www.heidi.news Open in urlscan Pro
185.54.7.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heidi.news/
Effective URL:
https://www.heidi.news/
Submission: On March 17 via api (March 17th 2022, 3:55:31 pm UTC) from CH — Scanned from DE

Summary HTTP 53 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 53 HTTP transactions. The main IP is 185.54.7.127, located in Switzerland and belongs to SAFEHOSTNET Colocation center in Geneva, CH. The main domain is www.heidi.news.
TLS certificate: Issued by Gandi Standard SSL CA 2 on June 14th 2021. Valid for: a year.

This is the only time www.heidi.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	185.54.7.127 185.54.7.127	21217 (SAFEHOSTN...) (SAFEHOSTNET Colocation center in Geneva)
34	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	10

2 185.54.7.127 (Switzerland) 1 redirects

ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH)

www.heidi.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

heidi-17455.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.rorvswild.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

experience-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	kxcdn.com heidi-17455.kxcdn.com	2 MB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	107 KB
4	piano.io experience-eu.piano.io — Cisco Umbrella Rank: 64532 code.piano.io — Cisco Umbrella Rank: 48562 buy-eu.piano.io — Cisco Umbrella Rank: 65920 c2-eu.piano.io — Cisco Umbrella Rank: 66440	91 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769	133 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2441 p1.parsely.com — Cisco Umbrella Rank: 1953	26 KB
2	heidi.news 1 redirects www.heidi.news	24 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 727	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	72 KB
1	rorvswild.com cdn.rorvswild.com	1 KB
53	9

	Domain	Requested by
33	heidi-17455.kxcdn.com	www.heidi.news heidi-17455.kxcdn.com
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
2	platform.twitter.com	www.heidi.news platform.twitter.com
2	www.heidi.news	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	syndication.twitter.com	platform.twitter.com
1	c2-eu.piano.io	code.piano.io
1	buy-eu.piano.io	code.piano.io
1	p1.parsely.com	www.heidi.news
1	code.piano.io	experience-eu.piano.io
1	cdn.parsely.com	www.heidi.news
1	experience-eu.piano.io	www.heidi.news
1	www.googletagmanager.com	www.heidi.news
1	cdn.rorvswild.com	www.heidi.news
53	14

This site contains links to these domains. Also see Links.

Domain
shop.heidi.news
interactif.heidi.news
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
newsletters.heidi.news
newsletters.genevasolutions.news
www.tiktok.com
www.basesecrete.com

Subject Issuer	Validity	Valid
heidi.news Gandi Standard SSL CA 2	`2021-06-14` - `2022-06-14`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2021-08-28` - `2022-08-28`	a year	crt.sh
cdn.rorvswild.com R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.heidi.news/
Frame ID: ECC033BEE34252A6956592FDAB31BA5A
Requests: 51 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.heidi.news
Frame ID: 27FFB98A467D9A627FA8AC6E4A58262D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heidi.newsrss-feed

Page URL History Show full URLs

http://www.heidi.news/ HTTP 301
https://www.heidi.news/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

53
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

14
Subdomains

10
IPs

3
Countries

2025 kB
Transfer

3283 kB
Size

11
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.heidi.news/category/les-revues-des-explorations
Title: Les Revues

Search URL Search Domain Scan URL

URL: https://interactif.heidi.news/
Title: Climat

Search URL Search Domain Scan URL

URL: https://shop.heidi.news/category/bon-cadeau
Title: Bons cadeaux

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Heidi.news/

Search URL Search Domain Scan URL

URL: https://twitter.com/heidi_news

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/heidinews/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heidi.news/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfYpN94AT2g4_gyJb0G_AmA
Title: Les vidéos

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/le-point-du-jour
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/innovation-solutions
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/sciences-climat
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/sante-alimentation
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/apprendre-travailler
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/culture
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.heidi.news/heidimanche
Title: Archives

Search URL Search Domain Scan URL

URL: https://newsletters.genevasolutions.news/
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heidi.news
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.basesecrete.com/
Title: Base Secrète

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heidi.news/ HTTP 301
https://www.heidi.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heidi.news/
Redirect Chain

http://www.heidi.news/
https://www.heidi.news/

99 KB
23 KB

814ms
777ms

Document
text/html

185.54.7.127
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.54.7.127 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

Software

nginx / Phusion Passenger 6.0.6

Resource Hash

71d15a49b57edaaade63544984e13b23bfd0f206b6f389481480ee9e586bd034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Thu, 17 Mar 2022 15:55:25 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: dde9648d-8ab9-4de6-af39-63a4ef3dca6b
etag: W/"71d15a49b57edaaade63544984e13b23"
x-runtime: 0.758304
x-powered-by: Phusion Passenger 6.0.6
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 17 Mar 2022 15:55:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Status: 301 Moved Permanently
Location: https://www.heidi.news/
X-Powered-By: Phusion Passenger 6.0.6

GET
H2 200 roboto-v18-latin_latin-ext-regular-62ba3f2a4d94d0d51951f1c65936fdeb11861a3a4f591669fddaa0f1291f3d3d.woff2
heidi-17455.kxcdn.com/assets/ 21 KB
22 KB 35ms
10ms Font
application/octet-stream 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/roboto-v18-latin_latin-ext-regular-62ba3f2a4d94d0d51951f1c65936fdeb11861a3a4f591669fddaa0f1291f3d3d.woff2
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0

Request headers

Referer: https://www.heidi.news/
Origin: https://www.heidi.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-55a0"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/roboto-v18-latin_latin-ext-regular-62ba3f2a4d94d0d51951f1c65936fdeb11861a3a4f591669fddaa0f1291f3d3d.woff2>; rel="canonical"
content-length: 21920
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 roboto-v18-latin_latin-ext-700-c022f05c0f95c37e7aedc99906f4f59a091193f3485521b75e4a3cd7baed8a47.woff2
heidi-17455.kxcdn.com/assets/ 22 KB
22 KB 42ms
17ms Font
application/octet-stream 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/roboto-v18-latin_latin-ext-700-c022f05c0f95c37e7aedc99906f4f59a091193f3485521b75e4a3cd7baed8a47.woff2
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8

