urlscan.io logo urlscan.io
SecurityTrails logo

www.2xweihnachten.ch Open in urlscan Pro
2a05:d014:58f:6202::64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2xnadal.ch/
Effective URL: https://www.2xweihnachten.ch/rm/
Submission: On May 17 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 17 domains to perform 100 HTTP transactions. The main IP is 2a05:d014:58f:6202::64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.2xweihnachten.ch.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.
This is the only time www.2xweihnachten.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 76.76.21.21 16509 (AMAZON-02)
8 2a05:d014:58f... 16509 (AMAZON-02)
3 2600:1901:0:5... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 2600:9000:235... 16509 (AMAZON-02)
13 35.190.14.188 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
3 157.240.252.13 32934 (FACEBOOK)
2 2600:1901:0:c... 15169 (GOOGLE)
2 2620:1ec:48:1... 8075 (MICROSOFT...)
5 95.100.146.40 20940 (AKAMAI-ASN1)
4 2a03:2880:f17... 32934 (FACEBOOK)
4 35.241.3.184 15169 (GOOGLE)
1 142.251.168.155 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 2 216.58.206.34 15169 (GOOGLE)
1 2 142.250.184.198 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.200 13414 (TWITTER)
1 2 142.250.74.196 15169 (GOOGLE)
3 20.119.174.243 8075 (MICROSOFT...)
2 2600:1901:0:1... 15169 (GOOGLE)
1 34.95.108.180 396982 (GOOGLE-CL...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
100 26
1    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
2xnadal.ch
8    2a05:d014:58f:6202::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
www.2xweihnachten.ch
3    2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
privacy-proxy.usercentrics.eu
app.usercentrics.eu
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
28    2600:9000:235a:800:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
13    35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.usercentrics.eu
2    2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    95.100.146.40 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-40.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
1    142.251.168.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f155.1e100.net
stats.g.doubleclick.net
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
12086158.fls.doubleclick.net
1    2606:4700::6810:281c (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
3    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
2    2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
consent-api.service.consent.usercentrics.eu
1    34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
uct.service.usercentrics.eu
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
28 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3686
24 MB
25 usercentrics.eu
privacy-proxy.usercentrics.eu — Cisco Umbrella Rank: 31897
app.usercentrics.eu — Cisco Umbrella Rank: 8434
api.usercentrics.eu — Cisco Umbrella Rank: 5983
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 13796
uct.service.usercentrics.eu — Cisco Umbrella Rank: 15764
213 KB
8 2xweihnachten.ch
www.2xweihnachten.ch
213 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
r.clarity.ms — Cisco Umbrella Rank: 6058
c.clarity.ms — Cisco Umbrella Rank: 1385
29 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
12086158.fls.doubleclick.net
2 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 712
150 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1357
syndication.twitter.com — Cisco Umbrella Rank: 1719
31 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
166 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
399 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
356 KB
3 google.ch
www.google.ch — Cisco Umbrella Rank: 31932
670 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
88 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
764 B
1 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 4137
552 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
2 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 2828
63 KB
1 2xnadal.ch
2xnadal.ch
201 B
100 17
Domain Requested by
28 images.ctfassets.net www.2xweihnachten.ch
15 app.usercentrics.eu www.2xweihnachten.ch
app.usercentrics.eu
8 www.2xweihnachten.ch www.2xweihnachten.ch
6 api.usercentrics.eu app.usercentrics.eu
5 analytics.tiktok.com www.2xweihnachten.ch
analytics.tiktok.com
privacy-proxy.usercentrics.eu
5 connect.facebook.net www.2xweihnachten.ch
connect.facebook.net
4 www.facebook.com connect.facebook.net
www.2xweihnachten.ch
4 platform.twitter.com www.2xweihnachten.ch
platform.twitter.com
4 www.googletagmanager.com www.2xweihnachten.ch
www.googletagmanager.com
3 r.clarity.ms www.clarity.ms
3 www.google.ch www.2xweihnachten.ch
2 c.clarity.ms 1 redirects
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
2 www.google.com 1 redirects www.2xweihnachten.ch
2 12086158.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
1 c.bing.com 1 redirects
1 uct.service.usercentrics.eu www.2xweihnachten.ch
1 syndication.twitter.com www.2xweihnachten.ch
1 fast.fonts.net www.2xweihnachten.ch
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net privacy-proxy.usercentrics.eu
1 www.googleoptimize.com www.2xweihnachten.ch
1 privacy-proxy.usercentrics.eu www.2xweihnachten.ch
1 2xnadal.ch 1 redirects
100 26

This site contains links to these domains. Also see Links.

Domain
www.srgssr.ch
zweixweihnachten.post.ch
www.coop.ch
www.redcross.ch
Subject Issuer Validity Valid
2xweihnachten.ch
R3		 2024-03-27 -
2024-06-25		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D4		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
api.usercentrics.eu
GTS CA 1D4		 2024-04-03 -
2024-07-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.ch
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.googleadservices.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
fonts.net
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
syndication.twitter.com
R3		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
consent-api.service.consent.usercentrics.eu
GTS CA 1D4		 2024-04-06 -
2024-07-05		 3 months crt.sh
uct.service.usercentrics.eu
GTS CA 1D4		 2024-03-22 -
2024-06-20		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.2xweihnachten.ch/rm/
Frame ID: 70CB4442FE5B993CC05F39A7E90707C8
Requests: 91 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.2xweihnachten.ch
Frame ID: D1C4F026BC66231859278BE020AE2CC9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd5c5687008ab24ae%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Fffa9b324bac8a4fc8%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fwww.2xweihnachten.ch%2F&layout=button&locale=de_DE&mobile_iframe=true&sdk=joey&size=large
Frame ID: 125B00B4F8BAF581B5569C303EEC0B48
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa1b1bb0d7d122f33%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Fffa9b324bac8a4fc8%26relation%3Dparent.parent&container_width=390&hide_cover=false&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2F2xweihnachten&locale=de_DE&sdk=joey&show_facepile=false&small_header=true
Frame ID: 278B493C57B1BFB3D02F7AB6E0F95AA0
Requests: 1 HTTP requests in this frame

Frame: https://12086158.fls.doubleclick.net/activityi;dc_pre=CJKW--mrlIYDFY9OHgIdCn8BSQ;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181812421z877474803za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F
Frame ID: 8C56540C1C9ADD35463A3254974A26A4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: B4AEBCC9833AA80AC28DB9E2ED7B1847
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gidar, la resposta è gea – 2 x Nadal

Page URL History Show full URLs

  1. https://2xnadal.ch/ HTTP 301
    https://www.2xweihnachten.ch/rm/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

