urlscan.io logo urlscan.io
SecurityTrails logo

www.heidi.news Open in urlscan Pro
185.54.7.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heidi.news/
Effective URL: https://www.heidi.news/
Submission: On June 21 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 48 HTTP transactions. The main IP is 185.54.7.127, located in Switzerland and belongs to SAFEHOSTNET Colocation center in Geneva, CH. The main domain is www.heidi.news.
TLS certificate: Issued by Gandi Standard SSL CA 2 on May 30th 2022. Valid for: a year.
This is the only time www.heidi.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.54.7.127 21217 (SAFEHOSTN...)
26 2a0b:4d07:102::1 44239 (PROINITY ...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:234... 15133 (EDGECAST)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.226.0.39 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 63.34.81.234 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
48 13
2    185.54.7.127 (Switzerland)

ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH)
www.heidi.news
26    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
heidi-17455.kxcdn.com
cdn.rorvswild.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
experience-eu.piano.io
code.piano.io
buy-eu.piano.io
c2-eu.piano.io
1    13.226.0.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-0-39.tlv50.r.cloudfront.net
cdn.parsely.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4016:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
25 kxcdn.com
heidi-17455.kxcdn.com
812 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 489
107 KB
4 piano.io
experience-eu.piano.io — Cisco Umbrella Rank: 63958
code.piano.io — Cisco Umbrella Rank: 50219
buy-eu.piano.io — Cisco Umbrella Rank: 56168
c2-eu.piano.io — Cisco Umbrella Rank: 58407
100 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2686
p1.parsely.com — Cisco Umbrella Rank: 2034
26 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
145 KB
2 heidi.news
www.heidi.news
24 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 818
457 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5111
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
347 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 15715
338 B
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 705
29 KB
1 rorvswild.com
cdn.rorvswild.com
1 KB
48 12
Domain Requested by
25 heidi-17455.kxcdn.com www.heidi.news
7 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
2 www.googletagmanager.com www.heidi.news
www.googletagmanager.com
2 www.heidi.news 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
1 p1.parsely.com www.heidi.news
1 c2-eu.piano.io code.piano.io
1 buy-eu.piano.io code.piano.io
1 code.piano.io experience-eu.piano.io
1 www.google.de www.heidi.news
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.parsely.com www.heidi.news
1 experience-eu.piano.io www.heidi.news
1 platform.twitter.com www.heidi.news
platform.twitter.com
1 cdn.rorvswild.com www.heidi.news
48 16
Subject Issuer Validity Valid
heidi.news
Gandi Standard SSL CA 2		 2022-05-30 -
2023-06-14		 a year crt.sh
*.kxcdn.com
Thawte RSA CA 2018		 2021-08-28 -
2022-08-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
cdn.rorvswild.com
R3		 2022-05-09 -
2022-08-07		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.heidi.news/
Frame ID: 05F1FB59E6E717126FCAA549167C95F2
Requests: 47 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.heidi.news
Frame ID: 67564BCB9654D71B9BF7F29DB4905450
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heidi.newsReservé aux abonnésrss-feed

Page URL History Show full URLs

  1. http://www.heidi.news/ HTTP 301
    https://www.heidi.news/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

48
Requests

98 %
HTTPS

75 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

1247 kB
Transfer

2522 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heidi.news/ HTTP 301
    https://www.heidi.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heidi.news/
Redirect Chain
  • http://www.heidi.news/
  • https://www.heidi.news/
97 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.54.7.127 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
Software
nginx / Phusion Passenger 6.0.6
Resource Hash
43b1e5ebf758c7110ad709b990bf2d6d18cb7459963b391a10879113dc4596cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Jun 2022 17:46:34 GMT
etag
W/"43b1e5ebf758c7110ad709b990bf2d6d"
link
<https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous
server
nginx
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains
x-powered-by
Phusion Passenger 6.0.6
x-request-id
b8c1d824-9454-4830-97dd-a88c181e56f1
x-runtime
0.762327

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Tue, 21 Jun 2022 17:46:33 GMT
Keep-Alive
timeout=20
Location
https://www.heidi.news/
Server
nginx
Status
301 Moved Permanently
X-Powered-By
Phusion Passenger 6.0.6
roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-55a0"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2>; rel="canonical"
content-length
21920
expires
Tue, 28 Jun 2022 17:46:34 GMT
SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
60827ed277197a683bace869b702a242eb317923bfc3fccc8d9df32679f07a87