Request headers

Referer: https://www.heidi.news/
Origin: https://www.heidi.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-5664"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/roboto-v18-latin_latin-ext-700-c022f05c0f95c37e7aedc99906f4f59a091193f3485521b75e4a3cd7baed8a47.woff2>; rel="canonical"
content-length: 22116
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 roboto-slab-v7-latin_latin-ext-regular-5ab2dd79240d64836d5b284b5c13ac73db49b1f8f592567c64e6dd09476262af.woff2
heidi-17455.kxcdn.com/assets/ 25 KB
25 KB 47ms
22ms Font
application/octet-stream 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/roboto-slab-v7-latin_latin-ext-regular-5ab2dd79240d64836d5b284b5c13ac73db49b1f8f592567c64e6dd09476262af.woff2
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c522ad036c6de7f50af3215dffd3c5b7ca323c6ed43c43baa736a7554ef6bbec

Request headers

Referer: https://www.heidi.news/
Origin: https://www.heidi.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-62e8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/roboto-slab-v7-latin_latin-ext-regular-5ab2dd79240d64836d5b284b5c13ac73db49b1f8f592567c64e6dd09476262af.woff2>; rel="canonical"
content-length: 25320
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 roboto-slab-v7-latin_latin-ext-700-0e87051f64baa960de4e9f3daca27b8d2a44c899a03cfb861e70b4b1e6be6b48.woff2
heidi-17455.kxcdn.com/assets/ 25 KB
25 KB 48ms
23ms Font
application/octet-stream 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/roboto-slab-v7-latin_latin-ext-700-0e87051f64baa960de4e9f3daca27b8d2a44c899a03cfb861e70b4b1e6be6b48.woff2
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9c1369d1bb82f208798dec741ce7d920794cc4ce429493a96b88acf0810a0cfb

Request headers

Referer: https://www.heidi.news/
Origin: https://www.heidi.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-6384"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/roboto-slab-v7-latin_latin-ext-700-0e87051f64baa960de4e9f3daca27b8d2a44c899a03cfb861e70b4b1e6be6b48.woff2>; rel="canonical"
content-length: 25476
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 EuclidFlex-Medium-subset-968a213d14385f555a3c6f7c9bc83b1e1d3a8a4a21206551569ea5b196397ebf.woff2
heidi-17455.kxcdn.com/assets/ 24 KB
24 KB 48ms
23ms Font
application/octet-stream 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/EuclidFlex-Medium-subset-968a213d14385f555a3c6f7c9bc83b1e1d3a8a4a21206551569ea5b196397ebf.woff2
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1adc11f962e72cdd362dc663024e7b3d57cbf1d614097dc6995aa010c7313d87

Request headers

Referer: https://www.heidi.news/
Origin: https://www.heidi.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-5ec8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/EuclidFlex-Medium-subset-968a213d14385f555a3c6f7c9bc83b1e1d3a8a4a21206551569ea5b196397ebf.woff2>; rel="canonical"
content-length: 24264
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
heidi-17455.kxcdn.com/assets/ 138 KB
34 KB 34ms
10ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5a5ffd16f43df6dc287833ef0efbe58537e6fe52e91a21903a4baf07d33eecde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 10:15:28 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"6200f140-22846"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.heidi.news/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 profile-d6079c33e3493de7ae6aa10d04c1a11940af21c717518d2f90f9ae7462816049.svg
heidi-17455.kxcdn.com/assets/icons/ 711 B
1 KB 14ms
6ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/icons/profile-d6079c33e3493de7ae6aa10d04c1a11940af21c717518d2f90f9ae7462816049.svg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 97ab5b6e3e7aa79df75ec24c63663a942967245411928e9a2f6047f25845dbb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-2c7"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/icons/profile-d6079c33e3493de7ae6aa10d04c1a11940af21c717518d2f90f9ae7462816049.svg>; rel="canonical"
content-length: 711
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 small
heidi-17455.kxcdn.com/photos/10ddcc7e-b251-4d63-a13f-97f38b4ef8b1/ 45 KB
46 KB 14ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/10ddcc7e-b251-4d63-a13f-97f38b4ef8b1/small

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

8d9321c5104a8c6866bd086546abfd6ee7e525799e9742526d088baedd9c1958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="OleGunnarAustvik20210303 %283-1%29.jpeg"; filename*=UTF-8''OleGunnarAustvik20210303%20%283-1%29.jpeg
content-length: 46387
x-request-id: 582ece4e-70ce-4096-97b1-b1f1db29c6c1
x-runtime: 0.066246
server: keycdn-engine
etag: W/"8d9321c5104a8c6866bd086546abfd6e"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/10ddcc7e-b251-4d63-a13f-97f38b4ef8b1/small>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 base_garcon-f5efac44d731d8da327df6b46b1cac92327caecb2d9dacf3be9e713c6dc7315f.jpg
heidi-17455.kxcdn.com/assets/pictos/ 94 KB
94 KB 19ms
11ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/pictos/base_garcon-f5efac44d731d8da327df6b46b1cac92327caecb2d9dacf3be9e713c6dc7315f.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 017b6a3802f785782ec15a8c8683c829b18dba46cfa39923c58fce6fa280a6fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-17799"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/pictos/base_garcon-f5efac44d731d8da327df6b46b1cac92327caecb2d9dacf3be9e713c6dc7315f.jpg>; rel="canonical"
content-length: 96153
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 small
heidi-17455.kxcdn.com/photos/f76274eb-6434-4c59-9a29-b32c0c790eae/ 175 KB
176 KB 20ms
13ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/f76274eb-6434-4c59-9a29-b32c0c790eae/small