100
Requests

98 %
HTTPS

50 %
IPv6

17
Domains

26
Subdomains

26
IPs

4
Countries

25764 kB
Transfer

28838 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2xnadal.ch/ HTTP 301
    https://www.2xweihnachten.ch/rm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://12086158.fls.doubleclick.net/activityi;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181812421z877474803za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F HTTP 302
  • https://12086158.fls.doubleclick.net/activityi;dc_pre=CJKW--mrlIYDFY9OHgIdCn8BSQ;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181812421z877474803za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F
Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&value=0&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&eitems=ChAI8ICcsgYQlO_xufGT7ukJEh0A1ALk3WKRQ8FJvcwsICDHB4to2tZsd2ib4kKwDA&pscrd=IhMI1rLf6auUhgMVD0-kBB0Wxwa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vd3d3LjJ4d2VpaG5hY2h0ZW4uY2gv HTTP 302
  • https://www.google.com/pagead/1p-conversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&value=0&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI1rLf6auUhgMVD0-kBB0Wxwa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vd3d3LjJ4d2VpaG5hY2h0ZW4uY2gv&is_vtc=1&cid=CAQSKQB7FLtq0WmLqF3hU8qwYpM1Au4sga_AkJwv1jJAE87WWnMyxfaH_4If&eitems=ChAI8ICcsgYQlO_xufGT7ukJEh0A1ALk3Yy-cfXCs-iXnHbZOE4hgaIyehHNnM6Www&random=255910248 HTTP 302
  • https://www.google.ch/pagead/1p-conversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&value=0&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI1rLf6auUhgMVD0-kBB0Wxwa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vd3d3LjJ4d2VpaG5hY2h0ZW4uY2gv&is_vtc=1&cid=CAQSKQB7FLtq0WmLqF3hU8qwYpM1Au4sga_AkJwv1jJAE87WWnMyxfaH_4If&eitems=ChAI8ICcsgYQlO_xufGT7ukJEh0A1ALk3Yy-cfXCs-iXnHbZOE4hgaIyehHNnM6Www&random=255910248&ipr=y
Request Chain 96
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0AB6E2A5145B4DEBAD87E6617BFEC809&RedC=c.clarity.ms&MXFR=222B0930066368443E1D1DB2026366D1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0AB6E2A5145B4DEBAD87E6617BFEC809&MUID=14C6FB4C03846035231AEFCE020F6146

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.2xweihnachten.ch/rm/
Redirect Chain
  • https://2xnadal.ch/
  • https://www.2xweihnachten.ch/rm/
43 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
aa2e1383512e5aced732bb1cccd528f7f0a6dd88db4ec0b520e9d8e53d74fefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=miss
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 09:11:37 GMT
etag
"82133bf5c4f7c16f2af4a6e8f7dad143-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01HY2X4D4E5BSW5W63S55NSP1N

Redirect headers

age
0
cache-control
public, max-age=0, must-revalidate
content-length
0
date
Fri, 17 May 2024 09:11:36 GMT
location
https://www.2xweihnachten.ch/rm/
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/api/jump
x-vercel-cache
MISS
x-vercel-id
fra1::fra1::258np-1715937096542-d08a734f7d7d
uc-block.bundle.js
privacy-proxy.usercentrics.eu/latest/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
70479b4e4bbb5e3d0eb95c786c6a1c825a1ebe6a8d5e9605784cb1ea64020617
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:01 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
x-goog-meta-version
3.3.10
age
36
x-guploader-uploadid
ABPtcPq0rHzMf-2WoldXcZ6mfWIja3ELfEWYh_UxT3kMwDVzFiijSUIkYY2vrfwxZjyWZSO53sweSPNzhw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30414
last-modified
Tue, 23 Apr 2024 08:54:33 GMT
server
UploadServer
etag
"e26410885a89d268eef143bf00f80f49"
vary
Accept-Encoding
x-goog-generation
1713862473688993
x-goog-hash
crc32c=gSWeQw==, md5=4mQQiFqJ0mju8UO/APgPSQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600
x-goog-stored-content-length
30414
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 May 2024 10:11:01 GMT
loader.js
app.usercentrics.eu/browser-ui/latest/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
91e799884d9c8edd92a87c3060eb144023ab1c87035e7cf638e25e253dab182b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:41:33 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1804
x-guploader-uploadid
ABPtcPpEAklteq2IdBwhnagzQr1OVH83x-MerjTPbjWFeN1rDkhIyAZVSE9M7Va0GlFvzXv5IFXKy7b3dQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8125
last-modified
Tue, 07 May 2024 10:37:49 GMT
server
UploadServer
etag
"edbfbad18f9c8692f02e26955575896d"
x-goog-generation
1715078269177590
x-goog-hash
crc32c=dqjilQ==, md5=7b+60Y+chpLwLiaVVXWJbQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
8125
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 17 May 2024 09:41:33 GMT
optimize.js
www.googleoptimize.com/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-5F5TWFN
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b9d05c2efa854dc057e7ce3fb13ecff7ba038ced6631dd48e3614b351a742ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64157
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 09:11:37 GMT
main.bundle.css
www.2xweihnachten.ch/assets/stylesheets/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6f8d898e291a6556a67c2c70bf4e19df082279a2d1d59a2d8821f98adcefc306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/rm/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4DHKH3TSPGKQTFN5549C
date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
41610
cache-status
"Netlify Edge"; hit
etag
"3e205947af981c8bfca6969137a28c7e-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
9457
main.bundle.js
www.2xweihnachten.ch/assets/javascripts/ 		408 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/javascripts/main.bundle.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6724df2eaab91ac07cb607b6027db6d0e9a9f4171a4d55e66ce1c45d0d7e2ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/rm/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4DR4JRXQAV9NSBNAN4XS
date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"f2fff2f040185a3d8ce4f9a459c25294-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
LOGO_RGB_quer_RZ_ru.svg
images.ctfassets.net/9nz7ww8rgw8c/1BFkFoDzbYiSO4yRQHf7uk/db352f6047291728b20eac8c4f6b991e/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/1BFkFoDzbYiSO4yRQHf7uk/db352f6047291728b20eac8c4f6b991e/LOGO_RGB_quer_RZ_ru.svg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
d644d604f9a15a5375d4c88f14973f9d1ee415bad0088b88c911f9c65d1dcb2d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:11 GMT
content-encoding
gzip
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 20:22:19 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
W/"9d16b1a8478ce5dbb0198a29a78aebc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
CYn3GBxaQ8ufBDOs8qu_J_9roADqYK3s8a-j1yndQIzjGwcTig73DA==
2xW_Sujet_Einzelperson_1.jpg
images.ctfassets.net/9nz7ww8rgw8c/5tF5vKtAIgMGkCOM4cqI6G/e90193f41c6872ffce2ab8aeafba1063/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5tF5vKtAIgMGkCOM4cqI6G/e90193f41c6872ffce2ab8aeafba1063/2xW_Sujet_Einzelperson_1.jpg?w=1440&q=75
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
f5d56fecd3d54995a7f3f86e5b929400b4e86e65ce437ef51cc6c3e49c328a46

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:09 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 03 May 2024 14:11:10 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
"6928b16162a8981d49c51f5f51eb5f7b"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
103514
x-amz-cf-id
hip4fYxQCGUh_Tz9AgqXXYb2arMqAhxXGGhTsC286Ky07UdCXjKcmw==
logo_ribbon.svg
images.ctfassets.net/9nz7ww8rgw8c/5BKFqLDpOEQ6yE8KuYWOQA/928c1b9ef538920765cca11c3a3301d0/ 		1 MB
749 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5BKFqLDpOEQ6yE8KuYWOQA/928c1b9ef538920765cca11c3a3301d0/logo_ribbon.svg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
8d5cf8b6748030407427c10d5d27a994cc4838691cc415138b4a6c9ff2e26f42

