www.orellfuessli.ch Open in urlscan Pro
104.16.91.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://educard.ch/
Effective URL:
https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Submission: On February 01 via api (February 1st 2024, 1:16:26 am UTC) from CH — Scanned from CH

Summary HTTP 177 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 23 domains to perform 177 HTTP transactions. The main IP is 104.16.91.18, located in and belongs to CLOUDFLARENET, US. The main domain is www.orellfuessli.ch. The Cisco Umbrella rank of the primary domain is 511306.
TLS certificate: Issued by Thawte TLS RSA CA G1 on August 30th 2023. Valid for: a year.

This is the only time www.orellfuessli.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.10.114.133 176.10.114.133	51395 (AS-SOFTPLUS) (AS-SOFTPLUS)
38	104.16.91.18 104.16.91.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	104.16.4.2 104.16.4.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6812:17de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26db:b800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:883::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	2.19.96.250 2.19.96.250	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	80.89.210.220 80.89.210.220	8758 (IWAY) (IWAY)
6	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
1	2600:9000:267... 2600:9000:2670:9a00:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	52.48.4.199 52.48.4.199	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	104.120.210.144 104.120.210.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
177	29

1 176.10.114.133 (Switzerland) 1 redirects

ASN51395 (AS-SOFTPLUS, CH)
PTR: cp3.hostmax.ch

educard.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.16.91.18 (None, )

ASN13335 (CLOUDFLARENET, US)

www.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 104.16.4.2 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:17de (United States)

ASN13335 (CLOUDFLARENET, US)

images.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

9327407.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8114602.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:b800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:883::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.19.96.250 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-250.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 80.89.210.220 (Winterthur, Switzerland)

ASN8758 (IWAY, CH)

chat.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.48.120.130 (Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemaxserver.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usemax.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:9a00:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.4.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-4-199.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.120.210.144 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-120-210-144.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	thalia.media assets.thalia.media — Cisco Umbrella Rank: 153749 images.thalia.media — Cisco Umbrella Rank: 177607 ga.thalia.media — Cisco Umbrella Rank: 283948	677 KB
51	orellfuessli.ch www.orellfuessli.ch — Cisco Umbrella Rank: 511306 chat.orellfuessli.ch — Cisco Umbrella Rank: 605758	496 KB
13	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	158 KB
11	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 9327407.fls.doubleclick.net — Cisco Umbrella Rank: 911918 8114602.fls.doubleclick.net — Cisco Umbrella Rank: 777272 ad.doubleclick.net — Cisco Umbrella Rank: 163	9 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 632 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	3 KB
5	usemaxserver.de www.usemaxserver.de — Cisco Umbrella Rank: 156278	207 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	1 KB
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 5048	2 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	5 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	70 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 29645	455 B
1	usemax.de www.usemax.de — Cisco Umbrella Rank: 166198	683 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2898	968 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 8916	153 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 8890	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4433	12 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	122 KB
1	educard.ch 1 redirects educard.ch	328 B
177	23

	Domain	Requested by
56	assets.thalia.media	www.orellfuessli.ch assets.thalia.media
38	www.orellfuessli.ch	www.orellfuessli.ch assets.thalia.media
13	chat.orellfuessli.ch	www.googletagmanager.com chat.orellfuessli.ch
13	analytics.tiktok.com	www.orellfuessli.ch analytics.tiktok.com
13	images.thalia.media	www.orellfuessli.ch
5	www.usemaxserver.de	www.dwin1.com www.usemaxserver.de
4	track.adform.net	2 redirects www.usemaxserver.de
4	8114602.fls.doubleclick.net	2 redirects www.usemaxserver.de
4	ct.pinterest.com	s.pinimg.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	adservice.google.com	9327407.fls.doubleclick.net 8114602.fls.doubleclick.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	ad.doubleclick.net	8114602.fls.doubleclick.net
2	connect.facebook.net	www.orellfuessli.ch connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	9327407.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.ch
2	www.google.com	1 redirects
2	stats.g.doubleclick.net	www.orellfuessli.ch
1	www.usemax.de	www.usemaxserver.de
1	analytics.pangle-ads.com	analytics.tiktok.com
1	www.facebook.com
1	lantern.roeye.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	lantern.roeyecdn.com	www.dwin1.com
1	snap.licdn.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.orellfuessli.ch
1	ga.thalia.media	www.orellfuessli.ch
1	www.googletagmanager.com	www.orellfuessli.ch
1	educard.ch	1 redirects
177	33

This site contains links to these domains. Also see Links.

Domain
www.edubook.ch
bueropult.ch
www.oft.ch
bookcircle.orellfuessli.ch
www.trustedshops.ch
de-de.facebook.com
www.instagram.com
www.tiktok.com
www.youtube.com
www.pinterest.de
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.orellfuessli.ch Thawte TLS RSA CA G1	`2023-08-30` - `2024-09-23`	a year	crt.sh
*.thalia.media Thawte TLS RSA CA G1	`2023-12-20` - `2025-01-05`	a year	crt.sh
images.thalia.media Cloudflare Inc ECC CA-3	`2023-07-29` - `2024-07-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
chat.orellfuessli.ch DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-27` - `2024-10-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
usemaxserver.de R3	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
www.usemax.de R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Frame ID: 3E4EBD886ACB69A917202AF947CAAFA1
Requests: 162 HTTP requests in this frame

Frame: https://9327407.fls.doubleclick.net/activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card
Frame ID: 7DF0529101E2730C0CD1B32720C0EEE8
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 68164F2B44592BC16C2A0C48E4ADE770
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&iframe=1&cbt=1706750156&k0=0&w=1600&h=1200&ci=IHVzbV91bV9ydD03MTM5NjMxNjU1JnxlMWY0M2M=
Frame ID: 566D1635C364A844F8B4FDED0505929D
Requests: 3 HTTP requests in this frame

Frame: https://8114602.fls.doubleclick.net/activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: 6E725D36205EEB16BE1017246C207A70
Requests: 3 HTTP requests in this frame

Frame: https://8114602.fls.doubleclick.net/activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: FA9B8819360173B81BBCDD1DFEEE1EA5
Requests: 3 HTTP requests in this frame

Frame: https://www.usemax.de/rt.php?ext_i=7139631655
Frame ID: 30D7C7D038DD89F2E72B7810D5A76ACD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Education Card | Orell Füssli

Page URL History Show full URLs

https://educard.ch/ HTTP 307
https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

177
Requests

98 %
HTTPS

55 %
IPv6

23
Domains

33
Subdomains

29
IPs

7
Countries

1813 kB
Transfer

4558 kB
Size

42
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.edubook.ch/angebot/education-card
Title: Edubook

Search URL Search Domain Scan URL

URL: https://bueropult.ch/home/kontakt/
Title: BüroPult

Search URL Search Domain Scan URL

URL: https://www.oft.ch/karriere/
Title: Karriere & Jobs

Search URL Search Domain Scan URL

URL: https://bookcircle.orellfuessli.ch/
Title: Book Circle Community

Search URL Search Domain Scan URL

URL: https://www.trustedshops.ch/bewertung/info_X31D6E98C374EA3E5B6AB582709F9185B.html

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orellfuessli/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@orell.fuessli?lang=de-DE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/OrellFuessli/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ch/app/orell-fussli-mein-buch/id1119180724

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.thalia.oft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://educard.ch/ HTTP 307
https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=480799048 HTTP 302
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=480799048&slf_rd=1&random=2735713643

Request Chain 116

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card HTTP 302
https://9327407.fls.doubleclick.net/activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card

Request Chain 128

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1706750156242%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%252Fbonusprogramme%252Fuebersicht%252Feducation-card%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true&liSync=true&e_ipv6=AQJfL4IP-nMQMQAAAY1iPKDmOljqt3TGCrQgfIIGEHAgJqQrQHCs0zjLyjwrpDgy9xnDXW6GgWuo

Request Chain 159

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://8114602.fls.doubleclick.net/activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 160

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://8114602.fls.doubleclick.net/activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 162

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|

Request Chain 163

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C1%7COrellFuessliCH_1&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7COrellFuessliCH_1&ADFdivider=|

177 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request education-card Show response
www.orellfuessli.ch/bonusprogramme/uebersicht/
Redirect Chain

https://educard.ch/
https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

560 KB
58 KB

163ms
98ms

Document
text/html

104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7123c3cc108de91aa6aba1d923564e5e9cb286a2d2884f13231d04fde12eef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

age: 12197
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84e65898d8303a9a-FRA
content-encoding: gzip
content-language: de
content-type: text/html;charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 01 Feb 2024 01:15:55 GMT
expires: 0
grace: full
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-cache: HIT
x-content-type-options: nosniff
x-crafter: true
x-frame-options: SAMEORIGIN DENY
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Encoding: br
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Feb 2024 01:15:55 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Server: Apache
Vary: Accept-Encoding

GET
H2 200 LatoLatin-Regular.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 37ms
35ms Font
font/woff2 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Regular.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5341272
cross-origin-resource-policy: same-origin
content-length: 43760
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 09:09:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: font/woff2
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 84e65899889b3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 LatoLatin-Bold.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 49ms
47ms Font
font/woff2 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Bold.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5598565
cross-origin-resource-policy: same-origin
content-length: 44380
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Nov 2023 09:09:00 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: font/woff2
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 84e65899889c3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 shell.3d4732d36c67.css
www.orellfuessli.ch/assets/static/ 3 KB
900 B 34ms
33ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.3d4732d36c67.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4732d36c67c702da4037ec0d02df6975ce7b6298aca74d2a69683a32c7cdab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3068507
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Dec 2023 12:54:08 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
cf-ray: 84e6589988993a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 shell.3e6de6f60205.js Show response
www.orellfuessli.ch/assets/static/ 386 KB
114 KB 55ms
53ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.3e6de6f60205.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6de6f60205401e34a83cafe636b79e3549d9109648197fe1a81585bd4a76d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 59815
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 31 Jan 2024 08:38:19 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
cf-ray: 84e65899889d3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.288154f1b7fcdb737c75.js Show response
assets.thalia.media/ocsassets/heimdall/script-consent/ 6 KB
2 KB 46ms
44ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf23c48bd6233118b9daf7d369d1ea218076f0e930eeb75405581b22248e3fe0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 8008329
x-originaluniqueid: ZRrI97kgevQbXUJiKkt6lAAAAu4
x-messageid: ZRrI97kgevQbXUJiKkt6lAAAAu4
last-modified: Tue, 19 Sep 2023 11:58:22 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589a49601907-FRA
expires: Wed, 01 Nov 2023 13:43:19 GMT

GET
H2 200 main-module.238743214083792128ec.js Show response
www.orellfuessli.ch/filialbestandsanzeige/resources/abfrage-bestand/ 2 KB
983 B 36ms
34ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/abfrage-bestand/main-module.238743214083792128ec.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aef3286cef56e8d99cc6eb7c31aadf6f64a3d72a488f635155cac1931d36c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5521865
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 15:44:46 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899889e3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.e54f75dbbd4d841e1e90.orellfuessli.css
www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/ 1 KB
758 B 33ms
32ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/style.e54f75dbbd4d841e1e90.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9c7a84d5d586c9945e1ca3b379a766c93cf191f121c6bb8c3f319fd2f7bac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7084322
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 09:19:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899889a3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.27bf727e613f7dacb631.js Show response
www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/ 1 KB
698 B 55ms
54ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/main-module.27bf727e613f7dacb631.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52900a78c2cada7f3bf92acdd03a4f71de5cbb2ed0473c959705075036d2439f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5440900
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 15:44:46 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899889f3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.8f5739b6e240089c1650.js Show response
www.orellfuessli.ch/affiliate/resources/affiliate-header-script/ 16 KB
5 KB 38ms
35ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/affiliate/resources/affiliate-header-script/main-nomodule.8f5739b6e240089c1650.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b6da9e622bacab8b15e0cb6c18e63647792985043f2498746ef123b75f68dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7926988
grace: none
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Mar 2023 09:48:34 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49223a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.b19a09e625e622e3515f.js Show response
www.orellfuessli.ch/filialservice/components/buchhandlung-global-header/ 35 KB
13 KB 54ms
53ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialservice/components/buchhandlung-global-header/main-module.b19a09e625e622e3515f.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6367d85c99d7856f2a114060b51ad928c44c81a778c8e6a09997608c5ad866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4889189
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589988a03a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.9cb67ce054858b66a5d9.js Show response
www.orellfuessli.ch/club/kunde/components/club-cookie/ 13 KB
4 KB 39ms
37ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/club/kunde/components/club-cookie/main-nomodule.9cb67ce054858b66a5d9.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad8de3e4a335ca2feb50b9dc7b8029fef89f084097a59306d4cd593747c9df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 8015173
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Sep 2023 04:42:46 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49233a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.e90d8b0ebaadd92660be.js Show response
www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/ 2 KB
1 KB 34ms
34ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/main-module.e90d8b0ebaadd92660be.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefb7435c521f71a773ad466654a0d91d448491cf67d9fd65fcb2d0d8d55f125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6902950
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 03 Nov 2023 12:09:09 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589988a23a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.a29726ca4a88428c064e.js Show response
www.orellfuessli.ch/login/resources/global-header-login/ 14 KB
5 KB 43ms
41ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d7403d0e8af93961a03ff7d398933205a76199afc26ba980066b0e4801c72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5594082
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Nov 2023 15:37:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49243a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 merkur.js Show response
assets.thalia.media/ocsassets/merkur/js/ 6 KB
3 KB 108ms
46ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/merkur/js/merkur.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c770c4d465e153f8c9cfa69f9c548a9d67d0212c0e6095326f499a25b6da0cab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5613371
x-originaluniqueid: ZUHk73FV-WZUXC6ocjR@hgAAAKk
x-messageid: ZUHk73FV-WZUXC6ocjR@hgAAAKk
last-modified: Wed, 20 Sep 2023 07:52:56 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589a09341907-FRA