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-37b4"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2>; rel="canonical"
content-length
14260
expires
Tue, 28 Jun 2022 17:46:34 GMT
SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3043c2aada437268bbab22de9757b017941c28cdd99c9fd06c2e5490079dca69

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-2e90"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2>; rel="canonical"
content-length
11920
expires
Tue, 28 Jun 2022 17:46:34 GMT
SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d3a86ddbad660c28e45b2952f639757ec9014f82adbf6844eebb459396be5726

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-2de4"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2>; rel="canonical"
content-length
11748
expires
Tue, 28 Jun 2022 17:46:34 GMT
roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9c1369d1bb82f208798dec741ce7d920794cc4ce429493a96b88acf0810a0cfb

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-6384"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2>; rel="canonical"
content-length
25476
expires
Tue, 28 Jun 2022 17:46:34 GMT
SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
db154999955478eb3c2ba66fde7e5b44dc0813683a2ca0d4a05a1d7709178872

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-2b6c"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2>; rel="canonical"
content-length
11116
expires
Tue, 28 Jun 2022 17:46:34 GMT
EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1adc11f962e72cdd362dc663024e7b3d57cbf1d614097dc6995aa010c7313d87

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-5ec8"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2>; rel="canonical"
content-length
24264
expires
Tue, 28 Jun 2022 17:46:34 GMT
roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c522ad036c6de7f50af3215dffd3c5b7ca323c6ed43c43baa736a7554ef6bbec

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-62e8"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2>; rel="canonical"
content-length
25320
expires
Tue, 28 Jun 2022 17:46:34 GMT
roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2
heidi-17455.kxcdn.com/assets/heidi/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8