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
gzip
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 08:36:04 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
etag
W/"20f818617ec4b5636c8d491229282c73"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
m8DEUKxujPj-a8XyrApzsfq3qkV_yECNrTiUganglsKpYKmqQmiq9A==
SRG_SSR_2011_logo.svg
images.ctfassets.net/9nz7ww8rgw8c/2hTEcqzSxaemqiu0cOaiy8/45f566a371248f17b1e093a4834aa755/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/2hTEcqzSxaemqiu0cOaiy8/45f566a371248f17b1e093a4834aa755/SRG_SSR_2011_logo.svg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
519536006cd07bfce7ffa9bb61618333db7e0db8b766d5448bf4962ca14ac55a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:11 GMT
content-encoding
gzip
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2017 15:51:20 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
W/"57454c4cb8ba206c8ce9ef4179bd284c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
z0K6FT8KWfozKppSh8LZ7nGiq5k-W9OX7z-YWaIXmrjyd96ffh3fdQ==
eyJwYXRoIjoic2Nod2VpemVyaXNjaGVzLXJvdGVzLWtyZXV6XC9maWxlXC9HU2gyb0JBa3Nmclo1eGpwVHdnRS5zdmcifQ_schweizerisches-rotes-kreuz_Mwo2t
images.ctfassets.net/9nz7ww8rgw8c/4rhySmzPUKgCkfukYtdLrD/bfc4c9a0ffe1b4c94e0b4281d4883cd5/ 		493 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/4rhySmzPUKgCkfukYtdLrD/bfc4c9a0ffe1b4c94e0b4281d4883cd5/eyJwYXRoIjoic2Nod2VpemVyaXNjaGVzLXJvdGVzLWtyZXV6XC9maWxlXC9HU2gyb0JBa3Nmclo1eGpwVHdnRS5zdmcifQ_schweizerisches-rotes-kreuz_Mwo2t
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b6a63a83c4b69f91e185938410d70c7b0bf0991f0e0f26e6b57c954e453324fc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:11 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 15:42:04 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
"adf1310209630c8042953ee76183867f"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
493
x-amz-cf-id
rqTtkB2Iz7mjVOa8TVKeHhKIY6Z3o5LzlXiJrWsmDYzCzfla5NmrEg==
logo-coop.svg
images.ctfassets.net/9nz7ww8rgw8c/1YWISZ2zJK2gACk4qGKe2a/f4f08f4fdaf0be201b89ab47bc9730fd/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/1YWISZ2zJK2gACk4qGKe2a/f4f08f4fdaf0be201b89ab47bc9730fd/logo-coop.svg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
10c427773d74c0724adf14522a7a506056969e5eae68201f328707a9bef6f844

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:11 GMT
content-encoding
gzip
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Tue, 07 Nov 2017 15:22:56 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
W/"6054f9ecacd8e54a403fa69f240cea53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Dt2unlhzBt1vMC7XKbcd5_1HBTfb1Xwu9zNEHvTFdVFeIhHHOlahaQ==
logo-de.svg
images.ctfassets.net/9nz7ww8rgw8c/1BFSbgUZtOo8qekO4iAoWq/8c4f2aae954a94558d2f5cb409ff3454/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/1BFSbgUZtOo8qekO4iAoWq/8c4f2aae954a94558d2f5cb409ff3454/logo-de.svg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4bd683b271e9bfa5baf2785e8568640662883a412dbace1d4341f746ad1adb8b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:11 GMT
content-encoding
gzip
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2017 12:14:18 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
W/"bb3080da83100705dab68c1edf350cfe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
TSdkMs-Sz4FE0hT9v886sfASXqk1pgP_hDtjqWWmhb85iKQ8W-NsRA==
index.module.js
app.usercentrics.eu/browser-ui/3.42.0/ 		359 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
89e17b83a2e06b56061234766b5d9f8feef650531e2e4734504ee9f6425bbf73
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:05 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858752
x-guploader-uploadid
ABPtcPp1fRWmUXYtwg7c04atnJfBI7z7j_8qBXAI17eXQJBQ5ehBTugIA25VW17avJYtXlzRKf0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105966
last-modified
Tue, 07 May 2024 10:37:27 GMT
server
UploadServer
etag
"25979ff0c70cf1e1fd9dc194162265e5"
x-goog-generation
1715078247111643
x-goog-hash
crc32c=cnU9kw==, md5=JZef8McM8eH9ncGUFiJl5Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
105966
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:05 GMT
gtm.js
www.googletagmanager.com/ 		295 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41d6e8b03d34634319423f3acd2d542c43acfaa3213f161727c4e9b86c579914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100837
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 09:11:37 GMT
sdk.js
connect.facebook.net/de_DE/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70369e2deafc7a0d15ce6e4988feda5538fd3555ad0e2b977b9d47d1387b4a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 May 2024 09:11:37 GMT
content-md5
Yahit+fECVD5s+v5+ozXVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=13, mss=1208, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
J2PqZ8YNLuLDv1eYNGMBpw9aGA1jWkBtBq0nm3rx4wAjdc4KWK1NNua/6aZQ0cxNz14MPEkg7G9OxZKsNnLysg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
fa7e486b40d60fc7acf7a548b28b3018
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"3232f4c0a3e918dd2daa8604919962fc"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 17 May 2024 09:19:38 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 09:11:37 GMT
Content-Encoding
gzip
Age
1198
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/6738)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gibson-medium-webfont.woff
www.2xweihnachten.ch/assets/fonts/gibson/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/fonts/gibson/gibson-medium-webfont.woff
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
c19bb0d72e07f345c35f939da5664fee9efa22b68d08480abaa027dfb5696bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4DSWQ75W0215A4BDP5E4
date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"215eb4b6279c4277614f778b07d1fcb3-ssl-df"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
gibson-regular-webfont.woff
www.2xweihnachten.ch/assets/fonts/gibson/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/fonts/gibson/gibson-regular-webfont.woff
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
5216538991df7fb0d1e5e55fd185a805e3b00a795058dd466f4713ead1f8a4e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4DSW4VHAJNC542RV1RCS
date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"44616e3d8128316d13a641d209979853-ssl-df"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
sdk.js
connect.facebook.net/de_DE/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=6c2c2aaf9864a80e3d3edfbc189964de
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
97e043ee1f733cc967c475ff757f07b20a0c4b11a5f94998cac358bf455cf348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 May 2024 09:11:37 GMT
content-md5
XNfcz87FMU0ive087Bd2XA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89119
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4301, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
xSH2UCkFGV2PJ2QWsH1hjxFcgQDUkaLckd0KZNCMvSMsJpr6W+3lN5cM41luUdWCooLisDBezwo7s1qtgV0alQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
baa9adea7c994d045d41ae3d211d94ea
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"c91d2aa52235225afb3d85115e0e0e94"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 17 May 2025 06:48:41 GMT
languages.json
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ 		86 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
925914f519063ebef6984ffff2efe62f52b5c4727f2ced03ac5f91d64c7baf73
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ABPtcPqFHfsyOuzEcuI8bMBBApIjDQHpc9dn_RZgR7LKX5OHVOF7vVFApJkXjkx2S98JtuO0HbE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
last-modified
Wed, 08 May 2024 14:17:59 GMT
server
UploadServer
etag
"9c2034bd03eb1c6658bedc4cb3719958"
vary
Accept-Encoding
x-goog-generation
1715177879339215
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=uCpgCg==, md5=nCA0vQPrHGZYvtxMs3GZWA==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
77
accept-ranges
bytes
expires
Fri, 17 May 2024 09:12:37 GMT
languages.json
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.2xweihnachten.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 09:11:37 GMT
expires
Fri, 17 May 2024 09:11:37 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ABPtcPpvYnoDJNMp68002ve2D81i1fKpWgzr2u86ZueOwhX5pPjN4FQitGObmjBtZ6UgNyhrccM
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame D1C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.2xweihnachten.ch
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4597855
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 09:11:37 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
js
www.googletagmanager.com/gtag/ 		280 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8R7RXSFQEG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2980a821ca3c3109a4bc155b11430ac24ce69c5aaf069ff293d2cb1bd39b2de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98834
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 09:11:37 GMT
destination
www.googletagmanager.com/gtag/ 		241 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-479192961&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96caecb9d0d356db4aa5d630b3115b80ff625d039904cf79ab85532f5da29b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87259
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 09:11:37 GMT
destination
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12086158&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82d8e2c64e2db16772d93ffa4a1cfb7c138f9071c103904d1e3e525acec094a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76539
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 09:11:37 GMT
gx2spz5bhc
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gx2spz5bhc?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
153a2d327976bab543b4c8170f1b3613a2f82447f8badb86f359e616d49e86c4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 17 May 2024 09:11:38 GMT
x-azure-ref
20240517T091137Z-17685cdbdc79rt2w9s0pvu5kec00000003k00000000024ws
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
fbevents.js
connect.facebook.net/en_US/ 		218 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 09:11:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=21, mss=1208, tbw=6607, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
eUWkIv+Gvu8Okm4P+pcgAfVRaTwNEhKhJkhZiG9BCnmEGIRy5fyZk7P9ruQ9AVhePHtpqPKZpX0qZSkKDuxjvQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE8TB0JC77UA05OMUPR0&lib=ttq
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.40 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ba753c5b0d52cc49451a0e5b7ef8c6ab12f742311446330d217e29c62067fcde

