urlscan.io logo urlscan.io
SecurityTrails logo

www.heks.ch Open in urlscan Pro
151.101.66.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heks.ch/
Effective URL: https://www.heks.ch/
Submission Tags: tranco_l324
Submission: On May 09 via api from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 7 countries across 15 domains to perform 70 HTTP transactions. The main IP is 151.101.66.191, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.heks.ch.
TLS certificate: Issued by R3 on March 16th 2024. Valid for: 3 months.
This is the only time www.heks.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.194.191 54113 (FASTLY)
27 151.101.66.191 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.159.128.61 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 188.226.136.4 14061 (DIGITALOC...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2.17.147.88 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.159.79.164 16509 (AMAZON-02)
1 13.35.58.40 16509 (AMAZON-02)
1 18.66.122.74 16509 (AMAZON-02)
1 2 3.70.27.63 16509 (AMAZON-02)
1 63.32.181.161 16509 (AMAZON-02)
1 65.108.188.9 24940 (HETZNER-AS)
1 142.250.74.206 15169 (GOOGLE)
70 23
1    151.101.194.191 (San Francisco, United States)

ASN54113 (FASTLY, US)
heks.ch
27    151.101.66.191 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.heks.ch
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    188.226.136.4 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
geo.cookie-script.com
6    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
2    2.17.147.88 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-88.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)
trackcmp.net
1    18.159.79.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-79-164.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    13.35.58.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-40.fra60.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
2    3.70.27.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-27-63.eu-central-1.compute.amazonaws.com
tags.w55c.net
1    63.32.181.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-181-161.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de
consent.cookie-script.com
1    142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
28 heks.ch
heks.ch
www.heks.ch
1 MB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2400
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7454
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7566
tracking.crazyegg.com — Cisco Umbrella Rank: 4579
75 KB
7 gstatic.com
fonts.gstatic.com
176 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
3 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 3247
bs.serving-sys.com — Cisco Umbrella Rank: 2061
24 KB
3 cookie-script.com
geo.cookie-script.com — Cisco Umbrella Rank: 29172
consent.cookie-script.com — Cisco Umbrella Rank: 42358
37 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 4712
2 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9403
prism.app-us1.com — Cisco Umbrella Rank: 9486
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
71 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
207 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
69 KB
1 trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 9557
315 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2031
12 KB
70 15
Domain Requested by
27 www.heks.ch www.heks.ch
7 fonts.gstatic.com fonts.googleapis.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
3 www.google-analytics.com www.googletagmanager.com
www.heks.ch
3 fonts.googleapis.com www.heks.ch
2 tags.w55c.net 1 redirects www.heks.ch
2 secure-ds.serving-sys.com www.heks.ch
secure-ds.serving-sys.com
2 connect.facebook.net www.heks.ch
connect.facebook.net
2 geo.cookie-script.com www.googletagmanager.com
2 www.googletagmanager.com www.heks.ch
www.googletagmanager.com
2 www.youtube.com www.heks.ch
www.youtube.com
1 consent.cookie-script.com geo.cookie-script.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 trackcmp.net diffuser-cdn.app-us1.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com www.heks.ch
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 diffuser-cdn.app-us1.com www.heks.ch
1 player.vimeo.com www.heks.ch
1 heks.ch 1 redirects
70 23

This site contains links to these domains. Also see Links.

Domain
www.eper.ch
en.heks.ch
on.heks.ch
www.zewo.ch
www.facebook.com
www.instagram.com
twitter.com
Subject Issuer Validity Valid
www.heks.ch
R3		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
player.vimeo.com
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-11 -
2024-07-25		 10 months crt.sh
script.crazyegg.com
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-16 -
2024-05-16		 3 months crt.sh
diffuser-cdn.app-us1.com
E1		 2024-03-30 -
2024-06-28		 3 months crt.sh
secure-ds.serving-sys.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
prism.app-us1.com
E1		 2024-03-19 -
2024-06-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-26 -
2024-08-25		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M03		 2024-02-09 -
2025-03-09		 a year crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2024-04-28 -
2025-05-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.heks.ch/
Frame ID: CBC0B748B441FF03AD8E2AA84A922540
Requests: 72 HTTP requests in this frame

Frame: https://tags.w55c.net/rs?sccid=d001ecde-732a-59fa-cac1-d908c288a3e4&scc=1&id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage
Frame ID: 7122AC1E34423A2FB7D591775CB88D70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HEKS - Hilfswerk der Evangelisch-reformierten Kirche Schweiz | HEKS

Page URL History Show full URLs

  1. http://heks.ch/ HTTP 307
    https://heks.ch/ HTTP 301
    https://www.heks.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

70
Requests

96 %
HTTPS

48 %
IPv6

15
Domains

23
Subdomains

23
IPs

7
Countries

1876 kB
Transfer

3967 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heks.ch/ HTTP 307
    https://heks.ch/ HTTP 301
    https://www.heks.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://tags.w55c.net/rs?id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage HTTP 302
  • https://tags.w55c.net/rs?sccid=d001ecde-732a-59fa-cac1-d908c288a3e4&scc=1&id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heks.ch/
Redirect Chain
  • http://heks.ch/
  • https://heks.ch/
  • https://www.heks.ch/
51 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f638b006a6c70df163a8b4853d6c2ceca3114e16840f2249f6bbd3d95cf4305d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
29262
cache-control
max-age=900, public, s-maxage=2764800
content-encoding
gzip
content-language
de
content-length
12016
content-type
text/html; charset=UTF-8
date
Thu, 09 May 2024 03:26:15 GMT
etag
W/"1715195912"
expires
Sun, 19 Nov 1978 05:00:00 GMT
fastly-drupal-html
YES
last-modified
Wed, 08 May 2024 19:18:32 GMT
strict-transport-security
max-age=31557600
vary
Cookie, Accept-Encoding
x-cache
HIT, HIT
x-cache-hits
20, 2
x-commerce-core
2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-l4g8x
x-served-by
cache-fra-etou8220034-FRA, cache-mxp6923-MXP
x-timer
S1715225176.566404,VS0,VE0