GET
H2 200 main-module.898aca118c638e9b52b2.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/ 27 KB
11 KB 116ms
54ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.898aca118c638e9b52b2.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7f127c5e334ff314f189d9e146f560d7148d8ba984bd9b23086fba8022e07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 3776826
content-encoding: br
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-messageid: ZYFPjHlLzDHv2OSS80Ah5QAAATQ
last-modified: Thu, 14 Dec 2023 17:19:12 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589a0e3790ef-FRA

GET
H2 200 style.ac3848cac72126ee5c20.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 11 KB
2 KB 101ms
39ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328795e6658d61dff37f8f99257d4fd3d0cdd91f839ed85dc97840044ac4eb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 6989673
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZUMkf6vRuythdGHYX0SRMAAAAT8
last-modified: Tue, 10 Oct 2023 12:01:04 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899e91c1907-FRA

GET
H2 200 main-module.57010d197aa50e35e4bc.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 50 KB
19 KB 97ms
36ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.57010d197aa50e35e4bc.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a80023096c5c4ef05584d8bcef41cef0b4b6c4ad0a9f90817872eb288360cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 1786124
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZZ@vm3ex9epcARW@QWz46gAAABA
last-modified: Wed, 10 Jan 2024 11:24:20 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899fe2c90ef-FRA

GET
H2 200 main-module.42d6263c759e6013a5ed.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 37 KB
15 KB 84ms
33ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.42d6263c759e6013a5ed.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b78c93f967d7d7cdac04c8540749f47c15b902e8ed93f683b04192e4511bf82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 3776826
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZYFPjeWNBLqJBsDxcx4jXgAAAJs
last-modified: Thu, 14 Dec 2023 17:19:12 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899ee2890ef-FRA

GET
H2 200 main-nomodule.80c8918f2f1ea9a449a4.js Show response
www.orellfuessli.ch/warenkorb-resources/header-warenkorb/ 14 KB
5 KB 42ms
40ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312dc456b9380d06788ab121df550b43a1f239fe896b29741275c59181c2750f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5347275
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 10:08:29 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49253a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.11a0c199145f771060f1.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/ 3 KB
676 B 44ms
42ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/style.11a0c199145f771060f1.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939df079b2c41a9e69370f1b3e98660e7b84072b36544acd32478499d78cafae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5336500
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 10:08:29 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589998ae3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.a6980a6d126a4f21eb9b.js Show response
www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/ 33 KB
12 KB 45ms
43ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/main-module.a6980a6d126a4f21eb9b.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6f4339c6d36961c0fab4d627e4f10b922e9253a6d832de4751f9ad07c03309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5602140
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 10:08:29 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899a8b43a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.51155b3d0fe5ab2f6519.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/addtocart-button/ 7 KB
1 KB 44ms
42ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/addtocart-button/style.51155b3d0fe5ab2f6519.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f803dd591fb4e35d55eaf557347593f7169e362a79e80f3cc155bf960415a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7079133
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Nov 2023 15:03:38 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899a8b33a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.a3dc15c539310d87eda3.js Show response
www.orellfuessli.ch/warenkorb-resources/addtocart-button/ 43 KB
16 KB 60ms
59ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/addtocart-button/main-module.a3dc15c539310d87eda3.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b13642881704e22f0efe3b9f6052c1bc3baf8780ee07aed84a2ea7149cb94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 835775
grace: none
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Jan 2024 15:15:27 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899a8b53a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.c317675f22d229ea1f21.js Show response
www.orellfuessli.ch/kundeninteressen/resources/kundeninteressen-loader/ 3 KB
1 KB 44ms
43ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/kundeninteressen/resources/kundeninteressen-loader/main-module.c317675f22d229ea1f21.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6e09282a9daf514ff4e23270877aa4339d94bb9b7acf1f13438d4e1e30191dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2999225
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 74
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 06:47:52 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899a8b63a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.be0c0c844e87cddce3d4.js Show response
www.orellfuessli.ch/abokaufen/resources/abodaten-loader/ 39 KB
14 KB 60ms
59ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/abokaufen/resources/abodaten-loader/main-module.be0c0c844e87cddce3d4.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee18f1aa99e891d96d37fb9123542ea6e40aa6d3daa0b27fa59b80cc0b29b471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7160397
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 03 Nov 2023 10:02:59 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899a8b73a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.d79ebf0dbe7263e4a3d1.orellfuessli.css
assets.thalia.media/red/cms/components/layout-marginal/ 3 KB
997 B 89ms
38ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/layout-marginal/style.d79ebf0dbe7263e4a3d1.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 721dbe613cba5aaa9ab39799acd16f1beb9614d522015828ab533fcd3b450d4c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 3499
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
etag: W/"bc7-610140f690064"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899e9241907-FRA

GET
H2 200 main-module.8f26e09e6ed3a680e828.js Show response
assets.thalia.media/red/cms/components/layout-marginal/ 856 B
899 B 156ms
105ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/layout-marginal/main-module.8f26e09e6ed3a680e828.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a2a0d42c7d26076bc1e2dec3d440d2600540757bf6d3ec186e73da83c38294

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"358-610140f68569f"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899fe2b90ef-FRA

GET
H2 200 main-module.aad8ca8cc01f1ad79d0c.js Show response
assets.thalia.media/red/cms/components/header-prime/ 38 KB
14 KB 125ms
74ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime/main-module.aad8ca8cc01f1ad79d0c.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad688c5ce80ca90b61e8af537bf2d220072ad10b953644f44d97f2fcea7a392

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 09 Jan 2024 08:21:48 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"9819-60e7f0176c433"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a0e3490ef-FRA

GET
H2 200 style.9795f7dc25e0d80c98ba.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime/ 5 KB
1 KB 88ms
38ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime/style.9795f7dc25e0d80c98ba.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a354624dca9abdfc95710800d950ece30b4a66f43363b2ee846d50d22d43920d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 309
last-modified: Mon, 27 Mar 2023 14:13:45 GMT
server: cloudflare
etag: W/"1555-5f7e259da056c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899e9211907-FRA

GET
H2 200 main-nomodule.7159af68cbdcfe45f6ed.js Show response
assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/ 13 KB
5 KB 45ms
43ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.7159af68cbdcfe45f6ed.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f2ae2696ab61313c0b1646f79f17acfe9c80c1a0379f3c41be1922edb27b06

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5613836
x-originaluniqueid: ZVBJPaBA1mK3v9v2Uff9@wAAAK0
x-messageid: ZVBJPaBA1mK3v9v2Uff9@wAAAK0
last-modified: Tue, 19 Sep 2023 11:58:22 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589a49611907-FRA

GET
H2 200 style.beb1526f8b8e21946dcf.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-logo/ 322 B
512 B 97ms
47ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-logo/style.beb1526f8b8e21946dcf.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba54e2810a7a9fbbb9b186b5435e334b0ff88dad85db1c1fc73c09be764d40c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 309
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"142-5ee1d394e53bc"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a092e1907-FRA

GET
H2 200 main-module.dc85d9796bd777ce0a3c.js Show response
assets.thalia.media/red/cms/components/header-prime-kunde/ 20 KB
8 KB 125ms
75ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/main-module.dc85d9796bd777ce0a3c.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea5ca6545d808e0c23b8a7d08df6ece065d2e88758b5b8984a3153297345cce

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 09 Jan 2024 08:21:48 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"517f-60e7f017abe04"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a0e3690ef-FRA

GET
H2 200 style.cacd725b9da0d7fb53a5.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-kunde/ 4 KB
1 KB 87ms
37ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.cacd725b9da0d7fb53a5.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7217a335505108b6c74050e5743e3c159950c5fc00b1611ad4059d1c5bc9cb31

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5907
last-modified: Thu, 16 Nov 2023 08:46:26 GMT
server: cloudflare
etag: W/"f4f-60a410e1d119f"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899e91e1907-FRA

GET
H2 200 style.c9fccc1ef8fdd38845b0.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-filiale/ 12 KB
3 KB 84ms
34ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.c9fccc1ef8fdd38845b0.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 897aa31f11dc834a0ea7c6d78764c2e287df4a57df0a0e62d151ee08a89e00dd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5907
last-modified: Mon, 29 Jan 2024 11:36:43 GMT
server: cloudflare
etag: W/"30be-610140f5e06ef"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899e91f1907-FRA

GET
H2 200 style.59dfa9f0cdf8870143ee.orellfuessli.css
assets.thalia.media/ocsassets/suchocs/suche-global/ 28 KB
5 KB 90ms
40ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/style.59dfa9f0cdf8870143ee.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49feee554240f639c7c41be1729c336be4bbaf05d18c4fa9d369e0c563e6c2dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6708694
x-originaluniqueid: ZVSSqVdThmtvgmau1TxdBQAAAKs
x-messageid: ZVSSqVdThmtvgmau1TxdBQAAAKs
last-modified: Tue, 14 Nov 2023 10:36:41 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899e9201907-FRA

GET
H2 200 main-module.acbd7d760235a8245e1e.js Show response
assets.thalia.media/ocsassets/suchocs/suche-global/ 74 KB
28 KB 102ms
52ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/main-module.acbd7d760235a8245e1e.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00cd7ef1b2c2288020489e6cf158c5c923e8b1b14b0df955c2865a1942b3cb93

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5426734
x-originaluniqueid: ZWfp691RgWftUN2EaWxkawAAAAQ
x-messageid: ZWfp691RgWftUN2EaWxkawAAAAQ
last-modified: Tue, 28 Nov 2023 14:41:15 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899ee2a90ef-FRA

GET
H2 200 main-module.8fc040370870983c146e.js Show response
assets.thalia.media/ocsassets/suchocs/kategorie-info/ 52 KB
20 KB 86ms
37ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/kategorie-info/main-module.8fc040370870983c146e.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba74bb5389bd06cf0ba8b893de9f885eabc602edc99720da90314a6116fd64da

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6708443
x-originaluniqueid: ZVSSY4UWJCbkGN7rhu5psAAAAS0
x-messageid: ZVSSY4UWJCbkGN7rhu5psAAAAS0
last-modified: Tue, 14 Nov 2023 10:36:41 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899ee2190ef-FRA

GET
H2 200 main-module.6da55b07e84d547f4783.js Show response
assets.thalia.media/ocsassets/suchocs/dl-search-redirect/ 72 KB
27 KB 83ms
34ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/dl-search-redirect/main-module.6da55b07e84d547f4783.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7631d16c66a0557f86fb6458d5138a465260590013b7ca0144672003837df9ab

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6278500
x-originaluniqueid: ZVsiuSiEb-OkurytPd7OFQAAAKE
x-messageid: ZVsiuSiEb-OkurytPd7OFQAAAKE
last-modified: Fri, 17 Nov 2023 12:46:18 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e65899ee2290ef-FRA

GET
H2 200 main-module.baabb1a0d1bb1ea632ce.js Show response
assets.thalia.media/red/cms/components/header-prime-navigation/ 38 KB
13 KB 104ms
55ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/main-module.baabb1a0d1bb1ea632ce.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38535540f1adae6e06d5c0ed5540943411216b474ec2dc0bd9429d97fe97c113

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 09 Jan 2024 08:21:49 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"974f-60e7f017ff69a"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899ee2490ef-FRA

GET
H2 200 style.c8217117911a64e98c63.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-navigation/ 34 KB
5 KB 97ms
48ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/style.c8217117911a64e98c63.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28286474714f0dabf263e874d239b5eb267919fde472c788ea94b1a06649467c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5907
last-modified: Mon, 29 Jan 2024 11:36:43 GMT
server: cloudflare
etag: W/"87f1-610140f64664a"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a09321907-FRA

GET
H2 200 style.8e536af8f378dd0d819d.orellfuessli.css
www.orellfuessli.ch/login/resources/cclogin-banner/ 346 B
298 B 57ms
57ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/cclogin-banner/style.8e536af8f378dd0d819d.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80f3437104722d25b2a6f77a6391902738f5f491ad5c23730c131a69e25b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 7074287
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Nov 2023 15:37:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e65899a8b83a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.ac486f573cbb5d1a8fca.js Show response
www.orellfuessli.ch/login/resources/cclogin-banner/ 5 KB
2 KB 40ms
38ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/cclogin-banner/main-nomodule.ac486f573cbb5d1a8fca.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca830f3388ed000d8d9c2456894a716b67558a45ca67590aaec5e304a43d0377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5337876
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 29 Nov 2023 12:15:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49263a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.ff354c4f3703ab028c3a.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize-schmuckbanner/ 5 KB
1 KB 114ms
65ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize-schmuckbanner/style.ff354c4f3703ab028c3a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89e8fbe1de8235d37c94b2cc58b34ca13ce7bd814ff8e883390a39ef8cefcbaa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 09 Jan 2024 08:21:47 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"1368-60e7f0160ceaa"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899e9231907-FRA