Request headers

Referer
https://www.heidi.news/
Origin
https://www.heidi.news
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-5664"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/heidi/roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2>; rel="canonical"
content-length
22116
expires
Tue, 28 Jun 2022 17:46:34 GMT
heidi-6b3ee9fa52c5e3a4cc0739d02180f8dd046b18d522133d9bbe87a034f4beee7b.css
heidi-17455.kxcdn.com/assets/ 		205 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/heidi-6b3ee9fa52c5e3a4cc0739d02180f8dd046b18d522133d9bbe87a034f4beee7b.css
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4005d8fad583bc530cc3f13cfdfa05b03571218ac0cf508f503d1c49ff80950b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
last-modified
Tue, 14 Jun 2022 16:59:46 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"62a8be82-33354"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
link
<https://www.heidi.news/assets/heidi-6b3ee9fa52c5e3a4cc0739d02180f8dd046b18d522133d9bbe87a034f4beee7b.css>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
logo-topbar-625e3dff65131893872f9e927d70eafe3debaa8dde3b039703c512789b669a6a.svg
heidi-17455.kxcdn.com/assets/heidi/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/assets/heidi/logo-topbar-625e3dff65131893872f9e927d70eafe3debaa8dde3b039703c512789b669a6a.svg
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
82e245a2e6d21b4f1f9cc3b94fe3ca7bef28e3269417e0705812051f1c844e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 08:02:42 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"625e6ca2-1949"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
link
<https://www.heidi.news/assets/heidi/logo-topbar-625e3dff65131893872f9e927d70eafe3debaa8dde3b039703c512789b669a6a.svg>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
gtm.js
www.googletagmanager.com/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c8caa44826e8fcbfb5123be4b50b8652d813ce0f84e30700d62be2f0bb3c232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77242
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:03:44 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 17:46:34 GMT
pdj-169389cdd0453ac0da6ee8626ab2723a28252e0b19fa51b4edf6fc6169058062.jpg
heidi-17455.kxcdn.com/assets/home/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/assets/home/pdj-169389cdd0453ac0da6ee8626ab2723a28252e0b19fa51b4edf6fc6169058062.jpg
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c620b09affe2443800e91816c454200ad25db07defca1696f36cceb3664871ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Fri, 01 Apr 2022 15:48:29 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62471ecd-35925"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/home/pdj-169389cdd0453ac0da6ee8626ab2723a28252e0b19fa51b4edf6fc6169058062.jpg>; rel="canonical"
content-length
219429
expires
Tue, 28 Jun 2022 17:46:34 GMT
small
heidi-17455.kxcdn.com/photos/c2748b66-ea0c-4254-a52d-1ab9cf59e52d/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/c2748b66-ea0c-4254-a52d-1ab9cf59e52d/small
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
f30a0aacf251b89a3b51f96e8b9ec6221025e13b342d8df7b713b4fac26d6de4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
age
2
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="AnnickC.jpg"; filename*=UTF-8''AnnickC.jpg
content-length
26317
x-request-id
14cb443c-228f-4f3e-ac9f-89ee56c1933f
x-runtime
0.179636
server
keycdn-engine
etag
W/"f30a0aacf251b89a3b51f96e8b9ec622"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/c2748b66-ea0c-4254-a52d-1ab9cf59e52d/small>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
small
heidi-17455.kxcdn.com/photos/23ccf9d7-5ea8-456a-9948-56b5fcefb548/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/23ccf9d7-5ea8-456a-9948-56b5fcefb548/small
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
da009b91baa73cb7fc602c749ef59981699f66deb5e2bcc05735b1415549956a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
vary
Accept
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="Christophe_Clivaz.jpg"; filename*=UTF-8''Christophe_Clivaz.jpg
content-length
15905
x-request-id
922567c8-01bb-4554-8886-190945dfac24
x-runtime
0.084120
server
keycdn-engine
etag
W/"da009b91baa73cb7fc602c749ef59981"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/23ccf9d7-5ea8-456a-9948-56b5fcefb548/small>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
small
heidi-17455.kxcdn.com/photos/d23482df-8eee-430d-a424-edf25956211d/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/d23482df-8eee-430d-a424-edf25956211d/small
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