Redirect headers

accept-ranges
bytes
age
1368
content-length
166
content-type
text/html
date
Thu, 09 May 2024 03:26:15 GMT
location
https://www.heks.ch/
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
x-cache-hits
6, 0
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-l4g8x
x-served-by
cache-fra-eddf8230121-FRA, cache-mxp6983-MXP
x-timer
S1715225175.458388,VS0,VE1
css_lQdmwSYp_vsqy-YyxUKGcRu6NP6zTlfesyccfksz3og.css
www.heks.ch/sites/default/files/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/sites/default/files/css/css_lQdmwSYp_vsqy-YyxUKGcRu6NP6zTlfesyccfksz3og.css?delta=0&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7739220e2a6ef35a14e0bd20827464a6cdacd72cd1c730594cfdf0181d88a88c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
20, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1236634
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
2549
x-served-by
cache-fra-etou8220103-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:23:28 GMT
x-timer
S1715225176.664926,VS0,VE1
etag
W/"66295c30-1fa0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 25 May 2024 05:55:42 GMT
css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css
www.heks.ch/sites/default/files/css/ 		323 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9a9aa3abe92a59f612be75697d6512998c75779cfb87a922d1957d056d418b18
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
20, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1236634
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
50923
x-served-by
cache-fra-etou8220102-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:23:02 GMT
x-timer
S1715225176.664909,VS0,VE1
etag
W/"66295c16-50a04"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 25 May 2024 05:55:43 GMT
Cart.svg
www.heks.ch/themes/beaker/images/icons/ 		869 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/Cart.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08b62cc6bf9d5a29394c386e4b1cc4da4d11c7b66dbc5b0e95441a5beb28b551
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
3690, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
674771
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-nz9c8
content-length
379
x-served-by
cache-fra-eddf8230124-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
x-timer
S1715225176.664880,VS0,VE1
etag
W/"6629594e-365"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Fri, 31 May 2024 18:00:05 GMT
logo-de.png
www.heks.ch/themes/beaker/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/logo-de.png
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
51597b6113ccd163a135e47b409db57f29aca746227eb39600504bf2c233abf1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
873, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Thu, 06 Jun 2024 13:16:52 GMT
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
age
173364
x-timer
S1715225176.665035,VS0,VE1
etag
"6629594e-34a1"
x-cache
HIT, HIT
content-type
image/png
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-l4g8x
cache-control
max-age=2628001
accept-ranges
bytes
content-length
13473
x-served-by
cache-fra-etou8220053-FRA, cache-mxp6923-MXP
Hero_2024HEKS_miteinander041.jpg
www.heks.ch/sites/default/files/styles/img_free_aspect_3380/public/2024-04/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/img_free_aspect_3380/public/2024-04/Hero_2024HEKS_miteinander041.jpg?itok=negK0ymu
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e83d33ac3d41f40ae2ca8a08d8d615cd1a35d3e5ec0eb0c1dc2cb57da3187bee
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
303, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
x-content-type-options
nosniff
x-commerce-core
2
fastly-drupal-html
YES
age
167210
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
134566
x-served-by
cache-fra-etou8220033-FRA, cache-mxp6923-MXP
last-modified
Mon, 29 Apr 2024 09:54:35 GMT
x-timer
S1715225176.674528,VS0,VE1
x-frame-options
SAMEORIGIN
content-type
image/jpeg
content-language
de
cache-control
public, s-maxage=2764800
accept-ranges
bytes
expires
Sun, 19 Nov 1978 05:00:00 GMT
ZEWO_Logo_def_weiss.png
www.heks.ch/sites/default/files/2022-02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/2022-02/ZEWO_Logo_def_weiss.png
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6dd3d4b3def858fbe3b17d9c1396f31d784fdad1b16a594ac85b8ba4a062aea
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
291, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 05 May 2024 17:59:32 GMT
last-modified
Tue, 22 Feb 2022 16:06:34 GMT
age
137074
x-timer
S1715225176.674513,VS0,VE46
etag
"62150a0a-2668"
x-cache
HIT, HIT
content-type
image/png
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7787b8cb9b-gvxsh
cache-control
max-age=2628001
accept-ranges
bytes
content-length
9832
x-served-by
cache-fra-etou8220069-FRA, cache-mxp6923-MXP
act.png
www.heks.ch/themes/beaker/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/act.png
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf7dd9f71b4ad309eafb95eceb0866e2e0e11eb00b9f4ca538c0405f272fbee9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
5, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Thu, 06 Jun 2024 20:23:48 GMT
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
age
147749
x-timer
S1715225176.674684,VS0,VE1
etag
"6629594e-2305"
x-cache
HIT, HIT
content-type
image/png
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-l4g8x
cache-control
max-age=2628001
accept-ranges
bytes
content-length
8965
x-served-by
cache-fra-eddf8230077-FRA, cache-mxp6923-MXP
js_2_9YsrqlH0nbAVIizbE5KyLIWA7z5fmsmGPpjSUib7o.js
www.heks.ch/sites/default/files/js/ 		370 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/sites/default/files/js/js_2_9YsrqlH0nbAVIizbE5KyLIWA7z5fmsmGPpjSUib7o.js?scope=footer&delta=0&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14415c8f6d52d70238548b6e1601acfcbb57dd0e63c2de51baa36e49d37a9856
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
22, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1234574
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
137586
x-served-by
cache-fra-eddf8230135-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:55:45 GMT
x-timer
S1715225176.674499,VS0,VE1
etag
W/"662963c1-5c637"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 25 May 2024 06:30:02 GMT
slick.min.js
www.heks.ch/themes/beaker/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/themes/beaker/js/slick.min.js?v=1.9
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1453, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1377292
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-779c89db6-lz4rl
content-length
12980
x-served-by
cache-fra-eddf8230051-FRA, cache-mxp6923-MXP
last-modified
Thu, 18 Apr 2024 14:38:08 GMT
x-timer
S1715225176.674705,VS0,VE1
etag
W/"66213050-a76f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 23 May 2024 14:51:24 GMT
js_3LgvOpfIMEEvBOxbdKyofpZ7hJfln7bzw860i0ddn2s.js
www.heks.ch/sites/default/files/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/sites/default/files/js/js_3LgvOpfIMEEvBOxbdKyofpZ7hJfln7bzw860i0ddn2s.js?scope=footer&delta=2&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b09c879c6f31025c42569c55a41f8734742e51cc3bc1a57109b7f01f4cec111b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
21, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1236634
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
1796
x-served-by
cache-fra-eddf8230084-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:23:28 GMT
x-timer
S1715225176.674692,VS0,VE1
etag
W/"66295c30-1206"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 25 May 2024 05:55:43 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c443dbf6031bb78343d0bc46b1b1375e6311497b72ed843c89fedb018e5963b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 09 May 2024 03:26:15 GMT
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 08 May 2024 23:53:08 GMT
Date
Thu, 09 May 2024 03:26:15 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