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
9d3595e.3436fc50
date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240517091138C66051402737F533D360-7DD0BF851CF82924-00
x-cache
TCP_MISS from a95-100-146-36.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
101,95.100.146.36
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=7, inner; dur=4
content-length
1378
pragma
no-cache
server
nginx
x-tt-logid
20240517091138C66051402737F533D360
x-cache-remote
TCP_MISS from a23-48-200-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.48.200.168
x-tt-trace-host
01a5c82cc0ab1129b208d1e459d885fefaf271cfae81b3aae7b051f5ed646ca969627512e57324ea1629a2c538542664417e75c564963c7c55a5d21d0fa46a0e792f1409d534ffcfac31036d79a6775aa03903ac9fbb5739318a130368ae22047b3fc0e2b8c9dfdad454145f7306f4d62a
expires
Fri, 17 May 2024 09:11:38 GMT
mtiFontTrackingCode.js
www.2xweihnachten.ch/assets/javascripts/ 		671 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/javascripts/mtiFontTrackingCode.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/assets/javascripts/main.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d4f287c2fb699469e5d1047900f29d8057f599b5069a4f17ad97f3f560e35785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/rm/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4EEC8A07PNCHASV7S8MY
date
Fri, 17 May 2024 09:11:38 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"24003314e4575daedaac2ac8eedb00ed-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
671
share_button.php
www.facebook.com/v2.10/plugins/ Frame 125B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.10/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd5c5687008ab24ae%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Fffa9b324bac8a4fc8%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fwww.2xweihnachten.ch%2F&layout=button&locale=de_DE&mobile_iframe=true&sdk=joey&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=6c2c2aaf9864a80e3d3edfbc189964de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 09:11:38 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1208, tbw=19228, tp=-1, tpl=-1, uplat=191, ullat=0
x-fb-debug
pzxaEf4dPjPF3XcqRQ7v3oI2YpOWTRrXbGa3raIcxRKZGmGuAh5ULmu0RqBLW0iegk3KwlDztq53sWqQAm/SQQ==
x-xss-protection
0
page.php
www.facebook.com/v2.10/plugins/ Frame 278B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa1b1bb0d7d122f33%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Fffa9b324bac8a4fc8%26relation%3Dparent.parent&container_width=390&hide_cover=false&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2F2xweihnachten&locale=de_DE&sdk=joey&show_facepile=false&small_header=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=6c2c2aaf9864a80e3d3edfbc189964de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 09:11:38 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1208, tbw=2837, tp=-1, tpl=-1, uplat=157, ullat=0
x-fb-debug
eh+fmQRUXKHPmxFEzWbT2MFQbDb9vwGgKK4Xwck2dS7jz8JqXnAYJVYIx3XTdGlAnUvO3FnkkNWirf3g74K7aQ==
x-xss-protection
0
Abi_Lbadaoui_querformat.jpg
images.ctfassets.net/9nz7ww8rgw8c/5qMTycaHl32KiH9AXXVDct/570e364785c9114324d82c0c6d1daaa1/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5qMTycaHl32KiH9AXXVDct/570e364785c9114324d82c0c6d1daaa1/Abi_Lbadaoui_querformat.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2266f44385c1337837b7ef108a668da3a3d829063e1fc7c6d4f54284360458f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 04:26:35 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 10:40:55 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
53373
etag
"1bd3817f29967cfd9a5cfde82052f994"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
1127852
x-amz-cf-id
QnrxmaDJb7gl1yJ4MjHgt-e7pENmbw3uN9moVa3TDNpKMkqt3ZZxRw==
14_Valya_Poghosyan_2.jpg
images.ctfassets.net/9nz7ww8rgw8c/16qkaKKAYPyVSqYBAvJ3Tq/61f7134ad1e35a06d863544f696aaf6d/ 		20 MB
20 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/16qkaKKAYPyVSqYBAvJ3Tq/61f7134ad1e35a06d863544f696aaf6d/14_Valya_Poghosyan_2.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
7ab2ea8fd27fef64c455115e17f1932f0710ddce3f74455c11820b826d76154f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 04:26:35 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 26 Nov 2021 10:22:50 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
54721
etag
"6b6f6406fa4b81063064d62379eb2f06-4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
20761000
x-amz-cf-id
9mcUHsnc2kZ0HJutuhkER5qfX9DaVgV3Zbi5jt7Gw5sJ7mFYdj-ecA==
01_Ursula_Luginb__hl.jpg
images.ctfassets.net/9nz7ww8rgw8c/2uY5T1us1umHqdVwepRWuB/99e362eb7551b488b2f819e3f8aa7ffe/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/2uY5T1us1umHqdVwepRWuB/99e362eb7551b488b2f819e3f8aa7ffe/01_Ursula_Luginb__hl.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a557931c2ecdd87b97095ee3a4fb001acc6715a5616495f665d3112744389283