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

5b554b2f56bb938368d04f6dd3bc8cb45696ef5533279abd92f430ad241ef5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="Agne Cepinskyte.png"; filename*=UTF-8''Agne%20Cepinskyte.png
content-length: 179467
x-request-id: 362f0b37-fb5a-432a-92cb-aabc6eba3717
x-runtime: 0.095117
server: keycdn-engine
etag: W/"5b554b2f56bb938368d04f6dd3bc8cb4"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/f76274eb-6434-4c59-9a29-b32c0c790eae/small>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 small
heidi-17455.kxcdn.com/photos/b54d6207-4ab3-443d-bb95-932284f81cdf/ 163 KB
163 KB 20ms
13ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/b54d6207-4ab3-443d-bb95-932284f81cdf/small

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

78107d6b9a43be395942f00e7a14ae6e2c2408ce2394c4b61d43bd54c906d30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="Andre_LIEBICH.png"; filename*=UTF-8''Andr%C3%A9_LIEBICH.png
content-length: 166625
x-request-id: 1a0f72e4-5e88-4ed1-a391-8c1a84de938a
x-runtime: 0.160789
server: keycdn-engine
etag: W/"78107d6b9a43be395942f00e7a14ae6e"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/b54d6207-4ab3-443d-bb95-932284f81cdf/small>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 question-79f5fc757bff8663cce39b8253ac1eb0e0db3989169aff7acfcff113683dda54.svg
heidi-17455.kxcdn.com/assets/pictos/ 2 KB
1 KB 20ms
13ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/pictos/question-79f5fc757bff8663cce39b8253ac1eb0e0db3989169aff7acfcff113683dda54.svg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 394a3d0667e84cc1d3427dace577e771c28673b70b658d755f1bc1e2fa38d5ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"61549add-723"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.heidi.news/assets/pictos/question-79f5fc757bff8663cce39b8253ac1eb0e0db3989169aff7acfcff113683dda54.svg>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 point_du_jour-1f6b7d1bfe24c9c9c1a25ed36906d947a0c3247d60f5e4523d65277c3398e0ca.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 38 KB
38 KB 21ms
13ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/point_du_jour-1f6b7d1bfe24c9c9c1a25ed36906d947a0c3247d60f5e4523d65277c3398e0ca.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 73773b1f496e2488ca75825d51623292c54bacccdd6dfefeb45b4ba86fd27c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-96f7"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/point_du_jour-1f6b7d1bfe24c9c9c1a25ed36906d947a0c3247d60f5e4523d65277c3398e0ca.jpg>; rel="canonical"
content-length: 38647
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 point_innovation_solutions-f8b4b8d17cd2707858e7cf6d556b1edf2d4a8bb3ac486790bc79def32972607b.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 28 KB
29 KB 21ms
13ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/point_innovation_solutions-f8b4b8d17cd2707858e7cf6d556b1edf2d4a8bb3ac486790bc79def32972607b.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 91a60379e248daa9a90c3a3d6ddb35ef94b1d0812f75c37ff7eea70f1247879e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-711f"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/point_innovation_solutions-f8b4b8d17cd2707858e7cf6d556b1edf2d4a8bb3ac486790bc79def32972607b.jpg>; rel="canonical"
content-length: 28959
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 point_sciences_climat-cf39aed5a03d7b91088e117e2be26249cbb555380b832bfc4123b57f799e473f.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 28 KB
29 KB 21ms
14ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/point_sciences_climat-cf39aed5a03d7b91088e117e2be26249cbb555380b832bfc4123b57f799e473f.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7e9e345048aa2ff2c03c21c02a6bac2236698f28af49f428e49c33d28d5ff5cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-70e6"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/point_sciences_climat-cf39aed5a03d7b91088e117e2be26249cbb555380b832bfc4123b57f799e473f.jpg>; rel="canonical"
content-length: 28902
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 point_sante_alimentation-d8331c88f04be54c40d43f05f1b77240fa6ad7354da8a67bd971ad0a57be6605.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 31 KB
31 KB 21ms
14ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/point_sante_alimentation-d8331c88f04be54c40d43f05f1b77240fa6ad7354da8a67bd971ad0a57be6605.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8b28384c634991ba970ec55f745e380edc1c7e1ba1cb228ee0ddf6e22e824a41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-7c75"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/point_sante_alimentation-d8331c88f04be54c40d43f05f1b77240fa6ad7354da8a67bd971ad0a57be6605.jpg>; rel="canonical"
content-length: 31861
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 point_apprendre_travailler-a6d81425a47bd22fbd34b7d8dfb2595dc0b7d929f5099f9257db1f4278800f32.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 30 KB
30 KB 21ms
14ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/point_apprendre_travailler-a6d81425a47bd22fbd34b7d8dfb2595dc0b7d929f5099f9257db1f4278800f32.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0519bf027255aeea72bea501dc2994d040c030882eeabdd91a49ad6f0719047b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-7619"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/point_apprendre_travailler-a6d81425a47bd22fbd34b7d8dfb2595dc0b7d929f5099f9257db1f4278800f32.jpg>; rel="canonical"
content-length: 30233
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 point_culture-27d8cbb06f97a90930bd06fc994f9927a2fdbccaea25c5b2333d83274dfff19f.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 40 KB
41 KB 22ms
14ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/point_culture-27d8cbb06f97a90930bd06fc994f9927a2fdbccaea25c5b2333d83274dfff19f.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b339b78409f07a2c60900bd9ce65bab7f3a5aaebf16a9620fc8a343f888e29f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Mon, 28 Feb 2022 11:14:38 GMT
server: keycdn-engine
x-edge-location: defr
etag: "621cae9e-a1be"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/point_culture-27d8cbb06f97a90930bd06fc994f9927a2fdbccaea25c5b2333d83274dfff19f.jpg>; rel="canonical"
content-length: 41406
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 heidimanche-e9265e757150c5f7d7f96819425c31b4f6a5ae7f8f462ef06eb29866ad47ac93.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 29 KB
29 KB 22ms
15ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/heidimanche-e9265e757150c5f7d7f96819425c31b4f6a5ae7f8f462ef06eb29866ad47ac93.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: de40049185eb9e84fec9235184911725235ea5479a8abea30fa3f52257838b73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-720d"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/heidimanche-e9265e757150c5f7d7f96819425c31b4f6a5ae7f8f462ef06eb29866ad47ac93.jpg>; rel="canonical"
content-length: 29197
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 evenements_et_offres-5536ce42cf282b1a49cd98606168637f7af34cc426670245060c001952efdc03.jpg
heidi-17455.kxcdn.com/assets/newsletters/ 15 KB
15 KB 22ms
15ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/newsletters/evenements_et_offres-5536ce42cf282b1a49cd98606168637f7af34cc426670245060c001952efdc03.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2cd07c87590385423e7bc72f5c425b0a996710670bbce6e3516f93a28f70213e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-3b30"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/newsletters/evenements_et_offres-5536ce42cf282b1a49cd98606168637f7af34cc426670245060c001952efdc03.jpg>; rel="canonical"
content-length: 15152
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 daily_brief_gs-700cd15252d117cded74258e627cd4daad046b49981025a7a2b2c0f38c0e5dc8.jpg
heidi-17455.kxcdn.com/assets/home/ 31 KB
31 KB 22ms
15ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/home/daily_brief_gs-700cd15252d117cded74258e627cd4daad046b49981025a7a2b2c0f38c0e5dc8.jpg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 57f461975ac13f0b27bd093a113bab2e436c8cfcb45dab710e4247db4786137b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-7a1d"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/home/daily_brief_gs-700cd15252d117cded74258e627cd4daad046b49981025a7a2b2c0f38c0e5dc8.jpg>; rel="canonical"
content-length: 31261
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 logo-heidi-dad920de31dd2b0500470eb55a87fc57fb700a9ef497723f145f6c9129c01694.svg
heidi-17455.kxcdn.com/assets/ 753 B
1 KB 22ms
15ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/logo-heidi-dad920de31dd2b0500470eb55a87fc57fb700a9ef497723f145f6c9129c01694.svg
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 3c0530efbe342f9f964d2c5b2f4030f559d695d07102bde1e6b020133f848c29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-2f1"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/logo-heidi-dad920de31dd2b0500470eb55a87fc57fb700a9ef497723f145f6c9129c01694.svg>; rel="canonical"
content-length: 753
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 application-83974a624558f19130c9465fcb8bae3d4d317b3843778aa306b30b01e1a97d55.js Show response
heidi-17455.kxcdn.com/assets/ 32 KB
11 KB 13ms
5ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/application-83974a624558f19130c9465fcb8bae3d4d317b3843778aa306b30b01e1a97d55.js
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ad7968fcd3112a4742ea8a2d4d9e39d8c2a4abbcf7daca0b7c30381a701ab5a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:14:24 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"615d68f0-80b8"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.heidi.news/assets/application-83974a624558f19130c9465fcb8bae3d4d317b3843778aa306b30b01e1a97d55.js>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 agent.js Show response
cdn.rorvswild.com/ 3 KB
1 KB 30ms
6ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rorvswild.com/agent.js
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: d48ab86277866930b1b76363de0f1fe31425e243b93745cd2f95d50009e6093a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 05:57:24 GMT
server: keycdn-engine
x-edge-location: defr
etag: "c2b-5da63b43bf900-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.rorvswild.com/agent.js>; rel="canonical"
content-length: 1142
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 150ms
37ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:55:25 GMT
Content-Encoding: gzip
Age: 214
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CE7)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
72 KB 50ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5c26d9b6f7f42156ccc48fae603f8fa88bf80292edadcb696ba1106b0a1e304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73180
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:55:25 GMT