GET
H2 200 style.80ba76b42e4eb87aa878.orellfuessli.css
assets.thalia.media/red/cms/components/content-text/ 16 KB
2 KB 97ms
49ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/style.80ba76b42e4eb87aa878.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a1961be16def6707f2d36ec8b0e847ee9c6ef913b60b25920b662feaafd00c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Mon, 29 Jan 2024 11:36:42 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"3e7b-610140f51b7b2"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899e9221907-FRA

GET
H2 200 main-module.52dcae7cd4f1eb246dbc.js Show response
assets.thalia.media/red/cms/components/content-text/ 1 KB
872 B 123ms
75ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/main-module.52dcae7cd4f1eb246dbc.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd67e7b23d0fa209538c2c3f459f8391da49b93084827573a12d52e31924be9c

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"5e8-5f5e79ef08c55"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e65899ee2590ef-FRA

GET
H2 200 style.1a8bc14b6634af38e84a.orellfuessli.css
assets.thalia.media/red/cms/components/content-button/ 5 KB
1 KB 87ms
62ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-button/style.1a8bc14b6634af38e84a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b668228dcbfa360735dafc49caddd3a054a4fdd01dce9ea4b7bf0a379cbaa45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Wed, 06 Dec 2023 09:09:39 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"153f-60bd3b6013db6"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a09331907-FRA

GET
H2 200 style.a1eda5bcb4d5ad7afccd.orellfuessli.css
assets.thalia.media/red/cms/components/icon-text/ 11 KB
2 KB 155ms
130ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/icon-text/style.a1eda5bcb4d5ad7afccd.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2db672a9dc022a62bd575768ebcd0fafbc34fc031ae00448b0c46236614600d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"2d5a-610140f666111"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a09311907-FRA

GET
H2 200 style.a01de0a84a0b7a05f199.orellfuessli.css
assets.thalia.media/red/cms/components/content-autor/ 5 KB
1 KB 90ms
64ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-autor/style.a01de0a84a0b7a05f199.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a3cd23c26967d88073c33746d170fcd183d1b0c559c1b3a3a8cedbfffaa548

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Wed, 06 Dec 2023 09:09:39 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"1267-60bd3b5ff6574"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a09301907-FRA

GET
H2 200 main-module.fdda0bda52ef4bdb2250.js Show response
assets.thalia.media/red/cms/components/content-autor/ 2 KB
897 B 80ms
55ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-autor/main-module.fdda0bda52ef4bdb2250.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a232fab54c312fbe4c0595db28f852c797ab278e2c23eb5f4f31624b14b2974

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 583461
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"60c-5f5e79eece9de"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a0e3c90ef-FRA
expires: Thu, 16 Mar 2023 09:54:16 GMT

GET
H2 200 7676985aa9ead087a717f6de17b55b3f0ab331f4.jpg
assets.thalia.media/img/cms/ 70 KB
70 KB 98ms
97ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/7676985aa9ead087a717f6de17b55b3f0ab331f4.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f10c4bb5195b3ad872e5940ff614ffe170dd2ed74ff073bb91ade98b81558aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a09351907-FRA

GET
H2 200 9cede951275c36610994aad8c5ce85ea13d66d51.jpg
assets.thalia.media/img/cms/ 68 KB
68 KB 122ms
122ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/9cede951275c36610994aad8c5ce85ea13d66d51.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90cba64e08358c73230a4c43589b57d66044172378bc53b6d6775624112d7f0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a09361907-FRA

GET
H2 200 5c9119ddd4b3f5a561fc780276c283411e676972.jpg
assets.thalia.media/img/cms/ 76 KB
76 KB 103ms
99ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/5c9119ddd4b3f5a561fc780276c283411e676972.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15baf9a676de62dc5759a80a23478addc110671f21311641278bc51b43af2f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:38 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a49571907-FRA

GET
H2 200 style.913ef22f593b5b345443.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize/ 4 KB
1 KB 50ms
46ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/style.913ef22f593b5b345443.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acafdbdac5b196cb4d1eab8b5a5a7900a5479dd113a9483d8e6d62550a51878f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Wed, 06 Dec 2023 09:09:38 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"e78-60bd3b5edd29b"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a49581907-FRA

GET
H2 200 main-module.f2151473b32879773e29.js Show response
assets.thalia.media/red/cms/components/banner-fullsize/ 24 KB
9 KB 76ms
73ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/main-module.f2151473b32879773e29.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e201db105f746b344722f7df9ee1efe6d6e2341bececa0a3ca64ed2cd29c362b

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 09 Jan 2024 08:21:46 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"61e8-60e7f015e2454"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a0e3890ef-FRA

GET
H2 200 style.47549abfe60facbe14a5.orellfuessli.css
assets.thalia.media/red/cms/components/navigation-schnelleinstieg-tags/ 4 KB
1 KB 73ms
69ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/navigation-schnelleinstieg-tags/style.47549abfe60facbe14a5.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ff76a828740a7d70d6cd4cca1e9ac4e90147e51b3febac46e7d5bac2170f89

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"1149-610140f6e1d59"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a49591907-FRA

GET
H2 200 main-module.9969a7300e797ceab289.js Show response
assets.thalia.media/red/cms/components/navigation-schnelleinstieg-tags/ 2 KB
1 KB 77ms
74ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/navigation-schnelleinstieg-tags/main-module.9969a7300e797ceab289.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef84da8c044468c8a5ccdf128a189e8b11a52175f03f0984eb6b7650cf97ea6

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Thu, 02 Mar 2023 09:40:39 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"664-5f5e79f234d8a"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a0e3990ef-FRA

GET
H2 200 style.fa1ac1e3f7d969828ff2.orellfuessli.css
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 2 KB
799 B 48ms
44ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/style.fa1ac1e3f7d969828ff2.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2950d2260bcd95444f687efd4368d98ec9c359d5a6a2416e81730d4ba0c966ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5429706
x-originaluniqueid: ZWbieRV4Qk66TuGf4V2HLQAAAUM
x-messageid: ZWbieRV4Qk66TuGf4V2HLQAAAUM
last-modified: Thu, 09 Nov 2023 12:50:46 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
cf-ray: 84e6589a495b1907-FRA
x-robots-tag: noindex
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.8eaa5cedc4eb759a2050.js Show response
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 28 KB
11 KB 57ms
55ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/main-module.8eaa5cedc4eb759a2050.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d765337f0bd0aa25f29dcec8e9e750d56ab339bb0ac112da6ea96bf7bc54e816

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6894364
x-originaluniqueid: ZUMEV0fZtG@yHnXQ90RkFAAAAA0
x-messageid: ZUMEV0fZtG@yHnXQ90RkFAAAAA0
last-modified: Mon, 30 Oct 2023 12:51:55 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
cf-ray: 84e6589a0e3a90ef-FRA
x-robots-tag: noindex
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.4885ff1391e55000b77c.orellfuessli.css
assets.thalia.media/red/cms/components/customer-contact/ 4 KB
1 KB 33ms
29ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/customer-contact/style.4885ff1391e55000b77c.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f0d17e42f3865febe387e7e3f18a40d096af4eafc51dfb6b34d677e041b4934

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5907
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"f39-5f5e79ef5059a"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a495c1907-FRA

GET
H2 200 style.fea2b2f4456799ac06df.orellfuessli.css
assets.thalia.media/red/cms/components/footer-sitemap/ 4 KB
1 KB 35ms
32ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/style.fea2b2f4456799ac06df.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373dc00aebd2e083c6e52c48a81f704d57c4f9e5ac9b5c25bf83dddc85b71a8a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5907
last-modified: Thu, 02 Mar 2023 09:40:37 GMT
server: cloudflare
etag: W/"ea3-5f5e79efa6f1d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a495d1907-FRA

GET
H2 200 main-module.e1f841c9633749486659.js Show response
assets.thalia.media/red/cms/components/footer-sitemap/ 522 B
576 B 75ms
73ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/main-module.e1f841c9633749486659.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16fbc0805e269461252d6aa054fca96cdfb61c5a9b4edcfa7a9a7387a3e6211

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"20a-5f5e79ef990ca"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a0e3b90ef-FRA

GET
H2 200 style.690eaee8beb4f5c29a91.orellfuessli.css
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 13 KB
3 KB 38ms
35ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/style.690eaee8beb4f5c29a91.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc75acca769e271856a09b41d62b53da3d6bbe2879a41569f992cd14746c8146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6819147
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Oct 2023 09:04:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49203a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.379c40874c487cd28daf.js Show response
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 14 KB
5 KB 41ms
39ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/main-nomodule.379c40874c487cd28daf.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29c7a027de269cd511d5a2c5c8cc0ac98473b2b8dc0bdadf95e5f3770415362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6903564
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Oct 2023 09:04:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589a49283a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.0ed14701885180f0318a.orellfuessli.css
assets.thalia.media/red/cms/components/footer-badges/ 438 B
414 B 34ms
31ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-badges/style.0ed14701885180f0318a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b08acc883938c11157e57d2094e23a2fc6b94d434e405b1650c652c04610f8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5907
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"1b6-5f5e79ef5f5b0"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a495e1907-FRA

GET
H2 200 VISA.png
images.thalia.media/Footer/-/62d2df7c259d44bf94d670f81c222181/ 2 KB
2 KB 120ms
29ms Image
image/png 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/62d2df7c259d44bf94d670f81c222181/VISA.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ba56d6a99cddcfe86db31ec372ca319ea2b1964c03cd0d97a2440afa8df0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5342923
cf-polished: origSize=1710, status=webp_bigger
content-length: 1616
cf-bgj: imgq:85,h2pri
last-modified: Mon Nov 13 2023 02:13:00 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "0c1f72ec540cd12611e46310d19aa8e5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=477607620
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad97c4d5b-FRA

GET
H2 200 Mastercard.png
images.thalia.media/Footer/-/da800919a9a340fba77e003a3c1ff5f2/ 1 KB
2 KB 124ms
33ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/da800919a9a340fba77e003a3c1ff5f2/Mastercard.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ae044b3ec3f36c75cc03143d2cafdb2dfa5ba5f93ce0092e28eb6346db2147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 2932662
cf-polished: origFmt=png, origSize=1512
content-disposition: inline; filename="Mastercard.webp"
content-length: 1424
cf-bgj: imgq:85,h2pri
last-modified: Wed Sep 27 2023 10:07:30 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "93f7db9a4116c103f6edea1fed29e297"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=474336470
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad97d4d5b-FRA

GET
H2 200 PayPal.png
images.thalia.media/Footer/-/eb62f0aa0d6e49208d6175e932933cfa/ 1 KB
2 KB 120ms
30ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/eb62f0aa0d6e49208d6175e932933cfa/PayPal.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f68de89ef36cf39dd6f8896cd1e4d0269f5eefcfc31e5bd8817a3dbbd508d84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 6814881
cf-polished: origFmt=png, origSize=1537
content-disposition: inline; filename="PayPal.webp"
content-length: 1446
cf-bgj: imgq:85,h2pri
last-modified: Mon Nov 13 2023 04:22:16 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "e78f86db22d8f88606c9dd89f4a60102"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=477599864
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad9814d5b-FRA

GET
H2 200 PickMup.png
images.thalia.media/Footer/-/3e5652cfe24b416993e78760dd1bf598/ 2 KB
2 KB 122ms
32ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3e5652cfe24b416993e78760dd1bf598/PickMup.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

665c04464431f9ae193bcf1e324a37be7b0eaf264ab55656cc0224ea1a53ebd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1721444
cf-polished: origFmt=png, origSize=1823
content-disposition: inline; filename="PickMup.webp"
content-length: 1646
cf-bgj: imgq:85,h2pri
last-modified: Wed Jan 10 2024 19:53:28 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "b729a2f1e583f94a912f0e66626d9c59"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=472532792
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad97e4d5b-FRA

GET
H2 200 Trusted%20Shop.png
images.thalia.media/Footer/-/5c7a7645d3c7439c96493c0f07cf368b/ 3 KB
3 KB 124ms
34ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/5c7a7645d3c7439c96493c0f07cf368b/Trusted%20Shop.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e3ff72e7b7e63accaa235fefaf1aa7fbcd574dacaf4521b57a3252b85f9d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5347499
cf-polished: origFmt=png, origSize=2845
content-disposition: inline; filename="Trusted%20Shop.webp"
content-length: 2564
cf-bgj: imgq:85,h2pri
last-modified: Tue Nov 28 2023 01:47:09 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "a6b0bdcd47ce1377f144c7929d0b80a0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476313170
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad97f4d5b-FRA