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:12 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:36:15 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72327
etag
"2393e4df8b3b181ac39261dc193086d3"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
88767
x-amz-cf-id
nvM6TpGQHTqPBmIj-jZvMdVtvzEHTzG7IQq-LUUfXLE7VFifa310ug==
15_Jina-Sargizova_2-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/7jd3ReEW7mHbJ5CtiFrQY0/e01e5482de8337eedda76ce09e5271fa/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/7jd3ReEW7mHbJ5CtiFrQY0/e01e5482de8337eedda76ce09e5271fa/15_Jina-Sargizova_2-_1_.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
e8754bab8aebc724a2e6478e9e2a69b686e99dbe63286b8198e3abeb4a2072e5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 16:24:13 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"e41d106a18bd5c25500ea344a37e14f1"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
108752
x-amz-cf-id
Dba78-ML_cEhQqnXqKTP6XsvAr0xzS9e4DGnMlUJn68rFsQVJi5OZw==
21_Silvia_Arthur_Bosshard.jpg
images.ctfassets.net/9nz7ww8rgw8c/481MPn1YakMbSs45BipAcy/83b1eb303844781f4f6a8f53732ab118/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/481MPn1YakMbSs45BipAcy/83b1eb303844781f4f6a8f53732ab118/21_Silvia_Arthur_Bosshard.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c8bbcf66989e3dee7dea54901c79a7b05520785f5ace119cd665ddc25cc2ca2e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 16:36:51 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"d9ffa6a27fdc117a4b0446490800f74f"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
127054
x-amz-cf-id
HGvfFVRV0Wa8mRcnNnfwG9i3PMUsbL29l-fX1uyicArWFogHJL_uog==
06_Philipp-Wyss_X3B8983-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/3hVzQjfgN04vc0Q77CYcoQ/ae7ff8474dc71c307b3137731ecab21e/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/3hVzQjfgN04vc0Q77CYcoQ/ae7ff8474dc71c307b3137731ecab21e/06_Philipp-Wyss_X3B8983-_1_.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
702b84fac5e859748def23a4eae23892deb98f543876b89170cab0ba021de941

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Wed, 22 Dec 2021 13:40:04 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"ed82208e82afef98bad4f32a36a47a94"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
146461
x-amz-cf-id
q8g-Jfc0EKT8KNgGhOyN2--0UHbfko0l8xNv3L7saPia-zOGLzUB8g==
23_Pascal-M__ckli.jpg
images.ctfassets.net/9nz7ww8rgw8c/6FlCBXbopOie3ifhxVj6xT/3bc62621b99c60bb11422e3e14ac0d6d/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/6FlCBXbopOie3ifhxVj6xT/3bc62621b99c60bb11422e3e14ac0d6d/23_Pascal-M__ckli.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b7063a6b78377a64df7a8eef4bc2bed3579b50a92ad09c49928d25f68a1336ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 16:18:02 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"b4e34743e20aa7efe219aa8dbd52116e"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
51954
x-amz-cf-id
Q-xm0LuOjgjDxyInOEEUxr7FMHoxhm7XhLFqhpcf-rzwcrKcwGGH3w==
09_CarlaNorghauer_quer_2.jpg
images.ctfassets.net/9nz7ww8rgw8c/1RN9jvsCAZIs523SubxxTZ/83000105190a8b10de50349a959dedb9/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/1RN9jvsCAZIs523SubxxTZ/83000105190a8b10de50349a959dedb9/09_CarlaNorghauer_quer_2.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
7e1eac13f53887711729c482a796cf09cf82359b4c16a94dd3bc1744accd9a00

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:30:28 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"95b86f2cb6452f44d8949506eb442ed9"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
88284
x-amz-cf-id
GKOq3p0jSoYQbSJTr_Pt3fuWLrYeC1CZsJzBtyLI1Ng-6HvJ3sfvqA==
08_Gilbert-Montavon.jpg
images.ctfassets.net/9nz7ww8rgw8c/aFVuuj38YqZ9ntg9IRDuQ/6c69eb9eb9c7ed58aec132b9df33070e/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/aFVuuj38YqZ9ntg9IRDuQ/6c69eb9eb9c7ed58aec132b9df33070e/08_Gilbert-Montavon.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
f474550de1e03d58f1d19a2d95b7d12781ed5752886a2639be1ddda8e5172c70

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Wed, 22 Dec 2021 13:45:38 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"08a664eb9fefbb5b53171c4e4844b4a0"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
128542
x-amz-cf-id
lYVQwrYndq45oEsjiTLKb_T6jHi2a3aPuSPSIhrZVIXaCJS_W5j9Ng==
01_Kerten_Kr__ger.jpg
images.ctfassets.net/9nz7ww8rgw8c/4lGc0sAkM4KONDkOjGZApL/66067161e461bc42e9460bb45a63cfb0/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/4lGc0sAkM4KONDkOjGZApL/66067161e461bc42e9460bb45a63cfb0/01_Kerten_Kr__ger.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
230edc85fba60b7e535f3304bd4c501efbba20e6db22600955226210a73bdd03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:25:31 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"f97f900959c3915d5a6e7d28dec2a065"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
154108
x-amz-cf-id
qPPshaJ3S6hSKu7zwrq_9NwW9H9b7LY2Y70Cbvnm9i8ShcC8ItiJhQ==
11_Jean-MarcRichard_quer-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/4PX0f8Q7VBwq78BG3vDAIt/dfba8147df72fe0ec0a3b7e56bd55c51/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/4PX0f8Q7VBwq78BG3vDAIt/dfba8147df72fe0ec0a3b7e56bd55c51/11_Jean-MarcRichard_quer-_1_.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
11c356ed33d2ed32d9acdeedeb2b5fef41b7211442091c51fcd23a4f5be0b25f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:13 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:33:43 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72326
etag
"63f028ef5ae38c7d0a611949a05fb06d"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
74248
x-amz-cf-id
vPo1nvrA7wMfAttSsYxARxeg1XU_ZAd5devFvvsY_EzRojHS-vlrxA==
Samira_Schlatter.jpg
images.ctfassets.net/9nz7ww8rgw8c/5outClq3gz34WvsyKY4qvw/8936373ee44f77d25fb6b6eb72470e76/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5outClq3gz34WvsyKY4qvw/8936373ee44f77d25fb6b6eb72470e76/Samira_Schlatter.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0b7ded52919ddb0fe85579298b5a0945168c309e49001a1bfa9cdc9b8fe36c97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:28:59 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"90fde45bc861a3bf2afdd8d049fdb324"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
126900
x-amz-cf-id
ZDSPeC2s56QWmqqiJz1kgxvqXPez8pqsptY0WbP1SQsjC-aN7NHxgg==
M__lanie_Freymond_Portrait.jpg
images.ctfassets.net/9nz7ww8rgw8c/5wN2FAsusmJMANMVSUXlwF/beb1182177b9382c7f5a0b7f43ce30ea/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5wN2FAsusmJMANMVSUXlwF/beb1182177b9382c7f5a0b7f43ce30ea/M__lanie_Freymond_Portrait.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
373e48505a545e861cd1109ab7f8a9afd2ce03556981a0c524e3182327676b15

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Tue, 28 Dec 2021 15:37:26 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"24b79f57e2ecf66024ce50c2f2ace4e4"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
228646
x-amz-cf-id
uBHveaFyCq3WNCko7LmoEUnWxxhTgCb12XMX0eR7BDBDgaOkBl_hHA==
07_X3B9337_Doris-Leuthard.jpg
images.ctfassets.net/9nz7ww8rgw8c/1VVEH9Ro3jK9ZeRyqMpQjt/4399b7d8028759785c42748e41719bbe/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/1VVEH9Ro3jK9ZeRyqMpQjt/4399b7d8028759785c42748e41719bbe/07_X3B9337_Doris-Leuthard.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4a6c4895284f7e0be73851d3eed451fc1cacb2ad4736ed73f5c9c4151b39f0a3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Wed, 22 Dec 2021 13:43:08 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"db1a55da77b876d0afe5ebafb34871bb"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
150783
x-amz-cf-id
3jwBjk3EUdu4u4SIJH2BpqIEDqwJTqTUebaS0nWtOkUoJoeMAc7IXQ==
Linda_F__h_Portrait.jpg
images.ctfassets.net/9nz7ww8rgw8c/3cBnRq6MBlUHVho9nyA1Qb/d99db1fb358c5da4c3907acfce1b17f0/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/3cBnRq6MBlUHVho9nyA1Qb/d99db1fb358c5da4c3907acfce1b17f0/Linda_F__h_Portrait.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
dce7a1990586d3fd97ccc08d16abf1524307a77df2a5e2798b5b66dd1f2d4d04