via
1.1 varnish
Age
187
x-cache
HIT
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
11390
x-served-by
cache-fra-eddf8230088-FRA
x-player-backend
g
Server
cloudflare
x-timer
S1715225176.751833,VS0,VE0
vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
access-control-allow-origin
*
Cache-Control
max-age=1800
x-bapp-server
accept-ranges
bytes
CF-RAY
880e96446bcc3730-FRA
x-cache-hits
26
css_Pe5Cfit4KxeHDOg6LaSWmNzXbiiB-xpNmg8_WtG3yoQ.css
www.heks.ch/sites/default/files/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/sites/default/files/css/css_Pe5Cfit4KxeHDOg6LaSWmNzXbiiB-xpNmg8_WtG3yoQ.css?delta=2&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d5ee2f950c064284a12b26e7c1b74e9c2dc0c1b56e73a0332ec18da1d1abb3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
23, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1236630
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
1823
x-served-by
cache-fra-etou8220138-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:23:02 GMT
x-timer
S1715225176.683672,VS0,VE1
etag
W/"66295c16-1aa8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 25 May 2024 05:55:46 GMT
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bitter:400,700|Open+Sans:400,600,700,800,400italic,300
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c14eb39a30ef29efabbb759c9dd962f8e5ec12bb33a9cd934870ab365d599b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 03:26:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 03:26:15 GMT
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700|Open+Sans:400,600,700,800,400italic,300
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bcf78338b74ece694fc0863bbd0a856edaa68b3488176a87dccbee171e1bbd0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 03:26:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 03:26:15 GMT
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600&family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ef0180546fa6cc29274b9edd43f12827fa83fd8493668beb60e62955d8e362d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 03:26:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 03:26:15 GMT
gtm.js
www.googletagmanager.com/ 		484 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXX6G9
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
766842d48a788ff1052aa5b983789fb9ed039fd5df99725d6ddcc3a71987ca4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106165
x-xss-protection
0
last-modified
Thu, 09 May 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 03:26:15 GMT
double-chevrons.svg
www.heks.ch/themes/beaker/images/icons/ 		801 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/double-chevrons.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a3ccf1c18e201a189c2b6b32e504a7c1ca9170130cb102ad7e2c2913482a1da3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 2
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
138569
x-cache
MISS, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-l4g8x
content-length
336
x-served-by
cache-fra-etou8220021-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
x-timer
S1715225176.834264,VS0,VE0
etag
W/"6629594e-321"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 06 Jun 2024 22:56:48 GMT
Phone.svg
www.heks.ch/themes/beaker/images/icons/ 		1 KB
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/Phone.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c8a8de99ea4b31735bba5293d5c91332574786412dbbba5404f966e9742b1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2810, 2
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
706562
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-nz9c8
content-length
670
x-served-by
cache-fra-etou8220080-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
x-timer
S1715225176.835760,VS0,VE0
etag
W/"6629594e-4c4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Fri, 31 May 2024 09:10:14 GMT
Envelope.svg
www.heks.ch/themes/beaker/images/icons/ 		1 KB
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/Envelope.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce642f17c6d71d09d1fd1ec7dab720afe3f53af02a29fed63b26ecdc98c2bb59
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1793, 2
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
582469
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2t8ss
content-length
590
x-served-by
cache-fra-etou8220096-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
x-timer
S1715225176.835744,VS0,VE0
etag
W/"6629594e-4a7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 01 Jun 2024 19:38:28 GMT
Facebook.svg
www.heks.ch/themes/beaker/images/icons/ 		567 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/Facebook.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b3918f44ea554b575bf02331f6c8427ffbe1614ea1872204cb472601622bd71
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
776, 2
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
161098
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-l4g8x
content-length
343
x-served-by
cache-fra-eddf8230125-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
x-timer
S1715225176.836349,VS0,VE0
etag
W/"6629594e-237"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 06 Jun 2024 16:41:19 GMT
Instagram.svg
www.heks.ch/themes/beaker/images/icons/ 		2 KB
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/Instagram.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e106bc27dd12e306ac25f71fb901e5ce3d16f9dfecd3229ea8b301e8384e4f56
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
3788, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1804350
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7d559457dc-mnczr
content-length
757
x-served-by
cache-fra-etou8220102-FRA, cache-mxp6923-MXP
last-modified
Wed, 10 Apr 2024 18:50:33 GMT
x-timer
S1715225176.836337,VS0,VE1
etag
W/"6616df79-680"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Sat, 18 May 2024 16:13:46 GMT
Twitter.svg
www.heks.ch/themes/beaker/images/icons/ 		725 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icons/Twitter.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c75646f32ff1d295971df4ae848d8c8290fec750419663479c24762ada2e151e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2984, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
2609675
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b84d8c6d8-d95h6
content-length
432
x-served-by
cache-fra-eddf8230143-FRA, cache-mxp6923-MXP
last-modified
Mon, 08 Apr 2024 11:28:04 GMT
x-timer
S1715225176.836322,VS0,VE1
etag
W/"6613d4c4-2d5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 09 May 2024 08:31:41 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:18:31 GMT
x-content-type-options
nosniff
age
176864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 02:18:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 00:45:23 GMT
x-content-type-options
nosniff
age
441652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 00:45:23 GMT
rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v33/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bitter/v33/rax8HiqOu8IVPmn7f4xp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Open+Sans:400,600,700,800,400italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2321d29475d47bd4d70a263c8f59d12ebad686e96aef5ac0a9e9e271ec0dcc47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:44:10 GMT
x-content-type-options
nosniff
age
157325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33148
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:16:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:44:10 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:28:14 GMT
x-content-type-options
nosniff
age
154681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:28:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 13:27:43 GMT
x-content-type-options
nosniff
age
136712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 13:27:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;500;600&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:30:08 GMT