GET
H2 200 style.aa675b706c0378b294dc.orellfuessli.css
assets.thalia.media/red/cms/components/footer-benefits/ 2 KB
919 B 45ms
42ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-benefits/style.aa675b706c0378b294dc.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4761d2948d41fb2a9a4992371b35b95ff6781aea3989b76981982cfa407ae7a9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 309
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"916-5f5e79ef6b554"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a495f1907-FRA

GET
H2 200 Book%20Circle%20Community.png
images.thalia.media/Footer/-/c18c97e9238e4f67a8a5295ca491d288/ 1 KB
1 KB 121ms
32ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/c18c97e9238e4f67a8a5295ca491d288/Book%20Circle%20Community.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15f018f66d62ac7ab96d85dd4e253a0338a6143a9b68fddfbe881d245c2e7282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 6898516
cf-polished: origFmt=png, origSize=1253
content-disposition: inline; filename="Book%20Circle%20Community.webp"
content-length: 1120
cf-bgj: imgq:85,h2pri
last-modified: Wed Sep 27 2023 09:42:23 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "a73b7fcb807df9332835460ff01a3fa4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=478053157
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad9804d5b-FRA

GET
H2 200 Facebook.png
images.thalia.media/Footer/-/f3ab2209619a458ab9f049e58fb45cbb/ 634 B
853 B 29ms
29ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/f3ab2209619a458ab9f049e58fb45cbb/Facebook.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbdb897a4ff7ebf898594e8056cab0a3d75ee9025c7718764831277023e6dba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5508318
cf-polished: origFmt=png, origSize=777
content-disposition: inline; filename="Facebook.webp"
content-length: 634
cf-bgj: imgq:85,h2pri
last-modified: Thu Sep 14 2023 12:34:00 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "f454122a6c93e09d78a74460c0975f23"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476213986
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad9834d5b-FRA

GET
H2 200 Instagramm.png
images.thalia.media/Footer/-/323c0decad694b80bb019605c85d10d5/ 2 KB
2 KB 36ms
36ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/323c0decad694b80bb019605c85d10d5/Instagramm.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc45a5caebae4c37991f91a69fe0936b6106b6e369867f725e74a85681be5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 7944697
cf-polished: origFmt=png, origSize=2371
content-disposition: inline; filename="Instagramm.webp"
content-length: 1972
cf-bgj: imgq:85,h2pri
last-modified: Tue Oct 24 2023 17:39:53 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "b7f9cd8fb1c528c1241797464447fcac"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=479280007
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589ad9844d5b-FRA

GET
H2 200 TikTok.png
images.thalia.media/Footer/-/17b9a0625daf4e40aacffb34e371f803/ 1 KB
1 KB 46ms
45ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/17b9a0625daf4e40aacffb34e371f803/TikTok.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16217342bf945260ef457e550015621ce812a152b98741083a95bbd22abe6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5343172
cf-polished: origFmt=png, origSize=1334
content-disposition: inline; filename="TikTok.webp"
content-length: 1170
cf-bgj: imgq:85,h2pri
last-modified: Wed Sep 27 2023 08:57:08 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "070adf4e853248fff4ecb977aa639c64"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476225951
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589af98f4d5b-FRA

GET
H2 200 YouTube.png
images.thalia.media/Footer/-/59250fff0d3848c0b62ed3de9aa84eeb/ 340 B
561 B 46ms
46ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/59250fff0d3848c0b62ed3de9aa84eeb/YouTube.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8e6e31935ffd9efb0a6d2131503cdf67b0d333b56b695cf64cc487ab187c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 4685953
cf-polished: origFmt=png, origSize=483
content-disposition: inline; filename="YouTube.webp"
content-length: 340
cf-bgj: imgq:85,h2pri
last-modified: Thu Sep 21 2023 12:00:32 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "6cdae66935ff30d3d990ae93a15d1856"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476849600
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589af9904d5b-FRA

GET
H2 200 Pinterest.png
images.thalia.media/Footer/-/406f870d713e42ee871e174e7805f0d7/ 868 B
1 KB 43ms
42ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/406f870d713e42ee871e174e7805f0d7/Pinterest.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16251eaf9958bb0ccb3bb60592c8478825fae11fdfd37debb049513183d75c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5610798
cf-polished: origFmt=png, origSize=957
content-disposition: inline; filename="Pinterest.webp"
content-length: 868
cf-bgj: imgq:85,h2pri
last-modified: Tue Nov 21 2023 18:15:49 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "6bf4949c057417cbe74640d427e35e77"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476858651
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589af9914d5b-FRA

GET
H2 200 App%20Store.png
images.thalia.media/Footer/-/3321bd1aaa1742f5959051b75c6603a0/ 1 KB
1 KB 47ms
47ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3321bd1aaa1742f5959051b75c6603a0/App%20Store.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe66844981bc11610d8cf60013586056e0183cf4f3359d8c5b0f889b03410af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5509390
cf-polished: origFmt=png, origSize=1389
content-disposition: inline; filename="App%20Store.webp"
content-length: 1214
cf-bgj: imgq:85,h2pri
last-modified: Thu Sep 14 2023 12:17:27 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "e764119031acf0488d16d0466310e9c5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476849537
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589af9924d5b-FRA

GET
H2 200 Google%20Play%20Store%20(App)%20.png
images.thalia.media/Footer/-/3a73f620c2464c5eb7856e03e830a6ef/ 2 KB
2 KB 48ms
48ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3a73f620c2464c5eb7856e03e830a6ef/Google%20Play%20Store%20(App)%20.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e870296f4af285313d56e855cbe52c52adf59094bb937c04ad087184cd8684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 5427752
cf-polished: origFmt=png, origSize=2331
content-disposition: inline; filename="Google%20Play%20Store%20(App)%20.webp"
content-length: 2096
cf-bgj: imgq:85,h2pri
last-modified: Wed Sep 27 2023 10:07:33 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "2c59b1db9a913a933d25b7dfa876fd1e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476843968
x-server: vds
accept-ranges: bytes
cf-ray: 84e6589af9934d5b-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 453 KB
122 KB 134ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe147df9b5970350a626a5722f9ddca380744d3cb4eefcbb980e921a28b84803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124373
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 00:24:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Feb 2024 01:15:55 GMT

GET
H2 200 icon-brandlogo--orellfuessli.30dd9a2150a8bc490b70.svg
assets.thalia.media/red/cms/components/header-prime-logo/assets/ 2 KB
821 B 65ms
64ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-logo/assets/icon-brandlogo--orellfuessli.30dd9a2150a8bc490b70.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-logo/style.beb1526f8b8e21946dcf.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25fd20923c13ee0a6142d7c392e7cc1cfac15821033738f615b63bc465a21b5a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"671-5ee1d394def0f"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a59651907-FRA

GET
H2 200 icon-location--orellfuessli.39df4e9154916133e62a.svg
assets.thalia.media/red/cms/components/header-prime-filiale/assets/ 505 B
537 B 30ms
29ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/assets/icon-location--orellfuessli.39df4e9154916133e62a.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.c9fccc1ef8fdd38845b0.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170545c89c8d0895ac96182d133fdd3a262c5f3776ddc8444678c6a8166ee2ec

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1391
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"1f9-5ee1d3948a60c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a5e5190ef-FRA

GET
H2 200 icon-account--orellfuessli.f5a0af2e5edc6c67747d.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 424 B
525 B 31ms
31ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-account--orellfuessli.f5a0af2e5edc6c67747d.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.cacd725b9da0d7fb53a5.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56127e85c1038ad70c134feadcc61572b5fbafecf6210463fec360d86655338f

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1391
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"1a8-5ee1d394ac7ee"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a5e5290ef-FRA

GET
H2 200 icon-favourites--orellfuessli.25c0dc63063a3fb44a32.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 760 B
733 B 30ms
30ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-favourites--orellfuessli.25c0dc63063a3fb44a32.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.cacd725b9da0d7fb53a5.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f10f200274cb4b7840c7de1494582a797a0f85bcda19e6b25062e2e626882885

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1391
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"2f8-5ee1d394b2bb4"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a5e5390ef-FRA

GET
H2 200 icon-warenkorb--orellfuessli.dda3db7cac68caebecde.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 435 B
583 B 29ms
29ms Image
image/svg+xml 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-warenkorb--orellfuessli.dda3db7cac68caebecde.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.cacd725b9da0d7fb53a5.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7383ba3638c475b400bbbb8c70f3ad520cc2d177ec2bdf88555fdab5eeab45

Request headers

Referer: https://www.google.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1391
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"1b3-5ee1d394c5e60"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a5e5490ef-FRA

GET
DATA 200
OK truncated
/ 774 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 95f3a3f0d789f326a91503025e59136bcba3e175.png
assets.thalia.media/img/cms/ 33 KB
33 KB 86ms
86ms Image
image/png 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/95f3a3f0d789f326a91503025e59136bcba3e175.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f3a7854d2e0d96bcb3e47a12f25fb44e66be78e728c45d3d4dd83f0029cf21

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:55 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589a79741907-FRA

GET
H2 200 shell-consent.c7b9ef884ec0.js Show response
www.orellfuessli.ch/assets/static/ 222 KB
70 KB 35ms
35ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell-consent.c7b9ef884ec0.js

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b9ef884ec00544279e37558630049d2ee70303d05d1813e60bf1645d6df0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 59816
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 31 Jan 2024 08:38:19 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: max-age=31536000, public
cf-ray: 84e6589af9743a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-heimdall-nomodule.0c5f7f84cacdbf2c16cd.js Show response
assets.thalia.media/ocsassets/cookiemonster/cookiemonster-tracking-code/ 1 KB
993 B 31ms
31ms Script
application/javascript 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/cookiemonster/cookiemonster-tracking-code/main-heimdall-nomodule.0c5f7f84cacdbf2c16cd.js
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3430ada06e93710c0d8c33de52206b350cca35415ac20c03a3346e07872d0b31

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5507496
x-originaluniqueid: ZULyUuVceDrGNXTCy9qYwAAAAAY
x-envoy-upstream-service-time: 2
x-messageid: ZULyUuVceDrGNXTCy9qYwAAAAAY
last-modified: Mon, 23 Oct 2023 10:10:58 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589af9c21907-FRA

GET
H2 200 bef93c07a1a6beb5972e16d34e4795fb3193f928.jpg
assets.thalia.media/img/cms/ 71 KB
71 KB 101ms
101ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/bef93c07a1a6beb5972e16d34e4795fb3193f928.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c7f1af07460d2e8af1242d49b03cef571a58f04055d98726a4ebffa15432ad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:38 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589af9c31907-FRA

GET
H2 200 b481c38348a3cf0a0c2ec605cbfaf7319b6831a2.jpg
assets.thalia.media/img/cms/ 82 KB
83 KB 44ms
43ms Image
image/jpeg 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/b481c38348a3cf0a0c2ec605cbfaf7319b6831a2.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92343ebbeeb5552e0a6ba73ddb72d8de40b659411228f5647e73c3491b1523a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 31 Jan 2024 23:46:07 GMT
server: cloudflare
cf-polished: origSize=92027
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 84e6589af9c41907-FRA

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 header-overlay Show response
www.orellfuessli.ch/include/login/ 5 KB
2 KB 50ms
50ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/login/header-overlay

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3443a7ee26cf9670a2faa35c0b5fc74cbd5e92c4eed38327619958affc7f745a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 283
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: text/html;charset=UTF-8
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 84e6589b097f3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 artikelnummern Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/ 22 B
195 B 76ms
76ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/artikelnummern

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.57010d197aa50e35e4bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding,Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589b19833a9a-FRA
expires: 0

GET
H2 200 style.e1695595b8871cf7074d.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 13 KB
2 KB 28ms
28ms Stylesheet
text/css 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/style.e1695595b8871cf7074d.orellfuessli.css

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.42d6263c759e6013a5ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946f422273409c3d264097c31e7b4cd2b27f2ead64ba86b9ee5f030316a092df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 5337040
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZU7XpKmG-W@YxoqpGVHLJgAAAAk
last-modified: Tue, 10 Oct 2023 12:01:04 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589b19d01907-FRA

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
147 B 70ms
69ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: same-origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589b19863a9a-FRA
expires: 0

GET
H2 200 abodaten Show response
www.orellfuessli.ch/abokaufen/api/rest/ 104 B
401 B 45ms
45ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/abokaufen/api/rest/abodaten

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/abokaufen/resources/abodaten-loader/main-module.be0c0c844e87cddce3d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e05496608e58c334abae70368801cfb1f07d3cbe4713bc8a8eef8fd74d0de5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 160
grace: none
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json
content-language: de
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589b39963a9a-FRA

GET
H2 200 ajax Show response
www.orellfuessli.ch/include/heimdall/v1/consent/ 0
45 B 74ms
74ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/heimdall/v1/consent/ajax

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.7159af68cbdcfe45f6ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-language: de
content-type: text/html;charset=UTF-8
cf-ray: 84e6589b399b3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 flyout.json Show response
www.orellfuessli.ch/cms/api/1/services/ 93 KB
17 KB 45ms
45ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/cms/api/1/services/flyout.json?tenantId=37&storeUrl=L3NpdGUvY29tcG9uZW50cy9waW5uZWQvb3JlbGxmdWVzc2xpX2NoL25hdmlnYXRpb24vMjkzZTVmNzktMjFlMC05MGI3LWFmN2MtYWFlY2ZmODIzYjNjLnhtbA==