GET
H2 200 load Show response
experience-eu.piano.io/xbuilder/experience/ 4 KB
2 KB 68ms
41ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience-eu.piano.io/xbuilder/experience/load?aid=9T0ty974pe

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457853b008f0c75d683cddeb910230d0b4b99cd97a542fbaf5c4846200f6cc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
age: 1375
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1232
x-request-id: C66bw8rB2gP
pragma
wn: prod-euc1-dash-10-4-146-210
last-modified: Thu, 17 Mar 2022 15:32:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
server-time: 0.007
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6ed6e9ab7cf623df-ZRH
expires: Thu, 17 Mar 2022 16:25:25 GMT

GET
H2 200 heidi__right-arrow--black-e1a1b70f973378fadaf6dd2791b986d558ae7d308b194823e0d5d142a136907e.svg
heidi-17455.kxcdn.com/assets/icons/ 616 B
978 B 21ms
21ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/icons/heidi__right-arrow--black-e1a1b70f973378fadaf6dd2791b986d558ae7d308b194823e0d5d142a136907e.svg
Requested by: Host: heidi-17455.kxcdn.com
URL: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c0ec19a62fd0d8723e74b8b3b61aeaa2394175a6255787fc085454f919f86270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-268"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/icons/heidi__right-arrow--black-e1a1b70f973378fadaf6dd2791b986d558ae7d308b194823e0d5d142a136907e.svg>; rel="canonical"
content-length: 616
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 heidi__right-arrow--red-62d3326651df024152db9e79df43cf681c5c8208974a57b466f308a118504987.svg
heidi-17455.kxcdn.com/assets/icons/ 789 B
1 KB 30ms
29ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/icons/heidi__right-arrow--red-62d3326651df024152db9e79df43cf681c5c8208974a57b466f308a118504987.svg
Requested by: Host: heidi-17455.kxcdn.com
URL: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1a67a02f4dbab8f75aa63b9cfab1b68d46d59b98c3eda2a02ece2a55ec3a9314

