoX6n1ffQAAAY-EHHbLVwmR-s6mZa7krCpVorzcr1cNUWuYMKl0XsuB5-3AcGSJy8Gr1BCyRQ
.linkedin.com/	1970-01-20 21:21:40	Name: AnalyticsSyncHistory Value: AQIIgTQZkppJqwAAAY-EHHbLzgnW1hBoOQVIhZhKsmR41HQedBX1IdpIuaVxQ1PpAIFir1kkpXjewvQfrUjpnw
.usemax.de/	1970-01-21 05:24:04	Name: um_rt Value: 5516482225
.usemax.de/	1970-01-21 05:24:04	Name: ident_v Value: 1
.orellfuessli.ch/	1970-01-20 20:38:30	Name: __cf_bm Value: xgjeMFO5ek.KaCkIv6XMOutYkHOiSW6pZVHRArL2Tjs-1715908409-1.0.1.1-KxbigJhwn_HL8INNwkz7DtxTLwLgxTP91SST_Zw.FO0IGzymGj7G3Ofry4GqYsHQpepcaeBuD520s9lj_hJaNQ
.www.linkedin.com/	1970-01-21 05:24:04	Name: bscookie Value: "v=1&2024051701132942083425-9b2e-478f-853f-ec9b35845b83AQGMOR85Ne7lCHxk_qzvz1lChRnPD9dw"
.linkedin.com/	1970-01-21 00:57:40	Name: li_gc Value: MTswOzE3MTU5MDg0MDk7MjswMjFyhAO8unBNu5LsJ41tdF2xakWzIQ5GL9uGmxZgt7GwFg==
.adform.net/	1970-01-20 21:23:06	Name: C Value: 1
.adform.net/	1970-01-20 22:04:52	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 22:04:52	Name: uid Value: 7452416455872071709