823c0b76a24ce5deb3a67f289574ceb3931bb05a803a6b4c02ab01d5122dfc4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="HugoTeam_bw-007 %281%29.jpg"; filename*=UTF-8''HugoTeam_bw-007%20%281%29.jpg
content-length
50930
x-request-id
8e43bf68-5721-4049-afb8-a30449075450
x-runtime
0.147541
server
keycdn-engine
etag
W/"823c0b76a24ce5deb3a67f289574ceb3"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/d23482df-8eee-430d-a424-edf25956211d/small>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
question-210b1ee8f2bd106d1401b99780826414bc26f5d8b1f0b19c42fa13f632f95684.svg
heidi-17455.kxcdn.com/assets/pictos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/assets/pictos/question-210b1ee8f2bd106d1401b99780826414bc26f5d8b1f0b19c42fa13f632f95684.svg
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
394a3d0667e84cc1d3427dace577e771c28673b70b658d755f1bc1e2fa38d5ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"62430607-723"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
link
<https://www.heidi.news/assets/pictos/question-210b1ee8f2bd106d1401b99780826414bc26f5d8b1f0b19c42fa13f632f95684.svg>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
logo-heidi-0f1dcefe0c0f5bb941e0b5513d3d21ee48bba421d5aad951144994c0989a7858.svg
heidi-17455.kxcdn.com/assets/ 		753 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/assets/logo-heidi-0f1dcefe0c0f5bb941e0b5513d3d21ee48bba421d5aad951144994c0989a7858.svg
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3c0530efbe342f9f964d2c5b2f4030f559d695d07102bde1e6b020133f848c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
last-modified
Tue, 29 Mar 2022 13:13:43 GMT
server
keycdn-engine
x-edge-location
defr
etag
"62430607-2f1"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/assets/logo-heidi-0f1dcefe0c0f5bb941e0b5513d3d21ee48bba421d5aad951144994c0989a7858.svg>; rel="canonical"
content-length
753
expires
Tue, 28 Jun 2022 17:46:34 GMT
application-359c0cf957be37274538a56e049988a12f9f405b18b2aca05e729186f3cd1a8a.js
heidi-17455.kxcdn.com/assets/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heidi-17455.kxcdn.com/assets/application-359c0cf957be37274538a56e049988a12f9f405b18b2aca05e729186f3cd1a8a.js
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
33b0065801c87378a5f819290e717b370b96c260b855bdcbe7e41d04ee81e7c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 13:21:46 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"62a0a26a-b567"
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
link
<https://www.heidi.news/assets/application-359c0cf957be37274538a56e049988a12f9f405b18b2aca05e729186f3cd1a8a.js>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
agent.js
cdn.rorvswild.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rorvswild.com/agent.js
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
d48ab86277866930b1b76363de0f1fe31425e243b93745cd2f95d50009e6093a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 09:48:01 GMT
server
keycdn-engine
x-edge-location
defr
etag
"c2b-5e1a1a6625640-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.rorvswild.com/agent.js>; rel="canonical"
content-length
1142
expires
Tue, 28 Jun 2022 17:46:34 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7F) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 17:46:34 GMT
Content-Encoding
gzip
Age
799
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (amb/6B7F)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
load
experience-eu.piano.io/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience-eu.piano.io/xbuilder/experience/load?aid=9T0ty974pe
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457853b008f0c75d683cddeb910230d0b4b99cd97a542fbaf5c4846200f6cc44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
vary
accept-encoding
cf-cache-status
HIT
age
1117
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1232
x-request-id
Cli8udrdK46
pragma
wn
prod-euc1-dash-10-4-144-211
last-modified
Tue, 21 Jun 2022 17:27:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
server-time
0.011
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
71ee907e1c3d23f7-ZRH
expires
Tue, 21 Jun 2022 18:16:34 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SQ668VZCQS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c09e4641b71d8e28361963eaa77f3a77d06a76a717819bb5e51dfe2c1d3fcd63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70773
x-xss-protection
0
expires
Tue, 21 Jun 2022 17:46:34 GMT
p.js
cdn.parsely.com/keys/heidi.news/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/heidi.news/p.js
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.0.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-0-39.tlv50.r.cloudfront.net
Software
nginx /
Resource Hash
691a5064b609248671ba348e35ba0b9c868e2be039e6d90ffdecdab0a9ca2605