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-315"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/icons/heidi__right-arrow--red-62d3326651df024152db9e79df43cf681c5c8208974a57b466f308a118504987.svg>; rel="canonical"
content-length: 789
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 heidi__right-arrow--white-8887478cb22696c9916c11757e30081cd728900d489ba6c6ba639c5636236945.svg
heidi-17455.kxcdn.com/assets/icons/ 789 B
1 KB 29ms
29ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heidi-17455.kxcdn.com/assets/icons/heidi__right-arrow--white-8887478cb22696c9916c11757e30081cd728900d489ba6c6ba639c5636236945.svg
Requested by: Host: heidi-17455.kxcdn.com
URL: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9e512d96fce90c44f39d2be2a4eac6da281eb02fbf8ac40778e280d47f23a528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-315"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/icons/heidi__right-arrow--white-8887478cb22696c9916c11757e30081cd728900d489ba6c6ba639c5636236945.svg>; rel="canonical"
content-length: 789
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 SangBleuKingdom-Regular-subset-31064e26927612bb49d0589c7a7db7b16d81c2f25cde927d32ec946e0cdd12fa.woff2
heidi-17455.kxcdn.com/assets/ 14 KB
14 KB 29ms
29ms Font
application/octet-stream 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://heidi-17455.kxcdn.com/assets/SangBleuKingdom-Regular-subset-31064e26927612bb49d0589c7a7db7b16d81c2f25cde927d32ec946e0cdd12fa.woff2
Requested by: Host: heidi-17455.kxcdn.com
URL: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 60827ed277197a683bace869b702a242eb317923bfc3fccc8d9df32679f07a87

Request headers

Referer: https://heidi-17455.kxcdn.com/assets/heidi-fa1b00440718d42308e592dab541c3f0f2dfbd0ffafa6a981e9952774eba6147.css
Origin: https://www.heidi.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
last-modified: Wed, 29 Sep 2021 16:57:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "61549add-37b4"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/assets/SangBleuKingdom-Regular-subset-31064e26927612bb49d0589c7a7db7b16d81c2f25cde927d32ec946e0cdd12fa.woff2>; rel="canonical"
content-length: 14260
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/heidi.news/ 71 KB
25 KB 22ms
6ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/heidi.news/p.js
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 691a5064b609248671ba348e35ba0b9c868e2be039e6d90ffdecdab0a9ca2605

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Thu, 17 Mar 2022 03:54:16 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 21:48:54 GMT
server: nginx
age: 44858
etag: W/"616f3d46-11d9b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: oMOnp_MfzxtCd_gNSEvFxTIrknYtVfQ_lemyeSi0xLxBFPXqrlIJvg==
expires: Fri, 18 Mar 2022 03:27:47 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/ 8 KB
3 KB 52ms
23ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b3ee141bbb1e2041e91ac1253b5a5a899e2c5be61678efdaca57abd938ac5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: od0FlS6eGqT6IvVWJJrNzQ==
age: 12507
vary: Accept-Encoding
content-length: 2229
x-ms-lease-status: unlocked
last-modified: Mon, 20 Sep 2021 14:23:45 GMT
server: cloudflare
etag: 0x8D97C42413F6FDD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1dbd40b4-201e-016c-5315-b63560000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6e9ac4eb601df-ZRH
expires: Thu, 17 Mar 2022 19:55:25 GMT

GET
H2 200 medium
heidi-17455.kxcdn.com/photos/4706f867-d3c3-4e60-bacd-c99016b359c3/ 131 KB
131 KB 9ms
8ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/4706f867-d3c3-4e60-bacd-c99016b359c3/medium

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

3f78b0b57e46ba107e8a8a0a6d179e16beb7b477e6686106c93a26b09bf7c525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="363415105_highres.jpg"; filename*=UTF-8''363415105_highres.jpg
content-length: 133902
x-request-id: 217f9f44-1e54-44f8-9a3f-3d398e5985ff
x-runtime: 0.095499
server: keycdn-engine
etag: W/"3f78b0b57e46ba107e8a8a0a6d179e16"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/4706f867-d3c3-4e60-bacd-c99016b359c3/medium>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 medium
heidi-17455.kxcdn.com/photos/a9cd6731-c48f-416b-b30e-1555958ea629/ 123 KB
124 KB 10ms
10ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/a9cd6731-c48f-416b-b30e-1555958ea629/medium

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

671a6823ed36819deec0f5b902032e9f24aa30632a8abb8553a6ca83e15a4965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="511696385_highres.jpg"; filename*=UTF-8''511696385_highres.jpg
content-length: 125964
x-request-id: 80d8501a-607e-4b35-99af-e52e73eb5f1e
x-runtime: 0.131915
server: keycdn-engine
etag: W/"671a6823ed36819deec0f5b902032e9f"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/a9cd6731-c48f-416b-b30e-1555958ea629/medium>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 medium
heidi-17455.kxcdn.com/photos/e2583057-6947-4218-aa89-ca8f841e5a89/ 88 KB
88 KB 17ms
17ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/e2583057-6947-4218-aa89-ca8f841e5a89/medium

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

858d12b7a952ff70a72036ddaa628d4484d54911ecea18f8455b50f0197dbeae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="Berne.jpg"; filename*=UTF-8''Berne.jpg
content-length: 89874
x-request-id: 2b427d68-0765-4519-96f2-5789b79f92d3
x-runtime: 0.078602
server: keycdn-engine
etag: W/"858d12b7a952ff70a72036ddaa628d44"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/e2583057-6947-4218-aa89-ca8f841e5a89/medium>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 medium
heidi-17455.kxcdn.com/photos/5a6b63be-63a5-4dc4-af57-5e0f2200d857/ 142 KB
143 KB 18ms
18ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/5a6b63be-63a5-4dc4-af57-5e0f2200d857/medium