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/main-module.baabb1a0d1bb1ea632ce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a70ba6aaf5487796b15c1a436da210b958ed8afe531dca987f64ee29a9d600fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 107
grace: none
x-crafter: true
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json;charset=UTF-8
content-language: de
cache-control: max-age=600,must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589b59aa3a9a-FRA

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 68a451bd0bab0ff67908906ed29d24b629e8d023.png
assets.thalia.media/img/cms/ 7 KB
7 KB 66ms
65ms Image
image/png 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/68a451bd0bab0ff67908906ed29d24b629e8d023.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3b7f58608495c363e18df9eaf323f69393def2c39f483e090da9f39a160bf5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
content-length: 7195
cf-ray: 84e6589b7a251907-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion

GET
H2 200 49fa59c88587e1c0c4e5ce2bb0490931dd096bed.png
assets.thalia.media/img/cms/ 6 KB
6 KB 67ms
67ms Image
image/png 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/49fa59c88587e1c0c4e5ce2bb0490931dd096bed.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1097459d4155efadb0a47161b04583ec2b3a0dae2e1550340a0546295984f16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:37 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
content-length: 6150
cf-ray: 84e6589b7a271907-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion

GET
H2 200 de03cf5bb48630a23f1b7390b5a1bd254daca53f.png
assets.thalia.media/img/cms/ 7 KB
7 KB 63ms
63ms Image
image/png 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/de03cf5bb48630a23f1b7390b5a1bd254daca53f.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fa6da3ffbb005af9674cb5811a8196f5688d671d221aa2000f7025b5455ed92

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:39 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
content-length: 7361
cf-ray: 84e6589b7a281907-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion

GET
H2 200 9f6ab951c7ff2fecb03146b71c7094c46d6af735.png
assets.thalia.media/img/cms/ 5 KB
6 KB 66ms
66ms Image
image/png 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/9f6ab951c7ff2fecb03146b71c7094c46d6af735.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3062c77ef611539eefde01bf1ec27f684fb72ca7d0d2f81eaac1a04b6fef5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 22:21:39 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
content-length: 5629
cf-ray: 84e6589b7a291907-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 style.a30fece9f53a601fe74f.orellfuessli.css
www.orellfuessli.ch/login/resources/login-form-kompakt/ 16 KB
3 KB 36ms
36ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/login-form-kompakt/style.a30fece9f53a601fe74f.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a19b5167d31699691dced9ae4a4a592b4ec784bfeb54c39120328f11343d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5511719
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Nov 2023 15:37:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589b89bd3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.78fe5a9315503dc7544e.js Show response
www.orellfuessli.ch/login/resources/login-form-kompakt/ 15 KB
5 KB 38ms
37ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/login-form-kompakt/main-nomodule.78fe5a9315503dc7544e.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56f1d9ae4b67b544517195747ab20865d7dc5e28aaafc80b165ded2889aeddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6819145
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Nov 2023 15:37:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 84e6589b89be3a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 kundenfiliale
www.orellfuessli.ch/api/rest/ 0
0 47ms
47ms Fetch 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/kundenfiliale

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/main-module.e90d8b0ebaadd92660be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589bc9de3a9a-FRA
expires: 0

GET
H2 200 kundezuordnen
www.orellfuessli.ch/include/warenkorb/ 0
0 46ms
46ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/warenkorb/kundezuordnen

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
content-language: de
accept-ranges: bytes
cf-ray: 84e6589bc9e03a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
retry-after: 5

GET
H2 200 send
ga.thalia.media/j/ 2 B
0 101ms
85ms Fetch
text/plain 104.16.4.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.thalia.media/j/send?v=1&ds=web&aip=1&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&sd=24-bits&dt=Education%20Card%20%7C%20Orell%20F%C3%BCssli&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&ul=en-us&de=UTF-8&sr=1600x1200&vp=1600x1200&_r=1&jid=850715846&z=208582759&plt=731&pdt=85&rrt=188&tcp=47&dit=594&clt=660&srt=98&t=pageview&cm11=500

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.c7b9ef884ec0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.4.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
cf-ray: 84e6589bfeb290ef-FRA
content-length: 2
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
0 99ms
33ms Fetch
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=942075862

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.c7b9ef884ec0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.ch/ads/
Redirect Chain

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=480799048
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=480799048&slf_rd=1&random=2735713643

42 B
0

88ms
35ms

Fetch
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=480799048&slf_rd=1&random=2735713643

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=634562b3-e78c-43ac-a4bd-1fb9a1f95efe&jid=850715846&z=480799048&slf_rd=1&random=2735713643
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 105ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BE2W3ZY94G&_p=388106916&sr=1600x1200&ul=en-us&cid=8543212720.1706750156131&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&dr=undefined&dt=Education%20Card%20%7C%20Orell%20F%C3%BCssli&sid=1706750156131&_s=1&en=page_view&gtm=45je32m0&cu=CHF&uafvl=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&uap=Win32&_dbg=true&_gaz=1&sct=1&seg=0&_fv=1&_ss=1&mri=1706750156131&epn.perf_fcp=500&ep.debug_data=1706750156131%2C1706750156131
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.c7b9ef884ec0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 98ms
33ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BE2W3ZY94G&cid=8543212720.1706750156131&gtm=45je32m0&aip=1
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.c7b9ef884ec0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite03.png
www.orellfuessli.ch/cookiemonster/v1/ 95 B
237 B 44ms
43ms Image
image/png 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orellfuessli.ch/cookiemonster/v1/sprite03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 95
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
content-language: de
cache-control: no-cache, must-revalidate
cf-ray: 84e6589bd9e63a9a-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/ 3 KB
2 KB 90ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/?random=1706750156138&cv=11&fst=1706750156138&bg=ffffff&guid=ON&async=1&gtm=45He41v0v6104277&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&hn=www.googleadservices.com&frm=0&tiba=Education%20Card%20%7C%20Orell%20F%C3%BCssli&npa=0&pscdl=noapi&auid=1776349355.1706750156&uamb=0&uaw=0&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fda01a77742600dda0dd9bfd45022e14c7349855b49dc339ab59b137fc449a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 101ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 01 Feb 2024 01:15:55 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02AAC12806D140D1ACF670D57D9BFE5B Ref B: FRA31EDGE0109 Ref C: 2024-02-01T01:15:56Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2

200

activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefi... Show response
9327407.fls.doubleclick.net/ Frame 7DF0
Redirect Chain

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=unde...
https://9327407.fls.doubleclick.net/activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined...

850 B
827 B

65ms
64ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9327407.fls.doubleclick.net/activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

37d27183620f6d08777cd840594796595a6218cd838fc755701e0c885f1fae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 395
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 01:15:56 GMT
expires: Thu, 01 Feb 2024 01:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 01:15:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9327407.fls.doubleclick.net/activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13971.js Show response
www.dwin1.com/ 44 KB
12 KB 83ms
29ms Script
application/javascript 2600:9000:26db:b800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/13971.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:b800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7996d05671b56a18fd385902bb829c213af59fa28f12586e55583c5f80adbfc0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: vPjR4cQbProqHucUDsKDfxzRe03kIIfz
content-encoding: gzip
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Thu, 01 Feb 2024 01:15:56 GMT
x-amz-cf-pop: MUC50-P3
age: 164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jan 2024 10:16:31 GMT
server: AmazonS3
etag: W/"6529f14be1c1a35786a8d85a4d4d0e6a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: NhCaUinOonWyAzP5MqNWHeQUYyayqC2YtFrD7QwxHnWj55tMuPreuQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 110ms
24ms Script
application/javascript 2a02:26f0:3500:883::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "ba3486175e2b68724e3b47a025fadde7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1861

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 88ms
23ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65588
accept-ranges: bytes
content-length: 15732

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 65ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Feb 2024 01:15:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 0+QdvL5/iK60TEIo5y1qxsOwrcSNRDj2ykHOcyGmfl1FUg0m+vQYUa6B+KpHM75YipCXO23z+/YSCB8Zjk8MzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 208ms
116ms Script
application/javascript 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LKHMN177STLBSB54OG&lib=ttq
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: efbf8bc11a2adaeebafa48fa3b231e9f11d9605b3d9f542672e01a3267cd6af2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 3a5314d.d2a4b96
date: Thu, 01 Feb 2024 01:15:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020101155612B00EE09D351B54D7AA-782EFE441D8903F0-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 87,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=7, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 2024020101155612B00EE09D351B54D7AA
x-cache-remote: TCP_MISS from a23-222-0-197.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.222.0.197
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85a2c1d85d03c5c86684169ed999b74b9ee9fff67675087a7535dea026fb92683e0aae92c787cd349e2216ee28b8dfa55c8b8c3f867e0d5d8f71a6b703b2b55afb62c98539cb366e5716a25c218c87e61f0
expires: Thu, 01 Feb 2024 01:15:56 GMT

GET
H2 200 Controller.js Show response
chat.orellfuessli.ch/Chat/ 48 KB
48 KB 132ms
57ms Script
text/javascript 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 22bcfcb4f9f8a275e009ea9ca1c9bcb4cd8636a35539f6a20f4465522d8c74fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:15:55 GMT
cache-control: private
access-control-allow-credentials: true
server: Chat
content-length: 48735
content-type: text/javascript; charset=utf-8

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
164 B 44ms
44ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: same-origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589c19fa3a9a-FRA
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/978673102/ 42 B
64 B 84ms
35ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978673102/?random=1706750156138&cv=11&fst=1706749200000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v6104277&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&frm=0&tiba=Education%20Card%20%7C%20Orell%20F%C3%BCssli&npa=0&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_WL8FpQUEwL0z_WThbudUeZXsJ7jcZQ&random=1318343980&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/978673102/ 42 B
455 B 87ms
35ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/978673102/?random=1706750156138&cv=11&fst=1706749200000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v6104277&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&frm=0&tiba=Education%20Card%20%7C%20Orell%20F%C3%BCssli&npa=0&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_WL8FpQUEwL0z_WThbudUeZXsJ7jcZQ&random=1318343980&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 5 KB
2 KB 249ms
29ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 7bb7f7033bbba12e81f6ed4535aad67e9949bf81961565c60a9174696ce7824f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Feb 2024 01:15:56 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=70
Content-Length: 1635
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 lantern_global_13971.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 104ms
21ms Script
application/octet-stream 2600:9000:2670:9a00:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_13971.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:9a00:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9aff8fcbf9e3e27085f01a8e7943e17703de8de0d5943245eaa1eb0f375e4ef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 8gvMpeqJyeQkoXN0oo9ZIr.JIIgkLUyc
date: Wed, 31 Jan 2024 05:40:40 GMT
via: 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 14:39:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
age: 70517
etag: "737e0adf687635be2fadd7f2ef253675"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1815
x-amz-cf-id: aNL45IJe1JAciSAvs8-vRZzBVU-pQq7No1Ub_ClPqFp832aAYlmJKA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1706750156242%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true&liSync=true&e_ip...

0
265 B

266ms
204ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true&liSync=true&e_ipv6=AQJfL4IP-nMQMQAAAY1iPKDmOljqt3TGCrQgfIIGEHAgJqQrQHCs0zjLyjwrpDgy9xnDXW6GgWuo
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A15DADE69BD841BC9E3E05733213FBF2 Ref B: FRAEDGE1514 Ref C: 2024-02-01T01:15:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQR7zYh6M+KdY2VNm73g==

Redirect headers

date: Thu, 01 Feb 2024 01:15:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EFC38A39C80A43029E9BFCE15FD8B616 Ref B: DUS30EDGE0408 Ref C: 2024-02-01T01:15:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1706750156242&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&cookiesTest=true&liSync=true&e_ipv6=AQJfL4IP-nMQMQAAAY1iPKDmOljqt3TGCrQgfIIGEHAgJqQrQHCs0zjLyjwrpDgy9xnDXW6GgWuo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQR7zUaPdPVqTY8WBvJA==

GET
H2 204 12000244.js Show response
bat.bing.com/p/action/ 0
117 B 44ms
44ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/12000244.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 01 Feb 2024 01:15:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5100E49C26FA44138239C85FB38386EF Ref B: FRA31EDGE0109 Ref C: 2024-02-01T01:15:56Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 104ms
104ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=12000244&tm=gtm002&Ver=2&mid=6e13f81a-444b-413e-bad7-d8807a914a2d&sid=735724a0c09f11eeb9f765f29c327767&vid=735705b0c09f11ee935a13b64f750de6&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Education%20Card%20%7C%20Orell%20F%C3%BCssli&p=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&r=&lt=738&evt=pageLoad&sv=1&rn=978663

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Feb 2024 01:15:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75F12CD8357E4A68A6639E9D34206267 Ref B: FRA31EDGE0109 Ref C: 2024-02-01T01:15:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.b3ba56f5.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 24ms
23ms Script
application/javascript 2a02:26f0:3500:883::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "672deff0b6e5a9abcd39c208d7373098"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19203