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Tue, 21 Jun 2022 01:41:04 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 21:48:54 GMT
server
nginx
age
57930
etag
W/"616f3d46-11d9b"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f8637e7723c8fa39b50b55af99dbeff2.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
TLV50-C1
x-amz-cf-id
pZPZAyqKCgydmLMPU3UsYrZ9WnywrYu41quEchwQCZFewGEjvCmMjA==
expires
Wed, 22 Jun 2022 01:41:04 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/OtAutoBlock.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b3ee141bbb1e2041e91ac1253b5a5a899e2c5be61678efdaca57abd938ac5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
od0FlS6eGqT6IvVWJJrNzQ==
age
9333
vary
Accept-Encoding
content-length
2229
x-ms-lease-status
unlocked
last-modified
Mon, 20 Sep 2021 14:23:45 GMT
server
cloudflare
etag
0x8D97C42413F6FDD
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1dbd40b4-201e-016c-5315-b63560000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ee907e8abd2397-ZRH
expires
Tue, 21 Jun 2022 21:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/cb08fc6b-bc28-4627-9e0d-08bdd3471a95/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/cb08fc6b-bc28-4627-9e0d-08bdd3471a95/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
49a71a936155011eb6cf0bdeb87426286f0c7008211bc97f686bcf15b58880ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="juniperphoton-KKFKrOu3BVc-unsplash.jpg"; filename*=UTF-8''juniperphoton-KKFKrOu3BVc-unsplash.jpg
content-length
17602
x-request-id
ac4dac12-32e6-40da-8b33-cd85176ddf39
x-runtime
0.165705
server
keycdn-engine
etag
W/"49a71a936155011eb6cf0bdeb8742628"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/cb08fc6b-bc28-4627-9e0d-08bdd3471a95/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/aa8564f0-7df8-4f30-8b0d-d7b9121bb037/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/aa8564f0-7df8-4f30-8b0d-d7b9121bb037/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
bd6c3f543fd493611059dd5b708d0bb013835be526d22a1ab9ed68019169ece9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="niranjan-_-photographs-yziS7kyaeX8-unsplash.jpg"; filename*=UTF-8''niranjan-_-photographs-yziS7kyaeX8-unsplash.jpg
content-length
19737
x-request-id
8f7f43aa-e793-4ce1-8cd9-5c217108b2af
x-runtime
0.138571
server
keycdn-engine
etag
W/"bd6c3f543fd493611059dd5b708d0bb0"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/aa8564f0-7df8-4f30-8b0d-d7b9121bb037/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/7687b61c-ca08-4206-ad9f-b38733fae871/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/7687b61c-ca08-4206-ad9f-b38733fae871/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
6ec106ef2d1c641700a3162e2124dd7a13158dfce8dc2f231b005077393d896b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="Iakov 2.jpg"; filename*=UTF-8''Iakov%202.jpg
content-length
32159
x-request-id
165f06f3-11b0-4220-b565-bb42e82d8139
x-runtime
0.185044
server
keycdn-engine
etag
W/"6ec106ef2d1c641700a3162e2124dd7a"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/7687b61c-ca08-4206-ad9f-b38733fae871/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/106f5155-fad5-4892-93d1-94856d353eea/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/106f5155-fad5-4892-93d1-94856d353eea/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
d15ef95c200965fe4628d19684b177005e3ff7f73879e66df16ba567a34494e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="Capture d%3Fecran 2022-06-21 a 16.47.23.png"; filename*=UTF-8''Capture%20d%E2%80%99%C3%A9cran%202022-06-21%20%C3%A0%2016.47.23.png
content-length
67374
x-request-id
473010df-28c3-4ace-8146-6e933ba03058
x-runtime
0.189567
server
keycdn-engine
etag
W/"d15ef95c200965fe4628d19684b17700"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/106f5155-fad5-4892-93d1-94856d353eea/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/3c964b39-142a-4afb-8163-6f0454ec00a1/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/3c964b39-142a-4afb-8163-6f0454ec00a1/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
6296e78519a85d17a7a32422dd6f9d1a3f11ef7426e55871d791d780dbc28cfb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="shutterstock_161752151.jpg"; filename*=UTF-8''shutterstock_161752151.jpg
content-length
38896
x-request-id
827d442f-569e-4d8f-982c-517f07c7c365
x-runtime
0.167157
server
keycdn-engine
etag
W/"6296e78519a85d17a7a32422dd6f9d1a"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/3c964b39-142a-4afb-8163-6f0454ec00a1/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/4aa9e662-93e5-4d47-9d9e-8a98a21b9d2d/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/4aa9e662-93e5-4d47-9d9e-8a98a21b9d2d/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
8128af69c2810cd5b18c20ccbdfe2f6d6181290e2fde9d873e9639237b8fb261
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="Bio-1.jpg"; filename*=UTF-8''Bio-1.jpg
content-length
84787
x-request-id
01262463-5d92-41b5-b5ca-9a3ac948179f
x-runtime
0.158843
server
keycdn-engine
etag
W/"8128af69c2810cd5b18c20ccbdfe2f6d"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/4aa9e662-93e5-4d47-9d9e-8a98a21b9d2d/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
medium
heidi-17455.kxcdn.com/photos/3e98f9ce-a41a-4bb3-97ae-47da6a1140c8/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heidi-17455.kxcdn.com/photos/3e98f9ce-a41a-4bb3-97ae-47da6a1140c8/medium
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Phusion Passenger 6.0.6
Resource Hash
d40020db7357631628f7a5a6e069565282fd2eb36249cdb108dd007b634a39d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
vary
Accept
x-edge-location
defr
x-powered-by
Phusion Passenger 6.0.6
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="shutterstock_1743531977.jpg"; filename*=UTF-8''shutterstock_1743531977.jpg
content-length
13295
x-request-id
b22f13b8-f846-426e-b121-d7a08c5f1a0a
x-runtime
0.125618
server
keycdn-engine
etag
W/"d40020db7357631628f7a5a6e0695652"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://www.heidi.news/photos/3e98f9ce-a41a-4bb3-97ae-47da6a1140c8/medium>; rel="canonical"
expires
Tue, 28 Jun 2022 17:46:34 GMT
collect
region1.analytics.google.com/g/ 		0
338 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SQ668VZCQS&gtm=2oe6f0&_p=1144182822&_z=ccd.v9B&_gaz=1&cid=1453885732.1655833595&ul=en-us&sr=1600x1200&_s=1&sid=1655833594&sct=1&seg=0&dl=https%3A%2F%2Fwww.heidi.news%2F&dt=Heidi.news&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SQ668VZCQS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 17:46:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heidi.news