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

a0bee9d08e47a7cf59c3874c5fcd047d7b1d0cc0c30fbdde860083821ab08b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="512044850_highres.jpg"; filename*=UTF-8''512044850_highres.jpg
content-length: 145521
x-request-id: 7d2dfba4-9136-4278-b60a-cf1553e0a303
x-runtime: 0.136053
server: keycdn-engine
etag: W/"a0bee9d08e47a7cf59c3874c5fcd047d"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/5a6b63be-63a5-4dc4-af57-5e0f2200d857/medium>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 medium
heidi-17455.kxcdn.com/photos/0b9efe4c-fe36-4b94-971a-8c6fa863b534/ 72 KB
73 KB 24ms
24ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/0b9efe4c-fe36-4b94-971a-8c6fa863b534/medium

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

bd9b1285c7124e82a37023075746afb46ba2f2fc9a1a41a853e9fbd7b1385ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="511255580_highres.jpg"; filename*=UTF-8''511255580_highres.jpg
content-length: 73666
x-request-id: 2d980cc2-f7e3-40af-80ca-92584fd536fa
x-runtime: 0.141385
server: keycdn-engine
etag: W/"bd9b1285c7124e82a37023075746afb4"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/0b9efe4c-fe36-4b94-971a-8c6fa863b534/medium>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 medium
heidi-17455.kxcdn.com/photos/e5c9889b-3b21-4d8b-ba64-9b4b955bd8e4/ 75 KB
75 KB 25ms
25ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heidi-17455.kxcdn.com/photos/e5c9889b-3b21-4d8b-ba64-9b4b955bd8e4/medium

Requested by

Host: www.heidi.news
URL: https://www.heidi.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Phusion Passenger 6.0.6

Resource Hash

8963cad991b5c8d298073bc7caef9f3f3fe8f7443796876c1406699673af5181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
x-edge-location: defr
x-powered-by: Phusion Passenger 6.0.6
x-cache: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="457417027_highres.jpg"; filename*=UTF-8''457417027_highres.jpg
content-length: 76644
x-request-id: f2f0f5e7-5bd6-445e-ae3d-1b53ba911af5
x-runtime: 0.151422
server: keycdn-engine
etag: W/"8963cad991b5c8d298073bc7caef9f3f"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.heidi.news/photos/e5c9889b-3b21-4d8b-ba64-9b4b955bd8e4/medium>; rel="canonical"
expires: Thu, 24 Mar 2022 15:55:25 GMT

GET
H2 200 tinypass.min.js Show response
code.piano.io/api/ 275 KB
81 KB 47ms
44ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.piano.io/api/tinypass.min.js

Requested by

Host: experience-eu.piano.io
URL: https://experience-eu.piano.io/xbuilder/experience/load?aid=9T0ty974pe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 8616
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 96GJNK41XHWJ1Y49
x-amz-id-2: QI5ywTJWbBSpfeDHzFSvnuJm8H4MOD0DridEKga3P3kVvMLIuYorZMQfsvPDp3Wc7pmfCo/biyQ=
last-modified: Mon, 28 Feb 2022 15:07:54 GMT
server: cloudflare
etag: W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6ed6e9ac4e5023df-ZRH
expires: Thu, 17 Mar 2022 19:55:25 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 27FF 319 KB
104 KB 37ms
37ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.heidi.news
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 84430
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Mar 2022 15:55:25 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE6)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 470ms
97ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1647532525651&plid=95379999&idsite=heidi.news&url=https%3A%2F%2Fwww.heidi.news%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.heidi.news%2F&sref=&sts=1647532525645&slts=0&title=Heidi.news&date=Thu+Mar+17+2022+15%3A55%3A25+GMT%2B0000+(GMT)&action=pageview&pvid=3807209&u=pid%3D3189409d9c495f6144a842fb4448f0dc
Requested by: Host: www.heidi.news
URL: https://www.heidi.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:55:25 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 17-Mar-2022 15:55:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tIKwvumWYF6u8xFeFGeRKQ==
age: 8329
vary: Accept-Encoding
content-length: 6486
x-ms-lease-status: unlocked
last-modified: Thu, 17 Mar 2022 02:31:50 GMT
server: cloudflare
etag: 0x8DA07BE4A6E172A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fab7ca03-901e-0175-5fc0-391908000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6e9accf6e01df-ZRH

GET
H2 200 get.js Show response
buy-eu.piano.io/api/v3/anon/captcha/ 153 B
271 B 32ms
31ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-eu.piano.io/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=9T0ty974pe

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4f8085b18d38d20ebfa85b919349a04b6916a306a9baccb8bef8c974dee2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 44
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C57cw8rnTYK
pragma
wn: prod-euc1-dash-10-4-145-212
last-modified: Thu, 17 Mar 2022 15:54:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.005
cache-control: public, max-age=14400
cf-ray: 6ed6e9acff8923df-ZRH
expires: Thu, 17 Mar 2022 19:55:25 GMT

POST
H2 200 execute Show response
c2-eu.piano.io/xbuilder/experience/ 98 KB
8 KB 58ms
58ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-eu.piano.io/xbuilder/experience/execute?aid=9T0ty974pe

Requested by

Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbec87198be3eaf6c282099d9278c80ef19f0146d09b2bc8028f2a3f4f52b3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.heidi.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: jtv3wv5gsd
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.heidi.news
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6ed6e9ad1fbe23df-ZRH

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 27FF 293 B
469 B 190ms
174ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4c9e29128e809e3ef6c77efd66a17291c18458f8

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.heidi.news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 167
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 15:55:25 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2f30c560f93caf1dbfde234bb5f8b21df97ef74181b307848425b4b9736111cd
content-length: 186