x-content-type-options
nosniff
age
204967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 May 2025 18:30:08 GMT
Teaser_Rafah_Camp_593945046_highres_Keystone.jpg
www.heks.ch/sites/default/files/styles/teaser/public/2024-01/ 		420 KB
420 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/teaser/public/2024-01/Teaser_Rafah_Camp_593945046_highres_Keystone.jpg?h=b69e0e0e&itok=9G_U7nQ0
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
119573f4f8f91a293a8999a49a658b0edc8afde1023fdfd9b893442936be6000
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
556, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 19 May 2024 23:24:18 GMT
last-modified
Wed, 17 Jan 2024 09:31:03 GMT
age
1692118
x-timer
S1715225176.861992,VS0,VE1
etag
"65a79e57-68f04"
x-cache
HIT, HIT
content-type
image/jpeg
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-779c89db6-rkqlk
cache-control
max-age=2628001
accept-ranges
bytes
content-length
429828
x-served-by
cache-fra-eddf8230065-FRA, cache-mxp6923-MXP
HEKSFoto_%20240222_Sierra%20Leone_Port%20Loko%20Distrikt%20_52091.jpg
www.heks.ch/sites/default/files/styles/teaser_1_3/public/2024-05/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/teaser_1_3/public/2024-05/HEKSFoto_%20240222_Sierra%20Leone_Port%20Loko%20Distrikt%20_52091.jpg?itok=3FEvRK_c
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3344c0791be67bd2f0e9f51eb0d5224723db632a5bd9fcbb7d35788cfd58e16
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
13, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 02 Jun 2024 16:39:47 GMT
last-modified
Fri, 03 May 2024 06:39:28 GMT
age
506789
x-timer
S1715225176.861990,VS0,VE1
etag
"663486a0-fa37"
x-cache
HIT, HIT
content-type
image/jpeg
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2t8ss
cache-control
max-age=2628001
accept-ranges
bytes
content-length
64055
x-served-by
cache-fra-etou8220097-FRA, cache-mxp6923-MXP
Inklusions_hero.jpg
www.heks.ch/sites/default/files/styles/teaser_1_3/public/2022-12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/teaser_1_3/public/2022-12/Inklusions_hero.jpg?itok=mq6tL0yx
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f55d61eeeef1077624d9c57df9abeba3e31a2f68ebf43c2ad9e9e0597aadfb45
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
841, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 05 May 2024 17:59:33 GMT
last-modified
Wed, 08 Mar 2023 09:18:07 GMT
age
1735847
x-timer
S1715225176.861972,VS0,VE1
etag
"640852cf-e531"
x-cache
HIT, HIT
content-type
image/jpeg
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7787b8cb9b-gvxsh
cache-control
max-age=2628001
accept-ranges
bytes
content-length
58673
x-served-by
cache-fra-etou8220110-FRA, cache-mxp6923-MXP
30321_Klimawandel_Senegal%20_Christian%20Bobst_47801_0.jpg
www.heks.ch/sites/default/files/styles/teaser_1_3/public/2024-02/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/teaser_1_3/public/2024-02/30321_Klimawandel_Senegal%20_Christian%20Bobst_47801_0.jpg?itok=LR53NHD5
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f3d4ac7c31b82143209a17c75ea62a3126e3b189a90e0a3279126438365911e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1014, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 05 May 2024 17:59:36 GMT
last-modified
Mon, 26 Feb 2024 15:43:44 GMT
age
1362347
x-timer
S1715225176.862151,VS0,VE11
etag
"65dcb1b0-1080c"
x-cache
HIT, MISS
content-type
image/jpeg
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7787b8cb9b-gvxsh
cache-control
max-age=2628001
accept-ranges
bytes
content-length
67596
x-served-by
cache-fra-eddf8230031-FRA, cache-mxp6923-MXP
Flucht%20und%20Migration_1.jpeg
www.heks.ch/sites/default/files/styles/teaser_1_3/public/2023-01/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/teaser_1_3/public/2023-01/Flucht%20und%20Migration_1.jpeg?itok=u-L-_6Z5
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1a292f8f66301a4fca74a344157b485541ec9a168938240c905ee5f66561ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
408, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 05 May 2024 17:59:36 GMT
last-modified
Wed, 08 Mar 2023 09:17:15 GMT
age
766599
x-timer
S1715225176.862103,VS0,VE1
etag
"6408529b-11baa"
x-cache
HIT, HIT
content-type
image/jpeg
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7787b8cb9b-gvxsh
cache-control
max-age=2628001
accept-ranges
bytes
content-length
72618
x-served-by
cache-fra-eddf8230020-FRA, cache-mxp6923-MXP
www-widgetapi.js
www.youtube.com/s/player/178de1f2/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 00:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
9721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68217
x-xss-protection
0
last-modified
Tue, 07 May 2024 04:18:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 09 May 2025 00:44:14 GMT
icon--search-black.svg
www.heks.ch/themes/beaker/images/ 		327 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icon--search-black.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb9bba1598a9d47461daf6a57cbc89ec40d71d9f8ad14ce2cf678a3062ddb1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
781195
x-cache
MISS, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7b78c9fdb8-2l8zr
content-length
255
x-served-by
cache-fra-eddf8230104-FRA, cache-mxp6923-MXP
last-modified
Wed, 24 Apr 2024 19:11:10 GMT
x-timer
S1715225176.886662,VS0,VE1
etag
W/"6629594e-147"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 30 May 2024 12:26:22 GMT
icon--arrow-right-chevron.svg
www.heks.ch/themes/beaker/images/ 		248 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/themes/beaker/images/icon--arrow-right-chevron.svg
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b7bb198a09eef8987372e0bd5cc71c1f29e9243fe0b7bee03090d1ddf411e64
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/sites/default/files/css/css_ibx_obz9Eu0ZFmkLNEE47OBl-n9KEcDf5JR9MeDfpuE.css?delta=1&language=de&theme=beaker&include=eJxVjFsKwzAMBC9k6iMFWVmKsWQVSSFJT9-WPqA_yywME2cktDYKFBaKOP9YEUFXRGFz1GmuJP2O0kAD_lZxpPQ56urbjeTyuYW3SNM6sYcgE_5tTlt_gZDOT9VU4YyFybO-ZmliPB7CsTzs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
305, 0
date
Thu, 09 May 2024 03:26:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1378883
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-779c89db6-lz4rl
content-length
205
x-served-by
cache-fra-etou8220103-FRA, cache-mxp6923-MXP
last-modified
Thu, 18 Apr 2024 14:38:08 GMT
x-timer
S1715225176.890269,VS0,VE1
etag
W/"66213050-f8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 23 May 2024 14:24:54 GMT
Recht%20auf%20Land_1400x640_Kirstin%20Bethge_39705%20Kopie.jpg
www.heks.ch/sites/default/files/styles/teaser_1_3/public/2023-07/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heks.ch/sites/default/files/styles/teaser_1_3/public/2023-07/Recht%20auf%20Land_1400x640_Kirstin%20Bethge_39705%20Kopie.jpg?itok=mLHW_jJC
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36977e5653d36f240fb7e530771f1611279a49e3bfd484d4a441a790e0ba10e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1044, 0
date
Thu, 09 May 2024 03:26:15 GMT
strict-transport-security
max-age=31557600
expires
Sun, 05 May 2024 17:59:36 GMT
last-modified
Thu, 06 Jul 2023 12:50:08 GMT
age
1987722
x-timer
S1715225176.906597,VS0,VE1
etag
"64a6b880-18cf5"
x-cache
HIT, HIT
content-type
image/jpeg
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-7787b8cb9b-gvxsh
cache-control
max-age=2628001
accept-ranges
bytes
content-length
101621
x-served-by
cache-fra-eddf8230106-FRA, cache-mxp6923-MXP
213371191b8fbd0ac8320b282d3e8bc2.js
geo.cookie-script.com/s/ 		193 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cookie-script.com/s/213371191b8fbd0ac8320b282d3e8bc2.js?country=ch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXX6G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.226.136.4 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
2bb0e822209513e830dacfb02540442a0c1f008f8ad174327f1ccedb2105c815