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SQ668VZCQS&cid=1453885732.1655833595&gtm=2oe6f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SQ668VZCQS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 17:46:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heidi.news
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SQ668VZCQS&cid=1453885732.1655833595&gtm=2oe6f0&aip=1&z=828405063
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 17:46:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinypass.min.js
code.piano.io/api/ 		303 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.piano.io/api/tinypass.min.js
Requested by
Host: experience-eu.piano.io
URL: https://experience-eu.piano.io/xbuilder/experience/load?aid=9T0ty974pe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de936dc9fae7ac59bbb09d86454aa7ba70d106f697e64208cd28dc6afd2557be
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
1146
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B5TSYF9MJ9TH67R8
x-amz-id-2
1W0EUEIW3YkJG1ZTdtN8mJ26VP6Ev+7u5vrHINEJGDHDqX17k7PyJeHo2TKXjClevaut5U3fxO8=
last-modified
Mon, 20 Jun 2022 08:13:55 GMT
server
cloudflare
etag
W/"71cc3a852bf6de1cd9c2ff34a16ff125"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
71ee907e9d3923f7-ZRH
expires
Tue, 21 Jun 2022 21:46:34 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jaQOgzI9+ZkWZRPB/GIusQ==
age
4944
vary
Accept-Encoding
content-length
6921
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 02:30:24 GMT
server
cloudflare
etag
0x8DA5264D4970233
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bc800a0-c01e-002d-3450-845b26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ee907ecb162397-ZRH
get.js
buy-eu.piano.io/api/v3/anon/captcha/ 		153 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy-eu.piano.io/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=9T0ty974pe
Requested by
Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f227e087f6a4e2ef0791001b0d4c96ca9e401d320b70a91bad4f48a146a58aac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
31
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Crc9udrSaFo
pragma
wn
prod-euc1-dash-10-4-146-83
last-modified
Tue, 21 Jun 2022 17:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.006
cache-control
public, max-age=14400
cf-ray
71ee907f0dcf23f7-ZRH
expires
Tue, 21 Jun 2022 21:46:34 GMT
execute
c2-eu.piano.io/xbuilder/experience/ 		105 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2-eu.piano.io/xbuilder/experience/execute?aid=9T0ty974pe
Requested by
Host: code.piano.io
URL: https://code.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71723a9f04f8cccff600130cb26596aa8cfaf82a9072904a92e57b3423248340
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.heidi.news/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
8sn42hkuzp
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.heidi.news
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
71ee907f1de223f7-ZRH
0d6ed0a9-102b-46c0-82d3-8a2a24889cb1.json
cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96730b2e1dd99cb94dc9a10f420568038573c6e2cc0ff2aae668e452dc844cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pNo0Y0dX0ucgP0CGXRUfzw==
age
10342
vary
Accept-Encoding
content-length
1261
x-ms-lease-status
unlocked
last-modified
Mon, 20 Sep 2021 14:23:45 GMT
server
cloudflare
etag
0x8D97C424131FFE7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5ba97045-e01e-00df-7715-b689b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ee907f4c0723af-ZRH
expires
Tue, 21 Jun 2022 21:46:34 GMT
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame 6756 		0
0
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1655833594798&plid=95024102&idsite=heidi.news&url=https%3A%2F%2Fwww.heidi.news%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.heidi.news%2F&sref=&sts=1655833594794&slts=0&title=Heidi.news&date=Tue+Jun+21+2022+17%3A46%3A34+GMT%2B0000+(GMT)&action=pageview&pvid=84739453&u=pid%3D10d7f53f97a72087baec8b5ed349ae3a
Requested by
Host: www.heidi.news
URL: https://www.heidi.news/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 17:46:34 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 21-Jun-2022 17:46:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.heidi.news/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71ee907fb85101e3-ZRH
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.23.0/ 		312 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
joMckLq8BtEunD8NH/4XVA==
age
21231539
vary
Accept-Encoding
content-length
76366
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:58 GMT
server
cloudflare
etag
0x8D96DBF6CBEE741
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f46d419-301e-00f4-6b6c-c4fd0a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ee907ffce92397-ZRH
fr.json
cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/8e3934ad-5d13-4a58-b3bb-5f522a0fe4df/ 		53 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0d6ed0a9-102b-46c0-82d3-8a2a24889cb1/8e3934ad-5d13-4a58-b3bb-5f522a0fe4df/fr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c29c82a6e5d21f56ba8f0d58bd6d5e742234d4d6ade6aff77ecb1d6f5c7c261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
6WTQ6oOb3+Bqq1sDwAb0fQ==
age
9330
vary
Accept-Encoding
content-length
13291
x-ms-lease-status
unlocked
last-modified
Mon, 20 Sep 2021 14:23:47 GMT
server
cloudflare
etag
0x8D97C4242A7F3EB
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
de2068a2-f01e-0121-7915-b6f382000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ee90806e1123af-ZRH
expires
Tue, 21 Jun 2022 21:46:34 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
r7t3xbAZ3QK/7lQuu5X7ww==
age
21231475
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:51 GMT
server
cloudflare
etag
0x8D96DBF68EC8D5B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e8fb9d8e-801e-0008-3c6c-c4c395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ee90809e7423af-ZRH
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heidi.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 17:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
21231475
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ce79472f-801e-00c4-556c-c4a720000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
71ee90809e7723af-ZRH