GET
H2 200 0d6ed0a9-102b-46c0-82d3-8a2a24889cb1.json Show response
cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/ 3 KB
2 KB 50ms
25ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96730b2e1dd99cb94dc9a10f420568038573c6e2cc0ff2aae668e452dc844cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pNo0Y0dX0ucgP0CGXRUfzw==
age: 12928
vary: Accept-Encoding
content-length: 1261
x-ms-lease-status: unlocked
last-modified: Mon, 20 Sep 2021 14:23:45 GMT
server: cloudflare
etag: 0x8D97C424131FFE7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5ba97045-e01e-00df-7715-b689b2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6e9ad6b7acc3e-ZRH
expires: Thu, 17 Mar 2022 19:55:25 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 137ms
32ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.heidi.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ed6e9ae3874020d-ZRH
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.23.0/ 312 KB
75 KB 20ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: joMckLq8BtEunD8NH/4XVA==
age: 12930470
vary: Accept-Encoding
content-length: 76366
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:58 GMT
server: cloudflare
etag: 0x8D96DBF6CBEE741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8f46d419-301e-00f4-6b6c-c4fd0a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6e9ae7a5301df-ZRH

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/8e3934ad-5d13-4a58-b3bb-5f522a0fe4df/ 53 KB
13 KB 42ms
42ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/8e3934ad-5d13-4a58-b3bb-5f522a0fe4df/fr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c29c82a6e5d21f56ba8f0d58bd6d5e742234d4d6ade6aff77ecb1d6f5c7c261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6WTQ6oOb3+Bqq1sDwAb0fQ==
age: 12928
vary: Accept-Encoding
content-length: 13291
x-ms-lease-status: unlocked
last-modified: Mon, 20 Sep 2021 14:23:47 GMT
server: cloudflare
etag: 0x8D97C4242A7F3EB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: de2068a2-f01e-0121-7915-b6f382000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6e9aebe08cc3e-ZRH
expires: Thu, 17 Mar 2022 19:55:25 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 13 KB
3 KB 27ms
26ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: r7t3xbAZ3QK/7lQuu5X7ww==
age: 12930406
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:51 GMT
server: cloudflare
etag: 0x8D96DBF68EC8D5B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e8fb9d8e-801e-0008-3c6c-c4c395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ed6e9af3ea6cc3e-ZRH

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 20 KB
4 KB 25ms
25ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heidi.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Mar 2022 15:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 12930406
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:12:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ce79472f-801e-00c4-556c-c4a720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6ed6e9af3ea7cc3e-ZRH