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2024 18:42:20 GMT
x-cache-status
HIT
content-type
application/javascript
a646eeeed7ffc27bffc7d3a5356fcda5.js
geo.cookie-script.com/s/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cookie-script.com/s/a646eeeed7ffc27bffc7d3a5356fcda5.js?country=us-af-al-dz-as-ad-ao-ai-aq-ag-ar-am-aw-au-az-bs-bh-bd-bb-by-bz-bj-bm-bt-bo-bq-ba-bw-bv-br-io-bn-bf-bi-cv-kh-cm-ca-ky-cf-td-cl-cn-cx-cc-co-km-cd-cg-ck-cr-cu-cw-ci-dj-dm-do-ec-sv-eg-gq-er-sz-et-fk-fo-fj-gf-pf-tf-ga-gm-ge-gh-gi-gl-gd-gp-gu-gg-gt-gn-gw-gy-ht-hm-va-hn-is-hk-in-id-ir-iq-im-il-jm-jp-je-jo-kz-ke-ki-kp-kr-kw-kg-la-lb-ls-lr-ly-li-mo-mg-mw-my-mv-ml-mh-mq-mr-mu-yt-mx-fm-md-mc-mn-me-ms-ma-mz-mm-na-nr-np-nc-nz-ni-ne-ng-nu-nf-mp-no-om-pk-pw-ps-pa-pg-py-pe-ph-pn-pr-qa-mk-ru-rw-re-bl-sh-kn-lc-mf-pm-vc-ws-sm-st-sa-sn-rs-sc-sl-sg-sx-sb-so-za-gs-ss-lk-sd-sr-sj-sy-tw-tj-tz-th-tl-tg-tk-to-tt-tn-tr-tm-tc-tv-ug-ua-ae-gb-um-uy-uz-vu-ve-vn-vg-vi-wf-eh-ye-zm-zw-ax&region=eu
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXX6G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.226.136.4 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
52d073528326b6ce9efaeee3c27fc36761b862d521e2eabe066587bb2294792e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
x-cache-status
RESET JS
content-length
1130
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		319 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DZB6R2JMTC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXX6G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80df8173f92f99c54c4406a3c2a05606cfcbda7d888e1c2377d4aa367ef2fbde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104956
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 May 2024 03:26:16 GMT
8823.js
script.crazyegg.com/pages/scripts/0018/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/8823.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXX6G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44fb691a421a158c8f53d1faeb5d08ff3f84c3eefd65f760189b32f38f11fc31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 09 May 2024 03:26:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
ce-version
11.5.210
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880e9646bd6ca00b-AMS
content-length
2238
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 03:26:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1208, tbw=2768, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma
public
x-fb-debug
8NkFcOlj8JbIkPfLYELKwSgMtcI4QkR+YFdR5bd9HWuhYgVtv9JpMqVRI3VhEZcXV/xi4YOJ3pruOZ8OxpU0ZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
via
1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P1
age
291
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 04 Apr 2023 18:58:37 GMT
server
cloudflare
etag
W/"613257bb316d347d9417023321c6d62f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
880e9646bfb79f88-AMS
x-amz-cf-id
-hnejq2gMW32xGgU_G7uk3pTKj48sSmWHkdZWd1caqLDF99uQ-h0qw==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073745998
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.147.88 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
x-amz-request-id
XKGWWSTMX1ZRBP7K
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
content-length
21820
x-amz-id-2
jYzJgZyI+gHp2MhDwQg9myF7FgTQLEB8jM5BLhBz/byh1SFCcLhU54RE0PllWbI2YE/iZYJgp5o=
last-modified
Wed, 06 Sep 2023 14:35:36 GMT
server
AmazonS3
etag
"220840acac0b72605c541d1c968febe3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=708
accept-ranges
bytes
x-amz-cf-id
GWrEhz2bNMt5JpGakma15PZqC59JL6U7RBvT6ZIbPWLV5sMiN2Yr7A==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXX6G9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 May 2024 02:47:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2313
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 09 May 2024 04:47:43 GMT
790351474448510
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/790351474448510?v=2.9.156&r=stable&domain=www.heks.ch&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
58277ee2cc1a30f632952cc03eb73cb0acf0919f110d7632db542b3bff36feb9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 03:26:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=69, mss=1208, tbw=63313, tp=-1, tpl=-1, uplat=72, ullat=0
pragma
public
x-fb-debug
7BYr/vinbZ6BQdoSuITDeiuwOaHC0T6lX/YGnGA28FHPF9TIq1965bC2o1y/nTpkIQN0f6sYnuCSyUBg0McqqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
prism.app-us1.com/ 		248 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=223992243&u=https%3A%2F%2Fwww.heks.ch%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
6508040409363d74c081b39cca97e10af4e1447c9fd8d48911341201e6ecc841
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.27
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
75
cf-ray
880e964769b3a009-AMS
1073745998
secure-ds.serving-sys.com/adServingData/PROD/TMClient/8/ 		957 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/8/1073745998
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073745998
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.147.88 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
16716e638640c27850e81737549d1b38569c424e2404b45255d400173b6839d4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rQ2IAKrqpOzRcKrdlgEfArocF_pdBp5E
date
Thu, 09 May 2024 03:26:16 GMT
last-modified
Tue, 17 Oct 2023 07:15:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
etag
"fe16d00b65d993fe3470c54e53fc9c26"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=586
accept-ranges
bytes
content-length
957
x-amz-cf-id
xOhHsHcCYvMOCPQq7hsxIoR15WXy_uKCGc7RSHzyPnmNSsg3lgB3LA==
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=790351474448510&ev=PageView&dl=https%3A%2F%2Fwww.heks.ch%2F&rl=&if=false&ts=1715225176234&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715225176234.1226510237&ler=empty&cdl=API_unavailable&it=1715225176128&coo=false&rqm=GET
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1320, tbw=2758, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 09 May 2024 03:26:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
www.heks.ch.json
script.crazyegg.com/pages/data-scripts/0018/8823/site/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/8823/site/www.heks.ch.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/8823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f6feaa38b832f046e70ef07979a712a4803c293b526676fe17310d8bdf1f12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4263
ce-version
11.5.210
content-length
2371
last-modified
Thu, 09 May 2024 02:15:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880e9649ffaa0a78-AMS
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DZB6R2JMTC&gtm=45je4510v879104081z872105831za200&_p=1715225175804&gcs=G100&gcd=13p3p3l3l5&npa=0&dma=0&gdid=dMmY1Mm&cid=1706294154.1715225177&ul=de-ch&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1715225176&sct=1&seg=0&dl=https%3A%2F%2Fwww.heks.ch%2F&dt=HEKS%20-%20Hilfswerk%20der%20Evangelisch-reformierten%20Kirche%20Schweiz%20%7C%20HEKS&en=page_view&_fv=1&_ss=1&tfd=1226
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DZB6R2JMTC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 03:26:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heks.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1867071370&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heks.ch%2F&ul=de-ch&de=UTF-8&dt=HEKS%20-%20Hilfswerk%20der%20Evangelisch-reformierten%20Kirche%20Schweiz%20%7C%20HEKS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEAAAAABEAAAAAAAIk~&cid=1706294154.1715225177&tid=UA-55107579-1&_gid=1331245310.1715225177&gtm=45He4510n71KXX6G9v72105831za200&gcs=G100&gcd=13p3p3l3l5&dma=0&z=1587218448
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 20:14:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25895
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2e23b996f30aa45a4331ff625e76329e.js
script.crazyegg.com/pages/versioned/common-scripts/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/8823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd63265ed07d13fa2b0422ae4b2324ba4a8ff29bf5460b90c09d7cdaa8bd568b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 18:50:58 GMT
server
cloudflare
age
25603
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880e964a4fc1a00b-AMS
content-length
31432
t_prism_sitemessages.php
trackcmp.net/ 		0
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=223992243&prismid=dbc69f5e-1943-4e17-9a97-ccfaea7949b3&url=https%3A%2F%2Fwww.heks.ch%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.27
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, private
x-envoy-upstream-service-time
14
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray
880e964adc450e6c-AMS
content-length
0
www.heks.ch.json
script.crazyegg.com/pages/data-scripts/0018/8823/sampling/ 		146 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/8823/sampling/www.heks.ch.json?t=476451
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe171846cb184b4da5b487f25518bd927493222f4b4cf9e5255336d66b26fdf8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4260
ce-version
11.5.210
content-length
142
last-modified
Thu, 09 May 2024 02:15:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880e964a9fdd0a78-AMS
Serving
bs.serving-sys.com/ 		509 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073745998&dispType=js&sync=0&sessionid=1596186888344330504&pageurl=$$https%3A%2F%2Fwww.heks.ch%2F$$&activityValues=$$Quantity%3D1%26Session%3D2171990658383636014$$&ns=0&rnd=3470160912&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073745998
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.79.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-79-164.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6a52bfa2361406cc24ebfcd0b8ed78eda4d75a853acc1b2640e3c6e8c108fca4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 03:26:16 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
381
expires
Sun, 05-Jun-2005 22:00:00 GMT
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 fe1df26b55e8c12763613686df86f7f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
20050969
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
4dRa8jTfFUGcdER9C9bUjJPG7WbZPdGyMX7vdHfObhGxPanuahZWAw==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
12189768
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
2RZ8znZNze6zufWGbjX2xGbU3QSuf86FJMvB6kthAosr49dY5EoiNg==
6d0c1287-a101-4850-adab-7bc878cfb1d8
https://www.heks.ch/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.heks.ch/6d0c1287-a101-4850-adab-7bc878cfb1d8
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
rs
tags.w55c.net/ Frame 7122
Redirect Chain
  • https://tags.w55c.net/rs?id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage
  • https://tags.w55c.net/rs?sccid=d001ecde-732a-59fa-cac1-d908c288a3e4&scc=1&id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage
42 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=d001ecde-732a-59fa-cac1-d908c288a3e4&scc=1&id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
HTTP/1.1
Server
3.70.27.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-27-63.eu-central-1.compute.amazonaws.com
Software
Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0f696b3092ec6e04f@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.heks.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 May 2024 03:26:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0f696b3092ec6e04f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 May 2024 03:26:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0a9a5734939f60a97@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Location
https://tags.w55c.net/rs?sccid=d001ecde-732a-59fa-cac1-d908c288a3e4&scc=1&id=9b5e1b3ffa424a428fc2c4fa962c0476&t=homepage
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
clock
tracking.crazyegg.com/ 		38 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1715225176854&tk=458d9dd1b4213c9753cb132b2a66e3ca&s=101227&p=%2F&u=188823&v=bf709fd05c1379b7db1d80092ad5e25e2c721470&f=heks.ch&ul=https%3A%2F%2Fwww.heks.ch%2F
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.181.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-181-161.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e016d263d2dac94f3ba36cf9f5c058d67b29972fac7a4801ed7f4e3751c1575b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 03:26:17 GMT
cache-control
no-store
server
awselb/2.0
content-length
38
content-type
text/plain
dda53996456118190a640875fa0663b1.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/8823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 20:11:58 GMT
server
cloudflare
age
25608
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880e964ca93da00b-AMS
content-length
8015
132b9755-6d20-4833-bd0a-2c3cc9fc19ad
https://www.heks.ch/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.heks.ch/132b9755-6d20-4833-bd0a-2c3cc9fc19ad
Requested by
Host: www.heks.ch
URL: https://www.heks.ch/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49dd51efa6cf7deacbe8ffc88e4d1149f6a69a5d6da403ea5f97dda990a0fe00