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
platform.twitter.com
URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.heidi.news

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer object| tp object| google_tag_manager function| postscribe object| google_tag_manager_external function| _extends function| _typeof function| attachToggleAngel function| CopyToClipboard function| attachFlashClosing function| createInputValidator function| attachHideNavOnScroll function| scrollToTop function| attachMenuToggling function| attachProfilMenuToggling function| attachPanelToggling function| attachPlanToggling function| shareAttachAll object| Addresses object| CartPrelaunch object| Donations object| FlashMessages object| FormValidation object| Loader object| PostLoader object| Modal object| Rails boolean| _rails_loaded function| UnobstrusiveLinks function| LazyLoad object| MicroModal object| Ariato function| Account object| Article function| FollowButton function| Heidi object| Payment function| Riddle object| Video object| google_tag_data object| parselyConversionEventQueue function| captureParselyConversion object| PARSELY object| RorVsWild object| controller function| onYouTubeIframeAPIReady object| gaGlobal function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| googletag function| ___tp object| OneTrustStub function| OptanonWrapper object| __twttrll object| twttr object| __twttr object| PianoESPConfig string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

13 Cookies

Domain/Path Name / Value
www.heidi.news/ Name: SRVGROUP
Value: common
www.heidi.news/ Name: _heidi_session
Value: uj4BwQBOk1K6g44P72mMCLgmX8QtMlRJn6u8dLuUE1K%2Bjr2VSXZDxth7aTjIgsY0RM3GShaq2eA1N42dZbSQq1F1sGpGvG%2B8CqNX1m1Qla4jvVIJt60M4xcglI%2BtB%2B%2FJ4qD%2FJ01k15W66MbNzOQ%3D--SQ%2BG4BAja737RyqJ--dBXm0xCIziZL8rODHmn8kg%3D%3D
.heidi.news/ Name: _gcl_au
Value: 1.1.1728563603.1655833595
.piano.io/ Name: __cf_bm
Value: w1tctwsjsMrdzrCfI_KilOmNBYFMQwt8bW3sUD.Koy8-1655833594-0-Aa3iBl2C4zkAG5rB7fYs7AEP9mIH0HSwmVhDydPhNfLF2mfUKGgcNhOvzcy2uejevpMhX5QmTwxPYaznAmpqD6Y=
.heidi.news/ Name: _ga_SQ668VZCQS
Value: GS1.1.1655833594.1.0.1655833594.60
.heidi.news/ Name: _ga
Value: GA1.1.1453885732.1655833595
.heidi.news/ Name: __tbc
Value: %7Bkpex%7DCtQp42-cpYevWi1SkLdPf2652xxMGlrI0CKevHSEPfXvpk3OSnU0ieZA8QpDj3Qf9XGA3_M_SmM_tqDDDB2-LpDKOj2uomKjrOOpDm6NUpw
.heidi.news/ Name: __pat
Value: 7200000
.heidi.news/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-06-21-17-46-34-710-qR807VhpnfkFVNNL-4862e634deb32067b9dcb6f8f0af1e55%22%2C%22domain%22%3A%22.heidi.news%22%2C%22time%22%3A1655833594786%7D
.heidi.news/ Name: xbc
Value: %7Bkpex%7DaRCwUaFAl7-C_gFTFuWiSgPJgAMV-u3mDW0sJyY7FALGMz5b0SmsY0JtFPruHVY4H9uJUWNoG7TNFo3OgvpbaU63-YMNpGAQRGDv2oG2p-AVXguSVeVKPxkXg76Cnia2EWFVy85nJigOpr4NUwoPeMe8mNiT19iZu2wGizO78iViog4a7ik8L2LYOBNiJbXoziRf-MOYmdZ5ZaTPbAOFit9kq_HfaWkvpMb0It07KYFrmBHsg3DNAbGjecS9uBiogQyOlkBmg4b_GEW0AjCGQ3hVK5XYXR8l3apBTkvQpa-BCyP3o365fFJ8LzXwmKU5d-egp5LYMyv_fj8Aieq55aFtW_O6ZgUAedbwJ9VAxd5zUskQ8azuO71rtYY_AZHV7gxJtvegkUQPVSSLaA3XrfkIv63g0LOpy3Jhg1f4c5Q9yWunMs_GHBkRlUj9uHscrRMhQCGhemOwcjD2D4tXjDZzXVkM-c1_DtdFMQiI418Yu2yEW2y-w9C1VMESFz3qP5TjwtpD9ES0xZUMMo10kEpDcRD7DNGQDHSDbh6GTfw
.heidi.news/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.heidi.news/%22%2C%22sref%22:%22%22%2C%22sts%22:1655833594794%2C%22slts%22:0}
.heidi.news/ Name: _parsely_visitor
Value: {%22id%22:%22pid=10d7f53f97a72087baec8b5ed349ae3a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1655833594794}