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heidi.news/	1969-12-31 23:59:59	Name: SRVGROUP Value: common
www.heidi.news/	1969-12-31 23:59:59	Name: _heidi_session Value: qoew26E5PBS6qkrDOMd80CTPv9aeX%2FuCagwnFxg773Z3Zw72ELAbOYkXh4oaZTZLq12VOJv%2Fs6ke%2B%2F1Q2w0Ahs1cfDHFZhoz1OZPtsnB%2BJLVqA8iEP4Lg%2Bkk40c%2B1XtORqfRpwZqGcfIrxoozPs%3D--0LeBLsxzWZP5%2FSuu--jgNGTrztQ7x%2FQoGAoEchHA%3D%3D
.piano.io/	1970-01-20 01:38:54	Name: __cf_bm Value: i.98yE4nPVno0b707vdH0Wyaxhv95ejge5inpDNASTo-1647532525-0-AbMnWJ7BshiHbU8g+cA1hY8i5dDXuTyyrVzo4mTOlB9Qe7hlw3hn0R6C3hBialREdVyN6WwZ/VyG9vr86tSNklA=
.heidi.news/	1970-01-20 03:48:28	Name: _gcl_au Value: 1.1.2072485785.1647532526
.heidi.news/	1970-01-20 01:38:54	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.heidi.news/%22%2C%22sref%22:%22%22%2C%22sts%22:1647532525645%2C%22slts%22:0}
.heidi.news/	1970-01-20 11:08:16	Name: _parsely_visitor Value: {%22id%22:%22pid=3189409d9c495f6144a842fb4448f0dc%22%2C%22session_count%22:1%2C%22last_session_ts%22:1647532525645}
.heidi.news/	1970-01-20 19:10:04	Name: __tbc Value: %7Bkpex%7DBuVre5-Mf7rfLHvEu2Ywi80qCMZM5MGXibKYs3Cn7nhLgU1Goap0Mi3zHEwOe8Ny6oob3X1yPhgVwbArwP4STakxVE5cAdlWdqmccHlwhjY
.heidi.news/	1970-01-20 02:22:04	Name: __pat Value: 3600000
.heidi.news/	1970-01-20 01:40:18	Name: __pvi Value: %7B%22id%22%3A%22v-2022-03-17-15-55-25-725-46QMEZm5TaMyvJfp-cd6419864d2f6aa811ca726a07fc0693%22%2C%22domain%22%3A%22.heidi.news%22%2C%22time%22%3A1647532525806%7D
.heidi.news/	1970-01-20 19:10:04	Name: xbc Value: %7Bkpex%7DOxA7M1reBArKs2RbCgaZ83zzUm2pKAFHlFizI0FU8249-pUQhKz9upyTTjE5thF_3Yd1ziZZ3W8hu-VX5bHeZY4s4yF4ghE_x7WhcyzchlDZUib0xSVC2za1_GUWg2kgtQHG4kHvqbxkXp4d73V9jdv8svyUTCWpYLbTy4k7m8nolDlxHG2cBhQwXzjGHtubzwSB4lq78HWZLs18e8djfiOXV3DJ2uphOwuzucNFOF-BYKDw-9HzKEnvgjHz6DQRsucS2py02-ebMYfXwLg2bkJ_GfNkIDh5BTfg_-tldKaBO1yKTkhbECxnZtuqFfd0p2AtHW9gPaoBcnyI_4g5fzLUNiVGfgctrHnd674hgdaUuFb4FYEY12Do_XWDc_AjeCuAA5ttZFxgWhYm22tKYLDbbSo8NURluawF1wwlKXCM-9BWfDqsejrfAfsp9sOvwtkfi07psXN95iy-nbCyjgQlHC55EP4U7yJpEyGnzhnVnIWj2Sdv2ayRtnOswA4p
.heidi.news/	1970-01-20 10:24:28	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Mar+17+2022+15%3A55%3A26+GMT%2B0000+(GMT)&version=6.23.0&isIABGlobal=false&hosts=&consentId=7686fdea-c82f-4d1e-9cf5-ee383cbe5e83&interactionCount=0&landingPath=https%3A%2F%2Fwww.heidi.news%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buy-eu.piano.io
c2-eu.piano.io
cdn.cookielaw.org
cdn.parsely.com
cdn.rorvswild.com
code.piano.io
experience-eu.piano.io
geolocation.onetrust.com
heidi-17455.kxcdn.com
p1.parsely.com
platform.twitter.com
syndication.twitter.com
www.googletagmanager.com
www.heidi.news
104.244.42.8
18.66.100.58
185.54.7.127
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:b944
2606:4700::6810:9440
2606:4700::6810:f015
2a00:1450:4001:813::2008
2a0b:4d07:101::1
54.144.144.142
017b6a3802f785782ec15a8c8683c829b18dba46cfa39923c58fce6fa280a6fb
04b3ee141bbb1e2041e91ac1253b5a5a899e2c5be61678efdaca57abd938ac5e
0519bf027255aeea72bea501dc2994d040c030882eeabdd91a49ad6f0719047b
1a67a02f4dbab8f75aa63b9cfab1b68d46d59b98c3eda2a02ece2a55ec3a9314
1adc11f962e72cdd362dc663024e7b3d57cbf1d614097dc6995aa010c7313d87
1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8
2cd07c87590385423e7bc72f5c425b0a996710670bbce6e3516f93a28f70213e
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
394a3d0667e84cc1d3427dace577e771c28673b70b658d755f1bc1e2fa38d5ed
3c0530efbe342f9f964d2c5b2f4030f559d695d07102bde1e6b020133f848c29
3f78b0b57e46ba107e8a8a0a6d179e16beb7b477e6686106c93a26b09bf7c525
457853b008f0c75d683cddeb910230d0b4b99cd97a542fbaf5c4846200f6cc44
4c29c82a6e5d21f56ba8f0d58bd6d5e742234d4d6ade6aff77ecb1d6f5c7c261
57f461975ac13f0b27bd093a113bab2e436c8cfcb45dab710e4247db4786137b
5a5ffd16f43df6dc287833ef0efbe58537e6fe52e91a21903a4baf07d33eecde
5b554b2f56bb938368d04f6dd3bc8cb45696ef5533279abd92f430ad241ef5ee
60827ed277197a683bace869b702a242eb317923bfc3fccc8d9df32679f07a87
671a6823ed36819deec0f5b902032e9f24aa30632a8abb8553a6ca83e15a4965
691a5064b609248671ba348e35ba0b9c868e2be039e6d90ffdecdab0a9ca2605
71d15a49b57edaaade63544984e13b23bfd0f206b6f389481480ee9e586bd034
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
73773b1f496e2488ca75825d51623292c54bacccdd6dfefeb45b4ba86fd27c55
78107d6b9a43be395942f00e7a14ae6e2c2408ce2394c4b61d43bd54c906d30b
7e9e345048aa2ff2c03c21c02a6bac2236698f28af49f428e49c33d28d5ff5cd
858d12b7a952ff70a72036ddaa628d4484d54911ecea18f8455b50f0197dbeae
8963cad991b5c8d298073bc7caef9f3f3fe8f7443796876c1406699673af5181
8b28384c634991ba970ec55f745e380edc1c7e1ba1cb228ee0ddf6e22e824a41
8d9321c5104a8c6866bd086546abfd6ee7e525799e9742526d088baedd9c1958
91a60379e248daa9a90c3a3d6ddb35ef94b1d0812f75c37ff7eea70f1247879e
96730b2e1dd99cb94dc9a10f420568038573c6e2cc0ff2aae668e452dc844cff
97ab5b6e3e7aa79df75ec24c63663a942967245411928e9a2f6047f25845dbb4
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
9c1369d1bb82f208798dec741ce7d920794cc4ce429493a96b88acf0810a0cfb
9e4f8085b18d38d20ebfa85b919349a04b6916a306a9baccb8bef8c974dee2f5
9e512d96fce90c44f39d2be2a4eac6da281eb02fbf8ac40778e280d47f23a528
a0bee9d08e47a7cf59c3874c5fcd047d7b1d0cc0c30fbdde860083821ab08b53
ad7968fcd3112a4742ea8a2d4d9e39d8c2a4abbcf7daca0b7c30381a701ab5a5
b339b78409f07a2c60900bd9ce65bab7f3a5aaebf16a9620fc8a343f888e29f4
b5c26d9b6f7f42156ccc48fae603f8fa88bf80292edadcb696ba1106b0a1e304
bd9b1285c7124e82a37023075746afb46ba2f2fc9a1a41a853e9fbd7b1385ff1
c0ec19a62fd0d8723e74b8b3b61aeaa2394175a6255787fc085454f919f86270
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
c522ad036c6de7f50af3215dffd3c5b7ca323c6ed43c43baa736a7554ef6bbec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d48ab86277866930b1b76363de0f1fe31425e243b93745cd2f95d50009e6093a
dbec87198be3eaf6c282099d9278c80ef19f0146d09b2bc8028f2a3f4f52b3ce
de40049185eb9e84fec9235184911725235ea5479a8abea30fa3f52257838b73
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94
f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

www.heidi.news Open in urlscan Pro 185.54.7.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

60 %IPv6

9 Domains

14 Subdomains

10 IPs

3 Countries

2025 kBTransfer

3283 kBSize

11 Cookies

18 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heidi.news Open in urlscan Pro
185.54.7.127 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

14
Subdomains

10
IPs

3
Countries

2025 kB
Transfer

3283 kB
Size

11
Cookies

53 HTTP transactions
0 data transactions