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
bd3cf4fdad82d5b7119c9bb8c5d92327.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/bd3cf4fdad82d5b7119c9bb8c5d92327.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/8823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 20:11:55 GMT
server
cloudflare
age
25604
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880e964ce96aa00b-AMS
content-length
30761
analytics
consent.cookie-script.com/ 		47 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.cookie-script.com/analytics?action=firstshown&time=1715225177859&script=213371191b8fbd0ac8320b282d3e8bc2&category=
Requested by
Host: geo.cookie-script.com
URL: https://geo.cookie-script.com/s/213371191b8fbd0ac8320b282d3e8bc2.js?country=ch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.188.108.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
be55ca1f645e2d45e5c7f8888a2bb213208f0001b7c3e725d81db1b93709d8a6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 03:26:18 GMT
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA56-P7
x-amzn-trace-id
Root=1-663c425a-58f0834a41f9a31102086b9a;Parent=6a1986b5ca14d056;Sampled=0;lineage=a8669a4e:0
x-amzn-requestid
751c60c7-c9db-41e2-831a-efcb43ad28b9
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Xe9OIGxHDoEEUQg=
content-length
47
x-amz-cf-id
sQ2vjEC6LGFXf9UPInDY7LzWkGG5t0k1uJckw_5O9T-XZGV32fm_4g==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Open+Sans:400,600,700,800,400italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.heks.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
448821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 22:45:56 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1867071370&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.heks.ch%2F&ul=de-ch&de=UTF-8&dt=HEKS%20-%20Hilfswerk%20der%20Evangelisch-reformierten%20Kirche%20Schweiz%20%7C%20HEKS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie-Script&ea=firstshown&_u=aHAAAAABEAAAAAAAIk~&cid=1706294154.1715225177&tid=UA-55107579-1&_gid=1331245310.1715225177&gtm=45He4510n71KXX6G9v72105831za200&gcs=G100&gcd=13p3p3l3l5&dma=0&z=82958480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 08:37:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67728
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
www.heks.ch/themes/beaker/ 		34 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heks.ch/themes/beaker/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.191 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f77246bb7f18e17367a55c27ebe1eda8891148845e5497b5911dc7c50eaf4290
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.heks.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
3698, 0
date
Thu, 09 May 2024 03:26:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31557600
age
1362679
x-cache
HIT, HIT
x-lagoon
amazeeio-ch4>ingress-nginx>heks-ch-prod:nginx>nginx-779c89db6-lz4rl
content-length
5552
x-served-by
cache-fra-eddf8230031-FRA, cache-mxp6923-MXP
last-modified
Thu, 18 Apr 2024 14:38:08 GMT
x-timer
S1715225178.892299,VS0,VE1
etag
W/"66213050-86be"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=2628001
accept-ranges
bytes
expires
Thu, 23 May 2024 18:55:00 GMT