130 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1171) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9327407.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
assets.thalia.media
bat.bing.com
challenges.cloudflare.com
chat.orellfuessli.ch
connect.facebook.net
ct.pinterest.com
es40.mycliplister.com
finki.ch
ga.thalia.media
googleads.g.doubleclick.net
images.thalia.media
lantern.roeye.com
lantern.roeyecdn.com
mycliplister.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.pinimg.com
snap.licdn.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google.ch
www.google.com
www.googletagmanager.com
www.linkedin.com
www.orellfuessli.ch
www.usemaxserver.de
104.16.4.2
104.16.91.18
104.17.2.184
104.17.3.184
13.107.42.14
142.250.184.198
142.250.185.166
142.250.185.67
151.101.64.84
176.10.114.133
2001:4860:4802:34::36
212.48.120.130
216.58.206.66
216.58.212.132
2600:9000:20eb:1e00:1f:af3f:8a40:93a1
2600:9000:214f:cc00:f:8ce2:fb80:93a1
2606:4700::6812:17de
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:80e::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c1d::9c
2a01:4f8:10a:3016::1001
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:893::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
54.75.234.246
80.89.210.220
88.99.70.226
95.100.146.16
00ae044b3ec3f36c75cc03143d2cafdb2dfa5ba5f93ce0092e28eb6346db2147
00ba148a5496be8cec74cc1d30fa7923323f3a3b62c94971193198b03b586114
00cd7ef1b2c2288020489e6cf158c5c923e8b1b14b0df955c2865a1942b3cb93
017507d60a6fe84bec3520bf94e6182d4c80120c489b6cb2185ee1fd5236c117
02cf1ffa5d924dc753ccd51dd873eaba01ee014bc5b26d8ea24666d80c23e78a
05f707fa9d5252f752e713b608c96854a15fb1b84db7c070c41de82bd25ef730
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
0b78c93f967d7d7cdac04c8540749f47c15b902e8ed93f683b04192e4511bf82
0c0acb23ae3bb0bbb88864de4e46041f2df81a2c10f52eea3cb2143b6a0be9cf
0d42d28872139ddccb30468fdaad30332f178399ebda9bfdfce1d941e63140f5
0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779
110b2b2e359aca1e1b080f935fc4c95dab0d61873b67be1b3c9935c980bba5c0
13f2ae2696ab61313c0b1646f79f17acfe9c80c1a0379f3c41be1922edb27b06
15f018f66d62ac7ab96d85dd4e253a0338a6143a9b68fddfbe881d245c2e7282
17134b8027532c3b08cefde6c202c8d1405aee2edede1da9c1e661bfade905c6
1ab21b11c588b2c13d736330a62d85185e6e808840519fcf8d61dd1a0e96a6e6
1cf922dfd5ce8d0846e5347f1287b14e356a15b9cd535d804f16f22326a55fc9
1fd8d6b521e5887c59cce1f7d69f5c87fcb5774974a8a4e1547f3b4116986719
227d717a844fe9859ee8cec565c8a5bc23ff34d582d80e11c1aa897928b6bea3
22bcfcb4f9f8a275e009ea9ca1c9bcb4cd8636a35539f6a20f4465522d8c74fd
24511874594ec6f952ef9ff5410d6a05e2c6c2c2118961fb5138648f92df76c6
25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3
261563e00103ed008c756ee6c3ce452aea585961678e5fcfc7de7b4c62fb22cc
2621c27627eeff09e36bc0434d79049d8b88f58786978216637794cd5d1ac821
26ec5701c489f99ad0aba2b1a779fc3ec59c8c7b09653ffb86fc3e87721aef98
273719d6c07b987e9906b9bf60ea9502301b05f5272c6419ec81c1b729768966
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
2950d2260bcd95444f687efd4368d98ec9c359d5a6a2416e81730d4ba0c966ed
2a2abf3114b589522e32e94c39c99879cdcb7cf792ceae5f50b717f38022939c
2a80023096c5c4ef05584d8bcef41cef0b4b6c4ad0a9f90817872eb288360cc7
2cbf45aaa253b03ac76a20a1ef45c100799ce5d6a011db5e97c960c44f71d7a1
2eb9e1e1c9a189d93363b0bb71255d86a4829dcfb4d0b63fe99b8c389987770d
312dc456b9380d06788ab121df550b43a1f239fe896b29741275c59181c2750f
328795e6658d61dff37f8f99257d4fd3d0cdd91f839ed85dc97840044ac4eb6d
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
3379224d58b4eeefb42494dff134d80c1e0a49b74f299d570c989d9dfdb8b74e
3430ada06e93710c0d8c33de52206b350cca35415ac20c03a3346e07872d0b31
351a3d58c6bf84633a50d9adf1dd2dbd8911a78bdb1c051cba944e03923ca073
3653a7268b62cce306c88d5fb523719c5bacbe068728f9256ebd97184d864eb7
372fe35b8719da99e5698b606693fdf643640fd3de6a8fb2667220c002e7fd0e
38690f2102776166b54a4358877c28754c27facdc913b72d16f653af523cd9a4
3b716dff6ab71cfa1f58d6c8ce87e24aca839760335acb08f4a97289aafc3941
3dbb1ddc03500924a03572449799e19e69cf927bc9880b7407a67b6c7eed1391
3e21b99206c4c2353442b9a0da5da773f748ea02803c0b7a87289e9eabac6071