GET
H2 200 1990369294524981 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1990369294524981?v=2.9.143&r=stable&domain=www.orellfuessli.ch&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8b909d3d98e29a0f833551c61ee2bed9678a46f2220d00069c6abf2edf8191b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Feb 2024 01:15:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: Hz3Mlm9aOIBBI51dhTkzKhaWIj+fY71n2mlYtzz1XMHBHNNExLq/sYQR0XWvWYn5EYeB9Xs7EiKyooJeKON5PQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 302 B
624 B 109ms
53ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1706750156296&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1722791313680598
content-length: 175
pin-unauth: dWlkPU1XWXlNVFZoWkdRdFlqTXdNaTAwTm1FMUxUaGlObVF0WXpjeVpXUTJabUV6TkRZMA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 1874ddb49806027a2d0f19e48eeaf7a1914420d3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
182 B 109ms
54ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b3ba56f5%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1706750156297
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 1874ddb49806027a2d0f19e48eeaf7a1914420d3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6373423054659199
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 anzahl.html Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/ 1 B
304 B 41ms
41ms Fetch
text/plain 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/anzahl.html

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.898aca118c638e9b52b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 1
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: text/plain; charset=utf-8
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 84e6589cea6d3a9a-FRA
expires: 0

GET
H2 200 track.php
lantern.roeye.com/ 0
153 B 158ms
48ms Image
image/gif 52.48.4.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=217dfde6-e4c3-4ea9-a3d9-2d47b9e4c358&referrer=&landingpage=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&site=13971
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.4.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-4-199.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1990369294524981&ev=PageView&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&rl=&if=false&ts=1706750156361&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706750156360.1550852707&cs_est=true&ler=empty&cdl=API_unavailable&it=1706750156271&coo=false&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Feb 2024 01:15:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.MTU3YmJkODI0NQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 434 KB
110 KB 27ms
27ms Script
application/javascript 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LKHMN177STLBSB54OG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9756d593b1d85b31322e53163e1c5fe95e719f5d6846592ea3f8ca22c411c9dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: d2a4be6
date: Thu, 01 Feb 2024 01:15:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240125200856EDC0F1FC6EA9686C0937
x-tt-trace-id: 00-240125200856EDC0F1FC6EA9686C0937-62506EB312E61BA4-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011951e243ffe2f67bdd91a3a1a993994e0a0bee2a3b504ae4d6d3c808cd419e147816f5c9b93be92c3448dcbe94c8c02abec6d2052933afc2ecde24dc233e25ccb4c9b7483935238ba9db8ff09f128897882f90cee4ac92afb6e2d7be4240e256
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 112150

GET
H2 200 dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=*;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;...
adservice.google.com/ddm/fls/z/ Frame 7DF0 42 B
401 B 148ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=*;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card

Requested by

Host: 9327407.fls.doubleclick.net
URL: https://9327407.fls.doubleclick.net/activityi;dc_pre=CKjSo-b7iIQDFZRFHgId8Q8HEQ;src=9327407;type=pageview;cat=global00;ord=6368559807650;npa=0;auiddc=1776349355.1706750156;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;pscdl=noapi;gtm=45He41v0v6104277;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 18ms
17ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5293e3d1f06d73bbd75b83ab1fd1e3020fd5fc1143e2d628d09cd6dc56f9b427

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 01:15:56 GMT
x-cdn: fastly
age: 4690
etag: "ac8a351969e6397350708173ca06e5ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4045

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 6816 565 B
432 B 57ms
57ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 01 Feb 2024 01:15:56 GMT
pinterest-version: 05ef3127273329af6a5cc52f10458a9b380b29ca
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8842552479299161

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 96ms
34ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Thu, 01 Feb 2024 01:15:55 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
155 B 32ms
31ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

Referer: https://www.google.ch/
dataType: json
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:15:55 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 27ms
27ms Script
application/javascript 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: d2a4c1e
date: Thu, 01 Feb 2024 01:15:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151538CB105E941C491498224C
x-tt-trace-id: 00-240123151538CB105E941C491498224C-1FABFF5BB1D8E736-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e83572f3e52186dc1c593befa1fab62db99c1f7153c437ec06474e07ee27c8d6bb4252a83cc74e0784f7094d3a20b41c80a3c99c7448c7993d6435b3d9e32c7b9f5e52308612f81020fc1a7b2241bf4aaea20881c32eda1b3eaaf4bd6e886b94
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length: 37008

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
836 B 139ms
139ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3302b71d.d2a4c29
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020101155620194722C369875FF344-7E687EFCD2C22612-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 110,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=25, inner; dur=23
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024020101155620194722C369875FF344
x-cache-remote: TCP_MISS from a23-222-0-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.222.0.202
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85a720fe5d48b7e899367896f80b62fb1ba221ad2195bcf33feeee4450128749c0f8fab4d6f8d65cd2b4d820b098eae93779a3d105ba639ffad0af09f329270f59ac542f93e0e52b1c42cf864f3fce7ffa0
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
842 B 132ms
131ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8172602.d2a4c2a
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115569B636DD0207DD4CA7FDA-2C91980A18A54BD2-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 102,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=21, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115569B636DD0207DD4CA7FDA
x-cache-remote: TCP_MISS from a168-143-243-14.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,168.143.243.14
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0ad80175487c8e02c25a987c709a6691b593a44b695b223558d6b9617112b6c1ad5f520ba640d05b14ee8fc64f48394f1b94efab8500f42153380fab100b896d4d2b760f189d1e5c623b40c85b9f1f0da11321d3b18779e00fb5d1d7538050780f
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
838 B 132ms
132ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3b14415.d2a4c2b
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115562956E7D02AAAFD5916BE-4933CC60D8F438BB-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 103,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=20, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115562956E7D02AAAFD5916BE
x-cache-remote: TCP_MISS from a66-198-8-122.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,66.198.8.122
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0a74e256da99ec7aca2dddff64788c0dbc3dd250950edc7828df41a1732865a34bee12556bdbc40387204f822e47bd02295b0f311c245c8761ac2861aac8d3e27a4e0461fa6b7a76e505c6d0592e35a87f7afb38d2e3f1d2a92f6f87365848da77
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
836 B 206ms
206ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d7be1a5.d2a4c2c
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115569640277A8FB38F5B97BE-0458D21E01CD1DE4-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 174,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=83, inner; dur=44
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115569640277A8FB38F5B97BE
x-cache-remote: TCP_MISS from a23-222-0-203.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 83,23.222.0.203
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85a70f7b2c3c7548215e693e62cb2afd6100439efb33c260a01f1ada9457b3ed983db5a9ece14a501c6e33d2b92a9da1224ff655af197a5bc4d144a8562edf9a97d691f6651e00a72fcab154569d75f1037
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
842 B 337ms
337ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1ac8843.d2a4c33
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020101155636938A35B7AC9DFEFCA8-64C8ECC1FCBEF7A7-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 298,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=217, inner; dur=211
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024020101155636938A35B7AC9DFEFCA8
x-cache-remote: TCP_MISS from a23-222-0-206.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 217,23.222.0.206
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85a807a63d69db18c61f467726700ae193f2394cc0afe9cc0d72d9bc377db474bd5347322ba533e18f1444656aa00e8d6fa7d6dc6ca6f7bd73a37d0399a3741878b3ce46b4b29e8c5cd0225092420755742
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
836 B 145ms
145ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3155bc1b.d2a4c34
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020101155602B321220FFA84C8678F-0919539301D2C7F1-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 107,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=19, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024020101155602B321220FFA84C8678F
x-cache-remote: TCP_MISS from a23-201-31-205.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.201.31.205
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0a3b0b45bd619f650c04e7fd1815430a52f2d0e80e6badc8bc3de450676e7932277428ee8218708a9ae586d13c70200db0f8d4240b0d56a1c0ab354ed516935c2148314717338ae16259e5d7b1da904aa97d4c0e5814852e674f79e92d5c81afdb
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
837 B 157ms
157ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7aa893c.d2a4c35
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115564D0C5F88D75F27601C63-0C95EA354349D2B1-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 119,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=34, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115564D0C5F88D75F27601C63
x-cache-remote: TCP_MISS from a23-222-0-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.222.0.204
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85a11534c0b15d921ef9c71eba9b96a7396bd0a352185e411b5d55b4200bfc3a711e3af2d6071aa769862da6240d998ab6051fb3c0790987c90f904739db69ddbfc5ff9898e8242d35d47a9756bb1119971
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
968 B 1466ms
235ms Ping
text/plain 104.120.210.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.210.144 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-120-210-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1391873e.11d2b6f8
date: Thu, 01 Feb 2024 01:15:57 GMT
x-bytefaas-request-id: 202402010115579D0CA0F1BD58E8D90C19
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115579D0CA0F1BD58E8D90C19-49AF45221C0B1328-00
x-cache: TCP_MISS from a104-120-210-140.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-parent-response-time: 22,104.120.210.140
server-timing: cdn-cache; desc=MISS, edge; dur=34, origin; dur=12, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115579D0CA0F1BD58E8D90C19
x-cache-remote: TCP_MISS from a23-218-219-16.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 5.38
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01a254e24ca01400d71a83d0f9a01d3546571908aaceadcb6670a727b2de115761bc672b8cf20d242ab2e6ed5fbdfede56de753868d7fbb9932b63b6618006d39835cdbd3a89bdff7e263d879968051a32dc09ec776b3c86d53f8418d47788a0094811e5ec06c206f6638da78643dd7f96
x-origin-response-time: 12,23.218.219.16
access-control-allow-headers: *
expires: Thu, 01 Feb 2024 01:15:57 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
838 B 186ms
186ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5109b394.d2a4c36
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020101155602C768EE4F89F9C547EE-77B8C8E803F95981-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 144,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=54, inner; dur=52
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024020101155602C768EE4F89F9C547EE
x-cache-remote: TCP_MISS from a23-222-0-207.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 54,23.222.0.207
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85ad4669b1726ae9dbb37abbbc54db760040064cc80584d67d87b7e6f132c37aa655bb37fc42c92698765015239cb355f17152c337854e640afa03f03c39afb700c79dec2ca56740acddc00f1e241a1545a
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 29 KB
8 KB 47ms
46ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&cbt=1706750156&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 39352e4dd239cdf01c97323968a7f0f88bf87a54830273af1f5863f0048428e1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Feb 2024 01:15:56 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=69
Content-Length: 7143
Expires: Sun, 01 Jan 2014 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
841 B 122ms
122ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 864b39e.d2a4c49
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115564BC4307CE03ED9CB5008-73B14DA62BE153DC-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 91,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=10, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115564BC4307CE03ED9CB5008
x-cache-remote: TCP_MISS from a168-143-243-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,168.143.243.19
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0ad80175487c8e02c25a987c709a6691b56e1b2cb1e1b5c2a4ff4ae3629e0fbd79bf139841d94c004e72d589750b22e7340f008e6b6d3c9613dbf1789e4d2683a4b5eb59aaa0bf52f2f87076085d6e1d45d6eb1b4e409c6a7d921659df2918c9b7
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

GET
H/1.1 200
OK rt.php Show response
www.usemaxserver.de/ Frame 566D 1 KB
980 B 30ms
30ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&iframe=1&cbt=1706750156&k0=0&w=1600&h=1200&ci=IHVzbV91bV9ydD03MTM5NjMxNjU1JnxlMWY0M2M=
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&cbt=1706750156&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 8a6dd3f1eee4a5df9af1b0bce45d0144140576ce2a7e1f7572e9383b818ec4c4

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 582
Content-Type: text/html
Date: Thu, 01 Feb 2024 01:15:56 GMT
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Keep-Alive: timeout=3, max=68
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache/2.4
Vary: Accept-Encoding

GET
H/1.1 200
OK exint_close.png
www.usemaxserver.de/images/ 3 KB
3 KB 58ms
27ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/images/exint_close.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 01:15:56 GMT
Last-Modified: Tue, 28 Jun 2016 13:42:27 GMT
Server: Apache/2.4
ETag: "a51-53656cebaf6c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=67
Content-Length: 2641

GET
H/1.1 200
OK newsletter_012020.png
www.usemaxserver.de/partner/orellfuessli/onsite/ 193 KB
194 KB 81ms
27ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/partner/orellfuessli/onsite/newsletter_012020.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 01:15:56 GMT
Last-Modified: Wed, 08 Jan 2020 13:33:48 GMT
Server: Apache/2.4
ETag: "305b7-59ba0f13e0700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=70
Content-Length: 198071

GET
H3

200

activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Show response
8114602.fls.doubleclick.net/ Frame 6E72
Redirect Chain

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://8114602.fls.doubleclick.net/activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

2 KB
922 B

62ms
62ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8114602.fls.doubleclick.net/activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&iframe=1&cbt=1706750156&k0=0&w=1600&h=1200&ci=IHVzbV91bV9ydD03MTM5NjMxNjU1JnxlMWY0M2M=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

0339a71dd218af196d191c4471ed45b4735d559a2311f72a85041cd3b3456058

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usemaxserver.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 898
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 01:15:56 GMT
expires: Thu, 01 Feb 2024 01:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 01:15:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8114602.fls.doubleclick.net/activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Show response
8114602.fls.doubleclick.net/ Frame FA9B
Redirect Chain

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://8114602.fls.doubleclick.net/activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