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| once object| _gsScope undefined| $ function| jQuery object| drupalTranslations object| drupalSettings object| Drupal object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| Dropkick function| ScrollMagic object| jQBrowser string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam string| breakpoint object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq string| visitorGlobalObjectAlias function| vgo object| SizmekDataLayer object| versaTagObj string| GoogleAnalyticsObject function| ga object| gaplugins string| prismGlobalObjectAlias object| visitorGlobalObject object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| CookieScript function| gtag boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| gaGlobal object| gaData string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API undefined| oneTagObj function| ebDecode object| bsResponseObj

20 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: __cf_bm
Value: LsA.f8EwoZYTEPkFg2kVH1Q1QsKFrrMBAWoiabu0pHI-1715225175-1.0.1.1-BgYuLdEkJmLVj1R4urbJrE7gnrYFqPuSvtj9z280bvUi.oIvcME45WO_QH.zYCz5j7xMuhhWV22KOQkEZgJ7Hg
.vimeo.com/ Name: _cfuvid
Value: JUleMJKPevpdHQI3Z6Fo81Of_8cEqBToPQKaruWoxBM-1715225175753-0.0.1.1-604800000
.youtube.com/ Name: YSC
Value: 2TgIJBmsTWQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bbONKsVUxXA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDSBIEGgAgXQ%3D%3D
.heks.ch/ Name: _fbp
Value: fb.1.1715225176234.1226510237
prism.app-us1.com/ Name: prism_223992243
Value: dbc69f5e-1943-4e17-9a97-ccfaea7949b3
.heks.ch/ Name: prism_223992243
Value: dbc69f5e-1943-4e17-9a97-ccfaea7949b3
.heks.ch/ Name: _ce.irv
Value: new
.heks.ch/ Name: cebs
Value: 1
bs.serving-sys.com/ Name: OT_1073745998
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 0065zNFQL02171990658383636014_
.serving-sys.com/ Name: OT2
Value: 10011e1uJP
.serving-sys.com/ Name: u2
Value: d2ea151c-cc22-4a77-af25-0e218dd8ab6e4Sc060
.heks.ch/ Name: _ce.clock_event
Value: 1
.w55c.net/ Name: wfivefivec
Value: xJcDgJac1S4Uqc2
.heks.ch/ Name: _ce.clock_data
Value: 30%2C149.88.27.82%2C1%2Ca16ddaab909d2cf27fce353f26dd2ff2
.heks.ch/ Name: cebsp_
Value: 1
.heks.ch/ Name: _ce.s
Value: v~bf709fd05c1379b7db1d80092ad5e25e2c721470~lcw~1715225177043~lva~1715225176767~vpv~0~v11.cs~101227~v11.s~e5612230-0db3-11ef-9aad-45a28466013e~lcw~1715225177044
.heks.ch/ Name: CookieScriptConsent
Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_user_data":"targeting","ad_personalization":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"bannershown":1}