41dd42c60f23e4d38c1f1e048c5742691cf6fa1c278838d95555be545cc7005f
4244653403f22bc0739365821d7db9b057c94a49d071af5e58ebc4904e564d47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395
49feee554240f639c7c41be1729c336be4bbaf05d18c4fa9d369e0c563e6c2dc
4ab95c04ea77b6ab083a93b31b01590a42017032fb6b0f9113d931ab73b7c85e
4cfbeb9386354c865ebacedef829bf97d39ec031e9513b641148fb6de1b38fc7
4d850b066ebe29c2e692489d84a64f6a68de3c97ffdad075b6b1f3a80f1356a3
52900a78c2cada7f3bf92acdd03a4f71de5cbb2ed0473c959705075036d2439f
54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829
558b21cdbac5b1fd99f24cd1952711f0e140f6cd880ed0db010dd272f8dc2641
57559c54129b88bc4a17cfb96c730b15320fc032a505e095797d32c934ce5b93
58fa8504dd5a1b32415927fa233fe4ca99aed9583196331604553d849abeac0b
5a7f91298c9e334a99ae240d30e1f9bf4cc4f2cd7d6793245444d4c6bddd0373
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6423ac6a105156f04d2c805a5755b03fa33642158f3096dc546ee8634e3342be
6760cf4baa74f47721401050682ca2ba5a578fd946c71aafc190c254d1ac6674
67da0087618efe66ace68962d3d33dae0a4adf2eb7bf53b0382e8a547b28c58a
68024b0859845915cf2072abed7941e77c0d5b24a29fea9ca9ca0610c43c6f4e
6ab8bddc3f64d99e46482cbfa8435a4b62515ca91b728565b0e341a0794f3c70
6c9d76c9c5271a072523bab3fa8e68839162c464dc7433e62214451f436d2944
6e34c8fb0157c0a7d9c0f8cd7b9bd819df92d7b61ce1ba0d9a3fe8a40c53db8f
6e9c7a84d5d586c9945e1ca3b379a766c93cf191f121c6bb8c3f319fd2f7bac5
7129501b189418fb239b6a4a40408c29181b6d708f47741f5adc5db39c00ac25
71bad66b09042ee7024482f58709d52cda75d5fca767016459d3bb59f3704479
721dbe613cba5aaa9ab39799acd16f1beb9614d522015828ab533fcd3b450d4c
72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac
72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2
73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b
74b5972d2e1377d57f72be2e411895e8fb0af6341b1355e7f3bdd15ac9dd4216
78ca7d41db73658983ffa90ef29e7e119a304fc14dc98f8a19667c2fc0507e09
7b4ef3ea2bbf02ca51f02db47768ba915b02e03233cd31b7c65e48489c885ba3
7c514264f96cd460d9336fd18ab33c18c27732cc0815726150953cea2be97d3c
7c7ffbae66efe0ea23398ca3e49f06e2cc5f87238a306e1502b7cbb7c073dbba
7eb9be155e0e65892605ee44911ccfa83d23c09db23bf9dc978df1b2584d6f72
80cd7b41534625f5cef8cf9143d525c6b22a7ce234f6d4824a035f7e281e73c8
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
89e42e9cdb6766845a09adc859246d0415e4dc29b10feb565751582a13788119
8aef3286cef56e8d99cc6eb7c31aadf6f64a3d72a488f635155cac1931d36c53
8bf3b82857bf409edd43b6a8a1bfbaa3231eb4b907ec23625b72a2195feb674b
8ce577654af51434e272fb904a5fd35c5924a524f1d9de78535efac0a9a00bd9
8d85fbf23357335ce361acce7f1b9ff0319b9d32b80f13c8e4c3b096c745e069
8fd74e0a320590fb7e045fb1be3b36518fba0bfe7b88693b94199289d2b8be12
939df079b2c41a9e69370f1b3e98660e7b84072b36544acd32478499d78cafae
946f422273409c3d264097c31e7b4cd2b27f2ead64ba86b9ee5f030316a092df
995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45
9dab51349ecc104c1e73517543f3f3ce09f4a43b68b445ba8fb26f3ca01d54ef
a12ba56d6a99cddcfe86db31ec372ca319ea2b1964c03cd0d97a2440afa8df0c
a1b13642881704e22f0efe3b9f6052c1bc3baf8780ee07aed84a2ea7149cb94e
a354624dca9abdfc95710800d950ece30b4a66f43363b2ee846d50d22d43920d
a43f18f1f4038133549b86360d12c44dbfc1e6d9a4894613fd61b74fbc13b517
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
a93fc2a1473e7f62d40e842c4778f668c0adf24d57f28bd11215005aaa8be034
aa0259d31fe640d462dabec31f87e8f9a7320d9b824651b756152289d2bce825
aa2a7a85ef1ef5fb19548cd1ef1d49b9be19a39a65d68decd30346443473430d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290
ab1900c6bca2f59ee2a5ae2daa37a9d889693c4d14ab41d856eb2521f701418a
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16217342bf945260ef457e550015621ce812a152b98741083a95bbd22abe6b8
b16fbc0805e269461252d6aa054fca96cdfb61c5a9b4edcfa7a9a7387a3e6211
b542156d745f19a93644b7682e9cb610fe070eab0ef58b0d2b6b9daa8e8a6c7b
b553e209be98b7ed1a86a019379f7d330e385d24c8b944f4dc388a61acba7acf
b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7
b6de5efc3af27ad93ee6cd3ac8eef98091736776ab4a1bffd00501e615242363
b896a16fe5f267e6ec21c07d35880e36167a09e77224769dc2b7684a3597bb7e