2 KB
920 B

94ms
94ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8114602.fls.doubleclick.net/activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

a9df25d1240454d13daeac3fe802e384ffae1e04fcc0f9ac1ef0e25a0e52c3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usemaxserver.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 896
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 01:15:56 GMT
expires: Thu, 01 Feb 2024 01:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 01:15:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8114602.fls.doubleclick.net/activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK rt.php Show response
www.usemax.de/ Frame 30D7 1 B
683 B 200ms
27ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemax.de/rt.php?ext_i=7139631655
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Feducation-card&iframe=1&cbt=1706750156&k0=0&w=1600&h=1200&ci=IHVzbV91bV9ydD03MTM5NjMxNjU1JnxlMWY0M2M=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://www.usemaxserver.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 21
Content-Type: text/html
Date: Thu, 01 Feb 2024 01:15:56 GMT
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Keep-Alive: timeout=3, max=70
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache/2.4
Vary: Accept-Encoding

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame 566D
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|

35 B
509 B

33ms
33ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|

Requested by

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame 566D
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C1%7COrellFuessliCH_1&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7COrellFuessliCH_1&ADFdivider=|

35 B
518 B

34ms
34ms

Image
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7COrellFuessliCH_1&ADFdivider=|

Requested by

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7COrellFuessliCH_1&ADFdivider=|
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
840 B 189ms
189ms Ping
text/plain 2.19.96.250
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.250 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3112383b.d2a4cb4
date: Thu, 01 Feb 2024 01:15:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402010115569C71EBDD3EE7BBC92E8F-2A5CBBA4171F430B-00
x-cache: TCP_MISS from a2-19-96-246.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 157,2.19.96.246
server-timing: cdn-cache; desc=MISS, edge; dur=132, origin; dur=32, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402010115569C71EBDD3EE7BBC92E8F
x-cache-remote: TCP_MISS from a23-222-0-217.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.222.0.217
x-tt-trace-host: 01caa1397e00b293b7cbf6af9adecf6e0aaebf152c59084192c98215b4789cb85a4c45788df1f477175c3af50f66ad0c226d376bd3638c145a98aa91a0dab05f1db72ced339809549f0353c2811ec75d62181eddbbca40f8331c53d626ebf8b183cc39b9fdc0d04371f34e5a18d046c756
access-control-allow-headers: Authorization,*
expires: Thu, 01 Feb 2024 01:15:56 GMT

GET
H2 200 dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 6E72 42 B
107 B 72ms
72ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 8114602.fls.doubleclick.net
URL: https://8114602.fls.doubleclick.net/activityi;dc_pre=CLKmu-b7iIQDFdJLHgIdN_MFjA;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgxMTQ2MDIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3VzZW1heHNlcnZlci5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdf...
ad.doubleclick.net/ddm/activity/ Frame 6E72 0
2 KB 120ms
53ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgxMTQ2MDIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3VzZW1heHNlcnZlci5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiA1MjIxMDE1OTAxODYyMzIxMjUxCmN0Y19jb252ZXJzaW9uX2J1Y2tldDogNQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYyMDg5NTcKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDEiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDE0NzA1Nzc0Njc5OTU2MTIzMDM0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"14705774679956123034"}],"aggregatable_trigger_data":[{"filters":{"14":["6208957"]},"key_piece":"0xb9cafb74936e7f93","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xa077072d023486aa","not_filters":{"14":["6208957"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6208957"]},"key_piece":"0xd481cea8c679decf","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xcac8b579e7f1816e","not_filters":{"14":["6208957"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"5221015901862321251","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14705774679956123034","filters":{"14":["6208957"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"14705774679956123034","filters":{"14":["6208957"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"14705774679956123034","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"14705774679956123034","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8114602"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame FA9B 42 B
107 B 69ms
68ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 8114602.fls.doubleclick.net
URL: https://8114602.fls.doubleclick.net/activityi;dc_pre=CKalu-b7iIQDFQVOGQod6OoEFw;src=8114602;type=invmedia;cat=yhvflq6j;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgxMTQ2MDIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3VzZW1heHNlcnZlci5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdf...
ad.doubleclick.net/ddm/activity/ Frame FA9B 0
1 KB 88ms
54ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgxMTQ2MDIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3VzZW1heHNlcnZlci5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiA3Mzc2MjQ3OTQ1MDEwMjE4MTQ1CmN0Y19jb252ZXJzaW9uX2J1Y2tldDogNQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYyMDg5NTcKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDEiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDE0NzA1Nzc0Njc5OTU2MTIzMDM0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 01:15:56 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"14705774679956123034"}],"aggregatable_trigger_data":[{"filters":{"14":["6208957"]},"key_piece":"0xb9cafb74936e7f93","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xa077072d023486aa","not_filters":{"14":["6208957"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6208957"]},"key_piece":"0xd481cea8c679decf","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xcac8b579e7f1816e","not_filters":{"14":["6208957"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"7376247945010218145","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14705774679956123034","filters":{"14":["6208957"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"14705774679956123034","filters":{"14":["6208957"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"14705774679956123034","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"14705774679956123034","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8114602"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 700ms
700ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Feb 2024 01:15:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F2CD974D5E6D470CBBA34A2FDF53A0A5 Ref B: DUS30EDGE0408 Ref C: 2024-02-01T01:15:57Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.orellfuessli.ch
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQR7zjMz2lfME88xGlqw==

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 31ms
31ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

Referer: https://www.google.ch/
dataType: json
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:16:01 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 31ms
31ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Thu, 01 Feb 2024 01:16:01 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 38ms
38ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

Referer: https://www.google.ch/
dataType: json
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:16:05 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 34ms
34ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Thu, 01 Feb 2024 01:16:05 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 26ms
26ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

Referer: https://www.google.ch/
dataType: json
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:16:11 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 41ms
40ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Thu, 01 Feb 2024 01:16:11 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 38ms
38ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

Referer: https://www.google.ch/
dataType: json
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:16:16 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 34ms
34ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Thu, 01 Feb 2024 01:16:16 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 30ms
30ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

Referer: https://www.google.ch/
dataType: json
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Thu, 01 Feb 2024 01:16:21 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 32ms
31ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Winterthur, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Thu, 01 Feb 2024 01:16:21 GMT
server: Chat