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Tue, 28 Dec 2021 15:34:26 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"502bd52203e0b1bb8f69841f7a165a34"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
223202
x-amz-cf-id
khQHzU5QS-gA52Y81wOp_Aiv_4VF3bJmdDS6rMICPR-FR8rmg2Ywfw==
Tristan_Esseiva_hoch-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/6VTGYao7JxEiBCHs9C3xjn/ed42fb25520f278bd9f974eb69e48e30/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/6VTGYao7JxEiBCHs9C3xjn/ed42fb25520f278bd9f974eb69e48e30/Tristan_Esseiva_hoch-_1_.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
705978ece57bc92b7928e87defdabb5695fe92c45f56373e6d6b0b9ac64e57f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:27:19 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"eeeba2d31ea676bea2a7cf028a666b55"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
63681
x-amz-cf-id
IWtuXCLupE-LS30wxisDlnmiu2CXeQdvHPMvopzGyuDfd_9Yk6-o3A==
Silvia_Bosshard.jpg
images.ctfassets.net/9nz7ww8rgw8c/2Zy9GRg2VSpIuqEuFYstfW/647d61c1b7abadd163521c0bba6f881e/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/2Zy9GRg2VSpIuqEuFYstfW/647d61c1b7abadd163521c0bba6f881e/Silvia_Bosshard.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
63b4d00f7e88d4c69629deab2eaf5f1120d49e02e9d807b2d9ba6925091749f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Wed, 29 Dec 2021 14:37:09 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"9fcffd024377de3a4502ea87b76dffc3"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
185010
x-amz-cf-id
Jh5CuzcXcTdZFo2TxuFe1SPMczbfgERJgU7O4pp5eflv2vgM-bzuXQ==
10_ToniPoltera_quer.jpg
images.ctfassets.net/9nz7ww8rgw8c/59ZN0Ws4GhMq0mMXLGny3h/a36b2d6adb640a289f7e4d3fdd1ba77a/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/59ZN0Ws4GhMq0mMXLGny3h/a36b2d6adb640a289f7e4d3fdd1ba77a/10_ToniPoltera_quer.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
36ca6086bbd619cb4a8aa383480359083f56c577fe7d6a90d0e2f8b6de9441f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:32:31 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"2c9a412558c4fea945e5c53851cdb9d7"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
37682
x-amz-cf-id
a9VG2vEKuHnCXZq2GYUkKeSi628VTDPgIh8w1eJf7mo_SAfhnWlHdw==
13_DorisRothen.jpg
images.ctfassets.net/9nz7ww8rgw8c/URsgmyHyrdIhqtnBNI3nK/aae7a1d4a0d5618987d5579c42469dfb/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/URsgmyHyrdIhqtnBNI3nK/aae7a1d4a0d5618987d5579c42469dfb/13_DorisRothen.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
9cf0bfbdf8164a95502ff8e1d059e7eb5847d7ae8fc12433b095e8c99de4eab5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:58:30 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"b02d3c59bdd266fa96c5933108d8e779"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
130664
x-amz-cf-id
4URDHiFkLV1BiMaOe-BIMM98ALbzHcWe_I252Jxl_aAivd7PZPwYag==
12_DanielFohrler_hoch-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/5OD1dtKa5rmZbtBdrCPT6Q/aa5abec61e3e54005d7db04725caffd7/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5OD1dtKa5rmZbtBdrCPT6Q/aa5abec61e3e54005d7db04725caffd7/12_DanielFohrler_hoch-_1_.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
e2df0d10eb100b81daa06c74bf17c3d613647d2222a7ac8a1d5892f6ed7f41c4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:14 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 15:35:03 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72325
etag
"32918aa3dda276072dd297fa4f0e165f"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
102274
x-amz-cf-id
1o_R2P3vbpkxW2rIogdjEg4L9UyJoTshp-JKy2UlB3CNL7Iao5UMQA==
Foto_Christoph-Ditzler-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/5d3cMhmvjV2Y0ncVVRJje1/a1c34f244726b8420f16f480a047ef3a/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/9nz7ww8rgw8c/5d3cMhmvjV2Y0ncVVRJje1/a1c34f244726b8420f16f480a047ef3a/Foto_Christoph-Ditzler-_1_.jpg
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
27727268e956a5b856b91a47ed8d906b568df9e49aceb2cf04ee1cf0df65512a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 13:06:15 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 16:04:47 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
72324
etag
"dc4f3a1adcec880a9340f25020b1df84"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
105859
x-amz-cf-id
ycYpyju-LA0purqRpeWR5Nit0HZRlS8JzDbqVNAYE88tbsUFgyhQdg==
gibson-semibold-webfont.woff
www.2xweihnachten.ch/assets/fonts/gibson/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/fonts/gibson/gibson-semibold-webfont.woff
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
698578b0b53f330c214271449273a190d45dbf7f3f9227dc077618e92563c6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/assets/stylesheets/main.bundle.css
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4EP3ZYZXKMG2X52DHWWG
date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"c29fa9d8d9ffe4499b08bfc181fca1a3-ssl-df"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
en.json
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ 		27 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/en.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
70debb26ab16499454bd7b2f229c202c246bebee44b6e16b558564d0fb7bcab5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ABPtcPqe-3-VUsIlU9H1_Mx_BzdjoTf4bXT2EX52IITS5X-bIDC8c-I9WdfK9sm8_9t4o-UD0D0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7468
last-modified
Wed, 08 May 2024 14:17:59 GMT
server
UploadServer
etag
"21b55392d83ad96bdece0145dd26f025"
vary
Accept-Encoding
x-goog-generation
1715177879344404
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=CkyQLQ==, md5=IbVTktg62WvezgFF3SbwJQ==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
7468
accept-ranges
bytes
expires
Fri, 17 May 2024 09:12:38 GMT
en.json
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.2xweihnachten.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 09:11:38 GMT
expires
Fri, 17 May 2024 09:11:38 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ABPtcPqrN7oiRWcYZnewlVQ261VutwMcmUS_UksXA9Ttq1kvo-qEUDnMY5qXAGAmmjTs0Q6is0s
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 09:11:38 GMT
Content-Encoding
gzip
Age
4604735
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/6738)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R7RXSFQEG&cid=1803868661.1715937098&gtm=45je45f0v872550980z877474803za200zb77474803&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.168.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wh-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.2xweihnachten.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R7RXSFQEG&cid=1803868661.1715937098&gtm=45je45f0v872550980z877474803za200zb77474803&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=255136397
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/479192961/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/479192961/?random=1715937098469&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-479192961&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e40f78f0e3eb47a6e91298eafae4862acadc34f5afd14af704fc09245d650ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1632
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/?random=1715937098483&cv=11&fst=1715937098483&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-479192961&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
019891d475428e68363d644ff7ecb4c148a1e905cd084dc6f9ff8494f1e9b19a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1602194843373061
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1602194843373061?v=2.9.156&r=stable&domain=www.2xweihnachten.ch&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
6e0e958e27bb3eaf4b03d1062ef30a83e0e38d8cdec9bf9b423819d79f6571ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 09:11:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4624, tp=11, tpl=0, uplat=131, ullat=0
pragma
public
x-fb-debug