b927b95aa61814389841d31ca9eafa0e3f1c8fd6d7184005551dc7d5ad1c079e
b96082066002651f59c4895ada04ef93ba13ac121587579d9847b5383044c803
ba74bb5389bd06cf0ba8b893de9f885eabc602edc99720da90314a6116fd64da
bdeaf36274affcde02bfb13f68cc592b3eb6da8b6402150f9fc177977f241c7c
bef9012ae967969da4cb43d4899d23ddb84a2eba79392a91836feff02dbe689e
bf23c48bd6233118b9daf7d369d1ea218076f0e930eeb75405581b22248e3fe0
bfb00484924af8e1b5b481ccbfd1a8f05555602460a99e7cc27646b6e3628ccd
c033d29c6d4d08178a802f85c17fe1b36175a6d740aab5fb84c960212ed478b0
c0f803dd591fb4e35d55eaf557347593f7169e362a79e80f3cc155bf960415a0
c29c7a027de269cd511d5a2c5c8cc0ac98473b2b8dc0bdadf95e5f3770415362
c2ba886faae44035ccf1a94ebf94ed6994841826c94ca15ba8f7f8e7269d2d77
c47adc77eecd81e10caefe2f005d41533ac0ccaac1a0011bc34cbe63342e8047
c4fe2eb2f3f95a6dec9f22b538d2037b2d95219b23c10bdfc8c5750b8c9623d3
c770c4d465e153f8c9cfa69f9c548a9d67d0212c0e6095326f499a25b6da0cab
ca165b6447c76a809f4fbce0d15cc39163290102e0eaf5d2662c9dcef1f1c022
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cbdb897a4ff7ebf898594e8056cab0a3d75ee9025c7718764831277023e6dba7
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cfe66844981bc11610d8cf60013586056e0183cf4f3359d8c5b0f889b03410af
d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b
d1e06a0f817d8fa4be7f2dd108b068000bee54a5f97f87825cc4c7debe7867ae
d2d5522a6b63d2f4b7e58538ed8da8b5cff24c06dae7e942ed706fa0a0608901
d31b5aedf8ff4ee7a289b3cc3e5fd1a38560e0bae5f2f62b818861a4544c927c
d3a5ce86a9c7d6c797ab6ebb2dc9b63ba571a75c8cd7882c306beb5926aecd41
d505b35499fff053a417ecdb1274fe00c048719197a0de59f89d7e4894d71a04
d5851031a9255a0ef55774bd65644772db3839e4462c667c8a958fd80c86c643
d765337f0bd0aa25f29dcec8e9e750d56ab339bb0ac112da6ea96bf7bc54e816
d9235342afd290a828ad25fc3b823442ed5b76568d5c0d450d7d1d36e866d0cc
d9aff8fcbf9e3e27085f01a8e7943e17703de8de0d5943245eaa1eb0f375e4ef
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
df943af88c3db107309c0a54908165ace64dd8b8ac426408cceaf456f6c7be58
e05496608e58c334abae70368801cfb1f07d3cbe4713bc8a8eef8fd74d0de5a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e706e40740749d46bd59509965132e0942a5aff12c4aa7f7906ad048b334e48b
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e80f3437104722d25b2a6f77a6391902738f5f491ad5c23730c131a69e25b538
e9221abfd641f20f8d9517f6b9036904c0f1323f175fcba9faec077460145bb2
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea73585dc52c22c72253bd4aed12eec989d4b8ae09bef718a1fca67c7064bcd2
ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e
ec2214189306ff7d35d45e5f7031ec11611ab48ed0c5704a2e3712db96c5b316
ed39c56e40a4baef604b004fcd5283206b38984bc0a87373b25921f20730fc1f
ed6f4339c6d36961c0fab4d627e4f10b922e9253a6d832de4751f9ad07c03309
ee2af1f1cb2926b094599e533f38673186c99e45fe3b354f2d95f1f39de0b718
eeae8b70c401283984cad93d7719a2ba0c306b99537cdc44aaaf9a0abd780776
eefb7435c521f71a773ad466654a0d91d448491cf67d9fd65fcb2d0d8d55f125
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48b131cbe8376ff556bfd006117c7d09e9279e0a6e19ad60531d128941c95cc
f8d56b02386e690dfe02496e01198ed62608a7a0cb72a0cb11d6ac9d095f0b1a
fa6425559fcb8d76b6c80d276e490afeb1066c214cb354512c4f8f8890e57766
fa7f127c5e334ff314f189d9e146f560d7148d8ba984bd9b23086fba8022e07f
fbb7d133db30db1f066bcd9ebb61bdf244d75ca2a380b5d96f3d2f5b4e586f36
fd2bef013423b2a37c201e376947b30c34835448bb0e092fa6a162aa8afc5f00
fd8e6e31935ffd9efb0a6d2131503cdf67b0d333b56b695cf64cc487ab187c6f
fe51bd9771317274642c174e0d159b76c57b88adc5b36cefb3060444930dfb2a
fe7737bbc0a00422db35647fd8dac34ad4299ef88ad6909c7795b1556ddc88f3

www.orellfuessli.ch Open in urlscan Pro 104.16.91.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

95 %HTTPS

45 %IPv6

22 Domains

31 Subdomains

31 IPs

7 Countries

5663 kBTransfer

8983 kBSize

42 Cookies

11 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.orellfuessli.ch Open in urlscan Pro
104.16.91.18 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

95 %
HTTPS

45 %
IPv6

22
Domains

31
Subdomains

31
IPs

7
Countries

5663 kB
Transfer

8983 kB
Size

42
Cookies

210 HTTP transactions
5 data transactions