.heidi.news/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jun+21+2022+17%3A46%3A35+GMT%2B0000+(GMT)&version=6.23.0&isIABGlobal=false&hosts=&consentId=bc03d2e1-abc9-485b-aba9-13ddd47a9ad2&interactionCount=0&landingPath=https%3A%2F%2Fwww.heidi.news%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buy-eu.piano.io
c2-eu.piano.io
cdn.cookielaw.org
cdn.parsely.com
cdn.rorvswild.com
code.piano.io
experience-eu.piano.io
geolocation.onetrust.com
heidi-17455.kxcdn.com
p1.parsely.com
platform.twitter.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.heidi.news
platform.twitter.com
13.226.0.39
185.54.7.127
2001:4860:4802:34::36
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700::6810:9440
2606:4700::6810:f015
2a00:1450:4001:811::2008
2a00:1450:400c:c02::9d
2a00:1450:4016:808::2003
2a0b:4d07:102::1
63.34.81.234
04b3ee141bbb1e2041e91ac1253b5a5a899e2c5be61678efdaca57abd938ac5e
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1adc11f962e72cdd362dc663024e7b3d57cbf1d614097dc6995aa010c7313d87
1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3043c2aada437268bbab22de9757b017941c28cdd99c9fd06c2e5490079dca69
33b0065801c87378a5f819290e717b370b96c260b855bdcbe7e41d04ee81e7c1
394a3d0667e84cc1d3427dace577e771c28673b70b658d755f1bc1e2fa38d5ed
3c0530efbe342f9f964d2c5b2f4030f559d695d07102bde1e6b020133f848c29
4005d8fad583bc530cc3f13cfdfa05b03571218ac0cf508f503d1c49ff80950b
43b1e5ebf758c7110ad709b990bf2d6d18cb7459963b391a10879113dc4596cc
457853b008f0c75d683cddeb910230d0b4b99cd97a542fbaf5c4846200f6cc44
49a71a936155011eb6cf0bdeb87426286f0c7008211bc97f686bcf15b58880ce
4c29c82a6e5d21f56ba8f0d58bd6d5e742234d4d6ade6aff77ecb1d6f5c7c261
5c8caa44826e8fcbfb5123be4b50b8652d813ce0f84e30700d62be2f0bb3c232
60827ed277197a683bace869b702a242eb317923bfc3fccc8d9df32679f07a87
6296e78519a85d17a7a32422dd6f9d1a3f11ef7426e55871d791d780dbc28cfb
691a5064b609248671ba348e35ba0b9c868e2be039e6d90ffdecdab0a9ca2605
6ec106ef2d1c641700a3162e2124dd7a13158dfce8dc2f231b005077393d896b
71723a9f04f8cccff600130cb26596aa8cfaf82a9072904a92e57b3423248340
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
8128af69c2810cd5b18c20ccbdfe2f6d6181290e2fde9d873e9639237b8fb261
823c0b76a24ce5deb3a67f289574ceb3931bb05a803a6b4c02ab01d5122dfc4f
82e245a2e6d21b4f1f9cc3b94fe3ca7bef28e3269417e0705812051f1c844e83
96730b2e1dd99cb94dc9a10f420568038573c6e2cc0ff2aae668e452dc844cff
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
9c1369d1bb82f208798dec741ce7d920794cc4ce429493a96b88acf0810a0cfb
bd6c3f543fd493611059dd5b708d0bb013835be526d22a1ab9ed68019169ece9
c09e4641b71d8e28361963eaa77f3a77d06a76a717819bb5e51dfe2c1d3fcd63
c522ad036c6de7f50af3215dffd3c5b7ca323c6ed43c43baa736a7554ef6bbec
c620b09affe2443800e91816c454200ad25db07defca1696f36cceb3664871ff
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15ef95c200965fe4628d19684b177005e3ff7f73879e66df16ba567a34494e6
d3a86ddbad660c28e45b2952f639757ec9014f82adbf6844eebb459396be5726
d40020db7357631628f7a5a6e069565282fd2eb36249cdb108dd007b634a39d5
d48ab86277866930b1b76363de0f1fe31425e243b93745cd2f95d50009e6093a
da009b91baa73cb7fc602c749ef59981699f66deb5e2bcc05735b1415549956a
db154999955478eb3c2ba66fde7e5b44dc0813683a2ca0d4a05a1d7709178872
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
de936dc9fae7ac59bbb09d86454aa7ba70d106f697e64208cd28dc6afd2557be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f227e087f6a4e2ef0791001b0d4c96ca9e401d320b70a91bad4f48a146a58aac
f30a0aacf251b89a3b51f96e8b9ec6221025e13b342d8df7b713b4fac26d6de4
f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f