h+V/aCHaqRBHEUaAex8aV+nQgt4Y/mh6VhYSOVsCtnQNALFNqlTeaxsO1wsX9Cu98XK585AOzk12VO48CP8+EA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CJKW--mrlIYDFY9OHgIdCn8BSQ;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%252...
12086158.fls.doubleclick.net/ Frame 8C56
Redirect Chain
  • https://12086158.fls.doubleclick.net/activityi;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%...
  • https://12086158.fls.doubleclick.net/activityi;dc_pre=CJKW--mrlIYDFY9OHgIdCn8BSQ;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=C...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12086158.fls.doubleclick.net/activityi;dc_pre=CJKW--mrlIYDFY9OHgIdCn8BSQ;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181812421z877474803za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12086158&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
385
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 09:11:39 GMT
expires
Fri, 17 May 2024 09:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 09:11:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12086158.fls.doubleclick.net/activityi;dc_pre=CJKW--mrlIYDFY9OHgIdCn8BSQ;src=12086158;type=visit0;cat=post_0;ord=1;num=5179275204100;npa=0;auiddc=281327421.1715937098;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45f0v9181812421z877474803za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
main.MWNkMWZjOGNjMA.js
analytics.tiktok.com/i18n/pixel/static/ 		411 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE8TB0JC77UA05OMUPR0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.40 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dee7b7f5bd454fc7b52f623814a23be6e9bc6b191ffb1b14a8202ce10d6813f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
343708b3
date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405091220193F462D85468CB0D10C4E
x-tt-trace-id
00-2405091220193F462D85468CB0D10C4E-4B242BBFD8259BF5-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-36.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018befa628bf870d8d401a6bf128c41342567c2017432baf08729f0335bd26c386857a53fe124b4a8366c9a9be86ae38ae3f6cb772a74fe2c1a3c3e0018f6f6f05a9d0d03f374fd6f21d5b692ef7e979d2a8d5287a8a0ae36727c76b41582aae2c
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
111346
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gx2spz5bhc?ref=gtm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:38 GMT
content-encoding
br
last-modified
Wed, 15 May 2024 22:34:27 GMT
etag
W/"0x8DC752F2DBE4631"
vary
Accept-Encoding
x-azure-ref
20240517T091138Z-17685cdbdc79rt2w9s0pvu5kec00000003k00000000024xe
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0a180275-501e-0029-029f-a710af000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
1.css
fast.fonts.net/t/ 		0
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=undefined
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:39 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
9VP7J7B1HE39NQ70
age
141076
content-length
0
x-amz-id-2
jFOJDuXMR2fRNKt0DLY5dXej1FL3w6aJjXEKhcbjbji+u56nHirI2AyhUYCRPtM+ywr9cF1CCbc=
last-modified
Tue, 23 Mar 2021 12:59:23 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=0, s-maxage=604800
accept-ranges
bytes
cf-ray
88527b34ef620e80-AMS
x-amz-meta-mtime
1519217722
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame B4AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4604726
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 09:11:38 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6793)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715937098597%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d872d5136e50286799b2a5e91dda0c9a4fa3878d
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
116
date
Fri, 17 May 2024 09:11:38 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 17 May 2024 09:11:38 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
3a425398400db5e2
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
c68e09fc7424727def39229d3b4f5ccaeab607d63473bb979339c3cbba10a346
content-length
43
/
www.google.com/pagead/1p-user-list/479192961/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/479192961/?random=1715937098483&cv=11&fst=1715936400000&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqrlA7HHbzwGnpZEeC_ebNRlGNAZqJug&random=3145036659&rmt_tld=0&ipr=y
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/479192961/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/479192961/?random=1715937098483&cv=11&fst=1715936400000&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqrlA7HHbzwGnpZEeC_ebNRlGNAZqJug&random=3145036659&rmt_tld=1&ipr=y
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1px.png
app.usercentrics.eu/session/ 		489 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=3NnzKkP7Sdg38D
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 08:41:48 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1790
x-guploader-uploadid
ABPtcPqkrZVKjNxMTUOMwEPEPZ3UjEIcupmvvTdKRAbcyet1tOzhKEoxYBpTr1qBk9CXzGEU-41GjFeG4E1Gq7I
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Fri, 17 May 2024 09:11:48 GMT
DefaultData-04a7a533-89fe282a.js
app.usercentrics.eu/browser-ui/3.42.0/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultData-04a7a533-89fe282a.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:05 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPq37_icCWfp5b76AosYpqq-7Rxn2J1UrDSvZ4usm8fblLwTeVfDx2uaROdYCBRIQNDD5bY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Tue, 07 May 2024 10:37:18 GMT
server
UploadServer
etag
"47412d5dcd6b0e81696e911c4f364f29"
x-goog-generation
1715078238807528
x-goog-hash
crc32c=9AhYAA==, md5=R0EtXc1rDoFpbpEcTzZPKQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
969
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:05 GMT
3321229921329107
connect.facebook.net/signals/config/ 		31 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3321229921329107?v=2.9.156&r=stable&domain=www.2xweihnachten.ch&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
2f14cd3085521c1973caab7781ba0d4c5e4f5b834fa1c40c3a9c127b806ce164
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 09:11:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=1, c=4, mss=1232, tbw=20029, tp=27, tpl=1, uplat=128, ullat=0
pragma
public
x-fb-debug
wbV3n9jpYXWpG13lnojK37eqQkiSeHInOsqiodbApnCqv9oHD9Ne0trH5My7gfHpM9emxUTquwbMGEdG+BdCSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1602194843373061&ev=PageView&dl=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&rl=&if=false&ts=1715937098721&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715937098719.1183599339&ler=empty&cdl=API_unavailable&it=1715937098497&coo=false&rqm=GET
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1208, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 May 2024 09:11:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.ch/pagead/1p-conversion/479192961/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&...
  • https://www.google.com/pagead/1p-conversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=12...
  • https://www.google.ch/pagead/1p-conversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=120...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-conversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&value=0&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI1rLf6auUhgMVD0-kBB0Wxwa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vd3d3LjJ4d2VpaG5hY2h0ZW4uY2gv&is_vtc=1&cid=CAQSKQB7FLtq0WmLqF3hU8qwYpM1Au4sga_AkJwv1jJAE87WWnMyxfaH_4If&eitems=ChAI8ICcsgYQlO_xufGT7ukJEh0A1ALk3Yy-cfXCs-iXnHbZOE4hgaIyehHNnM6Www&random=255910248&ipr=y
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:38 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ch/pagead/1p-conversion/479192961/?random=1448838607&cv=11&fst=1715937098469&bg=ffffff&guid=ON&async=1&gtm=45be45f0v892311264z877474803za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Gidar%2C%20la%20resposta%20%C3%A8%20gea%20%E2%80%93%202%20x%20Nadal&value=0&npa=0&pscdl=noapi&auid=281327421.1715937098&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI1rLf6auUhgMVD0-kBB0Wxwa9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vd3d3LjJ4d2VpaG5hY2h0ZW4uY2gv&is_vtc=1&cid=CAQSKQB7FLtq0WmLqF3hU8qwYpM1Au4sga_AkJwv1jJAE87WWnMyxfaH_4If&eitems=ChAI8ICcsgYQlO_xufGT7ukJEh0A1ALk3Yy-cfXCs-iXnHbZOE4hgaIyehHNnM6Www&random=255910248&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translations-en.json