12 Console Messages

Source Level URL
Text
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/790351474448510?v=2.9.156&r=stable&domain=www.heks.ch&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heks.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
bs.serving-sys.com
connect.facebook.net
consent.cookie-script.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
geo.cookie-script.com
heks.ch
pagestates-tracking.crazyegg.com
player.vimeo.com
prism.app-us1.com
region1.google-analytics.com
script.crazyegg.com
secure-ds.serving-sys.com
tags.w55c.net
trackcmp.net
tracking.crazyegg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.heks.ch
www.youtube.com
13.35.58.40
142.250.74.206
151.101.194.191
151.101.66.191
162.159.128.61
18.159.79.164
18.66.122.74
188.226.136.4
2.17.147.88
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2606:4700::6813:9308
2a00:1450:4001:802::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:82f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.70.27.63
63.32.181.161
65.108.188.9
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
08b62cc6bf9d5a29394c386e4b1cc4da4d11c7b66dbc5b0e95441a5beb28b551
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
119573f4f8f91a293a8999a49a658b0edc8afde1023fdfd9b893442936be6000
14415c8f6d52d70238548b6e1601acfcbb57dd0e63c2de51baa36e49d37a9856
16716e638640c27850e81737549d1b38569c424e2404b45255d400173b6839d4
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
2321d29475d47bd4d70a263c8f59d12ebad686e96aef5ac0a9e9e271ec0dcc47
2bb0e822209513e830dacfb02540442a0c1f008f8ad174327f1ccedb2105c815
2ef0180546fa6cc29274b9edd43f12827fa83fd8493668beb60e62955d8e362d
2f3d4ac7c31b82143209a17c75ea62a3126e3b189a90e0a3279126438365911e
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294
36977e5653d36f240fb7e530771f1611279a49e3bfd484d4a441a790e0ba10e9
3b3918f44ea554b575bf02331f6c8427ffbe1614ea1872204cb472601622bd71
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40f6feaa38b832f046e70ef07979a712a4803c293b526676fe17310d8bdf1f12
44fb691a421a158c8f53d1faeb5d08ff3f84c3eefd65f760189b32f38f11fc31
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49dd51efa6cf7deacbe8ffc88e4d1149f6a69a5d6da403ea5f97dda990a0fe00
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
51597b6113ccd163a135e47b409db57f29aca746227eb39600504bf2c233abf1
52d073528326b6ce9efaeee3c27fc36761b862d521e2eabe066587bb2294792e
58277ee2cc1a30f632952cc03eb73cb0acf0919f110d7632db542b3bff36feb9
58d5ee2f950c064284a12b26e7c1b74e9c2dc0c1b56e73a0332ec18da1d1abb3
6508040409363d74c081b39cca97e10af4e1447c9fd8d48911341201e6ecc841
6a52bfa2361406cc24ebfcd0b8ed78eda4d75a853acc1b2640e3c6e8c108fca4
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de
766842d48a788ff1052aa5b983789fb9ed039fd5df99725d6ddcc3a71987ca4e
7739220e2a6ef35a14e0bd20827464a6cdacd72cd1c730594cfdf0181d88a88c
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7b7bb198a09eef8987372e0bd5cc71c1f29e9243fe0b7bee03090d1ddf411e64
80df8173f92f99c54c4406a3c2a05606cfcbda7d888e1c2377d4aa367ef2fbde
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
9a9aa3abe92a59f612be75697d6512998c75779cfb87a922d1957d056d418b18
9c8a8de99ea4b31735bba5293d5c91332574786412dbbba5404f966e9742b1b0
a1a292f8f66301a4fca74a344157b485541ec9a168938240c905ee5f66561ff4
a3ccf1c18e201a189c2b6b32e504a7c1ca9170130cb102ad7e2c2913482a1da3
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09c879c6f31025c42569c55a41f8734742e51cc3bc1a57109b7f01f4cec111b
b6dd3d4b3def858fbe3b17d9c1396f31d784fdad1b16a594ac85b8ba4a062aea
bb9bba1598a9d47461daf6a57cbc89ec40d71d9f8ad14ce2cf678a3062ddb1fe
bcf78338b74ece694fc0863bbd0a856edaa68b3488176a87dccbee171e1bbd0e
be55ca1f645e2d45e5c7f8888a2bb213208f0001b7c3e725d81db1b93709d8a6
bf7dd9f71b4ad309eafb95eceb0866e2e0e11eb00b9f4ca538c0405f272fbee9
c14eb39a30ef29efabbb759c9dd962f8e5ec12bb33a9cd934870ab365d599b38
c443dbf6031bb78343d0bc46b1b1375e6311497b72ed843c89fedb018e5963b6
c75646f32ff1d295971df4ae848d8c8290fec750419663479c24762ada2e151e
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ce642f17c6d71d09d1fd1ec7dab720afe3f53af02a29fed63b26ecdc98c2bb59
d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c
dd63265ed07d13fa2b0422ae4b2324ba4a8ff29bf5460b90c09d7cdaa8bd568b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e016d263d2dac94f3ba36cf9f5c058d67b29972fac7a4801ed7f4e3751c1575b
e106bc27dd12e306ac25f71fb901e5ce3d16f9dfecd3229ea8b301e8384e4f56
e3344c0791be67bd2f0e9f51eb0d5224723db632a5bd9fcbb7d35788cfd58e16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83d33ac3d41f40ae2ca8a08d8d615cd1a35d3e5ec0eb0c1dc2cb57da3187bee
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd
f55d61eeeef1077624d9c57df9abeba3e31a2f68ebf43c2ad9e9e0597aadfb45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f638b006a6c70df163a8b4853d6c2ceca3114e16840f2249f6bbd3d95cf4305d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77246bb7f18e17367a55c27ebe1eda8891148845e5497b5911dc7c50eaf4290
fe171846cb184b4da5b487f25518bd927493222f4b4cf9e5255336d66b26fdf8