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orellfuessli.ch/	1970-01-21 03:41:50	Name: gcor Value: "SIDZbrwy9l5SB03FPZln@K7-AAAAKk"
www.orellfuessli.ch/	1970-01-21 03:01:30	Name: ab_bucket Value: 9
www.orellfuessli.ch/	1970-01-21 03:01:30	Name: ab_container Value: 0
.orellfuessli.ch/	1970-01-20 18:05:51	Name: __cf_bm Value: dv.vF1aw2rUtnld8edhkRegX1Sac1sAW1fPfofdLlRM-1706750155-1-AcWEyUmYere9tsMQ1zF6tNxBsi1xpyXIwq1wPh3MZVZ8thZZDzKqFcmxZwqge/D7U8lO/xsJBy2ExiP+v+2ibNw=
.thalia.media/	1970-01-20 18:05:51	Name: __cf_bm Value: rl6_Ui_sZ5UO9vtoKuL5Yi8pckc4oz80HjaQ6hiBVZk-1706750155-1-AQRs5XZt9XL2gEtY/z0fBtquH9mIW8MsXXmmXNViuc/6WGNZZN6ERPcPvw7a90+UjLCeNYD+tweYMBXkaolazhc=
www.orellfuessli.ch/	1970-01-20 18:06:00	Name: club Value: KEIN_MITGLIED
www.orellfuessli.ch/	1970-01-20 18:05:53	Name: hatAbo Value: false
www.orellfuessli.ch/	1970-01-20 18:05:53	Name: anzahlGuthaben Value: 0
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: WARENKORB-XSRF-TOKEN Value: 445dda09-759a-424d-afe8-29534f5788b0
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: MERKZETTEL-XSRF-TOKEN Value: 6713217d-b053-4b9a-9f53-f5133585af96
.www.orellfuessli.ch/	1970-01-21 02:51:26	Name: _ga_hitcounter Value: 1
.www.orellfuessli.ch/	1970-01-21 02:51:26	Name: _ga Value: GA1.1.8543212720.1706750156131
.www.orellfuessli.ch/	1970-01-21 02:51:26	Name: _ga_BE2W3ZY94G Value: GS1.1.1706750156131.1.0.1706750156131.0
.orellfuessli.ch/	1970-01-20 20:15:26	Name: _gcl_au Value: 1.1.1776349355.1706750156
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: b66ac94e-52c7-4bc4-84f3-5f14d134c4f0
.orellfuessli.ch/	1970-01-20 18:07:16	Name: _uetsid Value: 735724a0c09f11eeb9f765f29c327767
.orellfuessli.ch/	1970-01-21 03:27:26	Name: _uetvid Value: 735705b0c09f11ee935a13b64f750de6
.orellfuessli.ch/	1969-12-31 23:59:59	Name: dmChatSessionId Value: csu2o4hwnmpttdzq1wxfjf11
.orellfuessli.ch/	1970-01-20 18:49:02	Name: lantern Value: 217dfde6-e4c3-4ea9-a3d9-2d47b9e4c358
.bing.com/	1970-01-21 03:27:26	Name: MUID Value: 01293A78F5276EFE1A4F2E60F48B6F41
.orellfuessli.ch/	1970-01-20 20:15:26	Name: _fbp Value: fb.1.1706750156360.1550852707
.tiktok.com/	1970-01-21 03:27:26	Name: _ttp Value: 2bkDP9aeQkj6UN1kWvogom0JT90
.doubleclick.net/	1970-01-21 03:41:50	Name: IDE Value: AHWqTUnrsB-hcBH7K9zUAHEoneJfFYfGtIwt-MbSY1FUJtZYLOEfjDvXFpRGQhpInWs
.doubleclick.net/	1970-01-20 22:25:02	Name: receive-cookie-deprecation Value: 1
.pinterest.com/	1970-01-21 02:51:26	Name: ar_debug Value: 1
.orellfuessli.ch/	1970-01-21 02:51:26	Name: _pin_unauth Value: dWlkPU1XWXlNVFZoWkdRdFlqTXdNaTAwTm1FMUxUaGlObVF0WXpjeVpXUTJabUV6TkRZMA
.orellfuessli.ch/	1970-01-21 03:27:26	Name: _tt_enable_cookie Value: 1
.orellfuessli.ch/	1970-01-21 03:27:26	Name: _ttp Value: ZJKvAvAv0qiFqX6tgikUj9pSbdD
.linkedin.com/	1970-01-20 20:15:26	Name: li_sugr Value: 0a720426-d21a-4f49-b302-30c229e204ff
.linkedin.com/	1970-01-21 02:51:26	Name: bcookie Value: "v=2&2020bc51-e9d7-4500-8c61-e32e4cf485d3"
.linkedin.com/	1970-01-20 18:07:16	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3078:u=1:x=1:i=1706750156:t=1706836556:v=2:sig=AQGlU6YxqXyQBfhtCyK4cMsmhSC5zUls"
www.orellfuessli.ch/	1970-01-21 02:51:26	Name: usm_um_rt Value: 7139631655
.adform.net/	1970-01-20 18:47:35	Name: C Value: 1
.adform.net/	1970-01-20 19:32:10	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-20 18:49:02	Name: UserMatchHistory Value: AQKLsQlq6ZeqmgAAAY1iPJ9EHskr-r6QxUAQrXs4zgdyho2wR2SxWabE0l4ZNPwDBwsy4ldpG4zhrA
.linkedin.com/	1970-01-20 18:49:02	Name: AnalyticsSyncHistory Value: AQINbgLZ1a75fgAAAY1iPJ9ECjzN-1kG-AuPRyWvkCAgHszVxd9fBDHZGAK6WqmgC1FGtNdVXLQ0hF0cueh2uQ
.adform.net/	1970-01-20 19:32:10	Name: uid Value: 2665467007296224019
.usemax.de/	1970-01-21 02:51:26	Name: um_rt Value: 7139631655
.usemax.de/	1970-01-21 02:51:26	Name: ident_v Value: 1
.doubleclick.net/	1970-01-20 18:49:02	Name: ar_debug Value: 1
.www.linkedin.com/	1970-01-21 02:51:26	Name: bscookie Value: "v=1&202402010115562b96d36f-4034-434a-8436-745cb57d84b3AQHSLlzgzGY3CduU3tW2wJrXBKOAnoUd"
.linkedin.com/	1970-01-20 22:25:02	Name: li_gc Value: MTswOzE3MDY3NTAxNTY7MjswMjExkH2bM0eiWetC2AcN7U/Pdo+qvOd1DWCBtWS0wQ+tLw==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1990369294524981?v=2.9.143&r=stable&domain=www.orellfuessli.ch&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/education-card Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8114602.fls.doubleclick.net
9327407.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.pangle-ads.com
analytics.tiktok.com
assets.thalia.media
bat.bing.com
chat.orellfuessli.ch
connect.facebook.net
ct.pinterest.com
educard.ch
ga.thalia.media
googleads.g.doubleclick.net
images.thalia.media
lantern.roeye.com
lantern.roeyecdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.pinimg.com
snap.licdn.com
stats.g.doubleclick.net
track.adform.net
www.dwin1.com
www.facebook.com
www.google.ch
www.google.com
www.googletagmanager.com
www.linkedin.com
www.orellfuessli.ch
www.usemax.de
www.usemaxserver.de
104.120.210.144
104.16.4.2
104.16.91.18
13.107.42.14
142.250.184.230
142.250.74.198
151.101.192.84
176.10.114.133
2.19.96.250
2001:4860:4802:34::36
212.48.120.130
2600:9000:2670:9a00:1f:af3f:8a40:93a1
2600:9000:26db:b800:f:8ce2:fb80:93a1
2606:4700::6812:17de
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:883::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
37.157.4.29
52.48.4.199
80.89.210.220
00ae044b3ec3f36c75cc03143d2cafdb2dfa5ba5f93ce0092e28eb6346db2147
00cd7ef1b2c2288020489e6cf158c5c923e8b1b14b0df955c2865a1942b3cb93
0339a71dd218af196d191c4471ed45b4735d559a2311f72a85041cd3b3456058
0a232fab54c312fbe4c0595db28f852c797ab278e2c23eb5f4f31624b14b2974
0b78c93f967d7d7cdac04c8540749f47c15b902e8ed93f683b04192e4511bf82
0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779
13f2ae2696ab61313c0b1646f79f17acfe9c80c1a0379f3c41be1922edb27b06
15f018f66d62ac7ab96d85dd4e253a0338a6143a9b68fddfbe881d245c2e7282
16251eaf9958bb0ccb3bb60592c8478825fae11fdfd37debb049513183d75c01
170545c89c8d0895ac96182d133fdd3a262c5f3776ddc8444678c6a8166ee2ec
19ff76a828740a7d70d6cd4cca1e9ac4e90147e51b3febac46e7d5bac2170f89
1c3b7f58608495c363e18df9eaf323f69393def2c39f483e090da9f39a160bf5
20a2a0d42c7d26076bc1e2dec3d440d2600540757bf6d3ec186e73da83c38294
22bcfcb4f9f8a275e009ea9ca1c9bcb4cd8636a35539f6a20f4465522d8c74fd
25fd20923c13ee0a6142d7c392e7cc1cfac15821033738f615b63bc465a21b5a
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
28286474714f0dabf263e874d239b5eb267919fde472c788ea94b1a06649467c
2950d2260bcd95444f687efd4368d98ec9c359d5a6a2416e81730d4ba0c966ed
2a80023096c5c4ef05584d8bcef41cef0b4b6c4ad0a9f90817872eb288360cc7
2ba54e2810a7a9fbbb9b186b5435e334b0ff88dad85db1c1fc73c09be764d40c
312dc456b9380d06788ab121df550b43a1f239fe896b29741275c59181c2750f
328795e6658d61dff37f8f99257d4fd3d0cdd91f839ed85dc97840044ac4eb6d
3430ada06e93710c0d8c33de52206b350cca35415ac20c03a3346e07872d0b31
3443a7ee26cf9670a2faa35c0b5fc74cbd5e92c4eed38327619958affc7f745a
373dc00aebd2e083c6e52c48a81f704d57c4f9e5ac9b5c25bf83dddc85b71a8a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d27183620f6d08777cd840594796595a6218cd838fc755701e0c885f1fae8f
38535540f1adae6e06d5c0ed5540943411216b474ec2dc0bd9429d97fe97c113
39352e4dd239cdf01c97323968a7f0f88bf87a54830273af1f5863f0048428e1
3ad688c5ce80ca90b61e8af537bf2d220072ad10b953644f44d97f2fcea7a392
3d4732d36c67c702da4037ec0d02df6975ce7b6298aca74d2a69683a32c7cdab
3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86
3e6de6f60205401e34a83cafe636b79e3549d9109648197fe1a81585bd4a76d2
3fa6da3ffbb005af9674cb5811a8196f5688d671d221aa2000f7025b5455ed92
45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3
4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395
4761d2948d41fb2a9a4992371b35b95ff6781aea3989b76981982cfa407ae7a9
49feee554240f639c7c41be1729c336be4bbaf05d18c4fa9d369e0c563e6c2dc
4b668228dcbfa360735dafc49caddd3a054a4fdd01dce9ea4b7bf0a379cbaa45
4cc45a5caebae4c37991f91a69fe0936b6106b6e369867f725e74a85681be5c5
4ea5ca6545d808e0c23b8a7d08df6ece065d2e88758b5b8984a3153297345cce
4f6367d85c99d7856f2a114060b51ad928c44c81a778c8e6a09997608c5ad866
52900a78c2cada7f3bf92acdd03a4f71de5cbb2ed0473c959705075036d2439f
5293e3d1f06d73bbd75b83ab1fd1e3020fd5fc1143e2d628d09cd6dc56f9b427
54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829
56127e85c1038ad70c134feadcc61572b5fbafecf6210463fec360d86655338f
5b3062c77ef611539eefde01bf1ec27f684fb72ca7d0d2f81eaac1a04b6fef5e
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f0d17e42f3865febe387e7e3f18a40d096af4eafc51dfb6b34d677e041b4934
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
665c04464431f9ae193bcf1e324a37be7b0eaf264ab55656cc0224ea1a53ebd5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7383ba3638c475b400bbbb8c70f3ad520cc2d177ec2bdf88555fdab5eeab45
6e9c7a84d5d586c9945e1ca3b379a766c93cf191f121c6bb8c3f319fd2f7bac5
7217a335505108b6c74050e5743e3c159950c5fc00b1611ad4059d1c5bc9cb31
721dbe613cba5aaa9ab39799acd16f1beb9614d522015828ab533fcd3b450d4c
72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac
72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2
74e3ff72e7b7e63accaa235fefaf1aa7fbcd574dacaf4521b57a3252b85f9d62
7631d16c66a0557f86fb6458d5138a465260590013b7ca0144672003837df9ab
7996d05671b56a18fd385902bb829c213af59fa28f12586e55583c5f80adbfc0
7bb7f7033bbba12e81f6ed4535aad67e9949bf81961565c60a9174696ce7824f
81a3cd23c26967d88073c33746d170fcd183d1b0c559c1b3a3a8cedbfffaa548
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
897aa31f11dc834a0ea7c6d78764c2e287df4a57df0a0e62d151ee08a89e00dd
89c7f1af07460d2e8af1242d49b03cef571a58f04055d98726a4ebffa15432ad
89e8fbe1de8235d37c94b2cc58b34ca13ce7bd814ff8e883390a39ef8cefcbaa
8a6dd3f1eee4a5df9af1b0bce45d0144140576ce2a7e1f7572e9383b818ec4c4
8aef3286cef56e8d99cc6eb7c31aadf6f64a3d72a488f635155cac1931d36c53
8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91
92a19b5167d31699691dced9ae4a4a592b4ec784bfeb54c39120328f11343d94
939df079b2c41a9e69370f1b3e98660e7b84072b36544acd32478499d78cafae
93a1961be16def6707f2d36ec8b0e847ee9c6ef913b60b25920b662feaafd00c
946f422273409c3d264097c31e7b4cd2b27f2ead64ba86b9ee5f030316a092df
96d7403d0e8af93961a03ff7d398933205a76199afc26ba980066b0e4801c72e
9756d593b1d85b31322e53163e1c5fe95e719f5d6846592ea3f8ca22c411c9dc
995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45
9ad8de3e4a335ca2feb50b9dc7b8029fef89f084097a59306d4cd593747c9df8
9f10c4bb5195b3ad872e5940ff614ffe170dd2ed74ff073bb91ade98b81558aa
a12ba56d6a99cddcfe86db31ec372ca319ea2b1964c03cd0d97a2440afa8df0c
a1b13642881704e22f0efe3b9f6052c1bc3baf8780ee07aed84a2ea7149cb94e
a2db672a9dc022a62bd575768ebcd0fafbc34fc031ae00448b0c46236614600d
a354624dca9abdfc95710800d950ece30b4a66f43363b2ee846d50d22d43920d
a3f3a7854d2e0d96bcb3e47a12f25fb44e66be78e728c45d3d4dd83f0029cf21
a6e09282a9daf514ff4e23270877aa4339d94bb9b7acf1f13438d4e1e30191dd
a70ba6aaf5487796b15c1a436da210b958ed8afe531dca987f64ee29a9d600fb
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a9df25d1240454d13daeac3fe802e384ffae1e04fcc0f9ac1ef0e25a0e52c3ed
acafdbdac5b196cb4d1eab8b5a5a7900a5479dd113a9483d8e6d62550a51878f
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
b16217342bf945260ef457e550015621ce812a152b98741083a95bbd22abe6b8
b16fbc0805e269461252d6aa054fca96cdfb61c5a9b4edcfa7a9a7387a3e6211
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7
b90cba64e08358c73230a4c43589b57d66044172378bc53b6d6775624112d7f0
ba74bb5389bd06cf0ba8b893de9f885eabc602edc99720da90314a6116fd64da
bf23c48bd6233118b9daf7d369d1ea218076f0e930eeb75405581b22248e3fe0
c0f803dd591fb4e35d55eaf557347593f7169e362a79e80f3cc155bf960415a0
c29c7a027de269cd511d5a2c5c8cc0ac98473b2b8dc0bdadf95e5f3770415362
c770c4d465e153f8c9cfa69f9c548a9d67d0212c0e6095326f499a25b6da0cab
c7b9ef884ec00544279e37558630049d2ee70303d05d1813e60bf1645d6df0e5
ca830f3388ed000d8d9c2456894a716b67558a45ca67590aaec5e304a43d0377
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cbdb897a4ff7ebf898594e8056cab0a3d75ee9025c7718764831277023e6dba7
cc75acca769e271856a09b41d62b53da3d6bbe2879a41569f992cd14746c8146
cfe66844981bc11610d8cf60013586056e0183cf4f3359d8c5b0f889b03410af
d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b
d4e870296f4af285313d56e855cbe52c52adf59094bb937c04ad087184cd8684
d765337f0bd0aa25f29dcec8e9e750d56ab339bb0ac112da6ea96bf7bc54e816
d92343ebbeeb5552e0a6ba73ddb72d8de40b659411228f5647e73c3491b1523a
d9aff8fcbf9e3e27085f01a8e7943e17703de8de0d5943245eaa1eb0f375e4ef
dd67e7b23d0fa209538c2c3f459f8391da49b93084827573a12d52e31924be9c
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
e05496608e58c334abae70368801cfb1f07d3cbe4713bc8a8eef8fd74d0de5a8
e15baf9a676de62dc5759a80a23478addc110671f21311641278bc51b43af2f5
e201db105f746b344722f7df9ee1efe6d6e2341bececa0a3ca64ed2cd29c362b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7123c3cc108de91aa6aba1d923564e5e9cb286a2d2884f13231d04fde12eef0
e80f3437104722d25b2a6f77a6391902738f5f491ad5c23730c131a69e25b538
ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e
ed6f4339c6d36961c0fab4d627e4f10b922e9253a6d832de4751f9ad07c03309
ee18f1aa99e891d96d37fb9123542ea6e40aa6d3daa0b27fa59b80cc0b29b471
eefb7435c521f71a773ad466654a0d91d448491cf67d9fd65fcb2d0d8d55f125
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbf8bc11a2adaeebafa48fa3b231e9f11d9605b3d9f542672e01a3267cd6af2
f0b08acc883938c11157e57d2094e23a2fc6b94d434e405b1650c652c04610f8
f1097459d4155efadb0a47161b04583ec2b3a0dae2e1550340a0546295984f16
f10f200274cb4b7840c7de1494582a797a0f85bcda19e6b25062e2e626882885
f56f1d9ae4b67b544517195747ab20865d7dc5e28aaafc80b165ded2889aeddf
f68de89ef36cf39dd6f8896cd1e4d0269f5eefcfc31e5bd8817a3dbbd508d84d
f6b6da9e622bacab8b15e0cb6c18e63647792985043f2498746ef123b75f68dc
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8b909d3d98e29a0f833551c61ee2bed9678a46f2220d00069c6abf2edf8191b
fa7f127c5e334ff314f189d9e146f560d7148d8ba984bd9b23086fba8022e07f
fd8e6e31935ffd9efb0a6d2131503cdf67b0d333b56b695cf64cc487ab187c6f
fda01a77742600dda0dd9bfd45022e14c7349855b49dc339ab59b137fc449a27
fe147df9b5970350a626a5722f9ddca380744d3cb4eefcbb980e921a28b84803
fef84da8c044468c8a5ccdf128a189e8b11a52175f03f0984eb6b7650cf97ea6

www.orellfuessli.ch Open in urlscan Pro 104.16.91.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

98 %HTTPS

55 %IPv6

23 Domains

33 Subdomains

29 IPs

7 Countries

1813 kBTransfer

4558 kBSize

42 Cookies

12 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.orellfuessli.ch Open in urlscan Pro
104.16.91.18 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

98 %
HTTPS

55 %
IPv6

23
Domains

33
Subdomains

29
IPs

7
Countries

1813 kB
Transfer

4558 kB
Size

42
Cookies

177 HTTP transactions
4 data transactions