api.usercentrics.eu/translations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca61f2ecdd14c962119c00d8eb5f4912e6b400b4817e41fd27a3765fec580c00
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 May 2024 22:59:54 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
36704
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ABPtcPqg-eZ2czW4x9WEwpkczUimwaEbIlDxNpZfQCyjkdS4w-3106xVaG2PuWRuzuxDgUlJswE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2381
last-modified
Tue, 30 Jan 2024 11:24:22 GMT
server
UploadServer
etag
"0e39091b5f26b176be963400041c98f6"
vary
Accept-Encoding
x-goog-generation
1706613862451010
x-goog-hash
crc32c=VhV9Rg==, md5=DjkJG18msXa+ljQABByY9g==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2381
accept-ranges
bytes
content-type
application/json
expires
Fri, 17 May 2024 22:59:54 GMT
translations-en.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.2xweihnachten.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 09:11:38 GMT
expires
Fri, 17 May 2024 09:11:38 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ABPtcPqGO2G6la4OFp7Z4VGO1G3WBMLBKsmQb_Krd4uy29vdHqWLtD6sMCC_Z5PMA7gqfEIlcxM
DefaultUI-28d0653d-cedf4285.js
app.usercentrics.eu/browser-ui/3.42.0/ 		2 KB
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultUI-28d0653d-cedf4285.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de677fcd831a387a1037fe0bc92f1b588daaaf14e9d345f3db6fd7e39d07bb9f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPpTXlrg5Ud7y0VFfbHBS6f3hnaThHLhaW3Oajqn0vmphi2EGwoUEflp2RLSeQ_awW4BmS8
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
760
last-modified
Tue, 07 May 2024 10:37:19 GMT
server
UploadServer
etag
"ce980ae961f65f15201dde0ccb0e8135"
x-goog-generation
1715078239261811
x-goog-hash
crc32c=nboT0Q==, md5=zpgK6WH2XxUgHd4Myw6BNQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
760
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3321229921329107&ev=PageView&dl=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&rl=&if=false&ts=1715937099117&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715937098719.1183599339&ler=empty&cdl=API_unavailable&cs_est=true&it=1715937098497&coo=false&rqm=GET
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=1, c=7, mss=1208, tbw=3155, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 May 2024 09:11:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
identify_93546.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.40 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
34371587
date
Fri, 17 May 2024 09:11:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240508162132A0D6B7841F621DD9E667
x-tt-trace-id
00-240508162132A0D6B7841F621DD9E667-70C756FE34F66FC3-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-36.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018d5bc42629b6c34ba885c13b9b8763a7a344b7c14bab807f1afe93fb47cbbda60ef67d89b7473f189b504b20d03b690032a53a8fef3b3e59b323f80076339f0d90d40ae3978b4cfbeef2ad301653887b773223c76a1464aa0ffc4ff6ac332e94
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
37047
pixel
analytics.tiktok.com/api/v2/ 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.40 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
60ede36.343716b8
date
Fri, 17 May 2024 09:11:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240517091139D5C01D93B9F2C3106E88-2EA35C81772A1D5A-00
x-cache
TCP_MISS from a95-100-146-36.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
156,95.100.146.36
server-timing
cdn-cache; desc=MISS, edge; dur=137, origin; dur=34, inner; dur=29
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240517091139D5C01D93B9F2C3106E88
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
34,23.220.104.8
x-tt-trace-host
01a5c82cc0ab1129b208d1e459d885fefaf271cfae81b3aae7b051f5ed646ca969fda61d537ba1de0be0fc90e6c546ce82d892af41ecd32de15751dc02c18fc36b2570e0ec9b524356810e540bb3c0978b592d09c67ba72cd68bb1856e261ac0da3107f2db31207fe46c1d99f74a31faab
access-control-allow-headers
Authorization,*
expires
Fri, 17 May 2024 09:11:39 GMT
FirstLayerCustomization-592960c4-b94d83e3.js
app.usercentrics.eu/browser-ui/3.42.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/FirstLayerCustomization-592960c4-b94d83e3.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
08979d805f74b296598422b81a04d9c28f967fe1119c85a8cda546fbfc8ea681
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultUI-28d0653d-cedf4285.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPpg-mkhJIelS0CsuCS2hX1RVdlO5SeJWwFgpHmRGPvth4jWIh8Xd0MUKZRfIYgChdHsnDU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1083
last-modified
Tue, 07 May 2024 10:37:19 GMT
server
UploadServer
etag
"27a062ee9b4b80c6ad33415ea2395458"
x-goog-generation
1715078239746449
x-goog-hash
crc32c=dnqOQQ==, md5=J6Bi7ptLgMatM0FeojlUWA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1083
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
ButtonsCustomization-390db6f0-1b2010cf.js
app.usercentrics.eu/browser-ui/3.42.0/ 		473 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/ButtonsCustomization-390db6f0-1b2010cf.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c59c67e371590615365dad338299f0ee7116a571d4a049c41d0201721e0d266d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultUI-28d0653d-cedf4285.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPrgWo62WojqPzGxLmkXnnlYcewtV_Uqg_Fx-Z2TCUCTa1sbSzNjherJZwGHQScPNmvXA1I
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
last-modified
Tue, 07 May 2024 10:37:18 GMT
server
UploadServer
etag
"d38b45705588c14e90ae6bd4345bed26"
x-goog-generation
1715078238119700
x-goog-hash
crc32c=17oFVQ==, md5=04tFcFWIwU6QrmvUNFvtJg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
235
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
SecondLayerUI-32256ebc-4d7a58bc.js
app.usercentrics.eu/browser-ui/3.42.0/ 		577 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/SecondLayerUI-32256ebc-4d7a58bc.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54795ec7d81b386fd21fc0b81a67ce4bfcfdcbc28d8905dc6b31cfebea81992e
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultUI-28d0653d-cedf4285.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPr6X2zKwl-Yz_WQ161cG9NL8w2SH5cImUwMRZaHNXyUoyRmE_v2PJR2R8XknAk74Iw8BpI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
last-modified
Tue, 07 May 2024 10:37:20 GMT
server
UploadServer
etag
"688d3c978c87f15401aebdb4c3c9880d"
x-goog-generation
1715078240694915
x-goog-hash
crc32c=ROaV2A==, md5=aI08l4yH8VQBrr20w8mIDQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
322
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
collect
r.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.2xweihnachten.ch
Date
Fri, 17 May 2024 09:11:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Taglogger-db62db37-5f84f00b.js
app.usercentrics.eu/browser-ui/3.42.0/ 		1 KB
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/Taglogger-db62db37-5f84f00b.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPoHOpdfpbvhBZe-B73Q3Sm6ftRJBEVIaXKBQVGk9kdTwZnoqdolcuNrGFpJjrF7rNuuiMY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
689
last-modified
Tue, 07 May 2024 10:37:21 GMT
server
UploadServer
etag
"7bcbc624c0ef7c8ef91c0dc8d590c9cc"
x-goog-generation
1715078241159496
x-goog-hash
crc32c=yI+Oag==, md5=e8vGJMDvfI75HA3I1ZDJzA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
689
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://www.2xweihnachten.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 17 May 2024 09:11:39 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
15acf6eab72e3ce7b0b30aad1b3a931d
3
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
78 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://www.2xweihnachten.ch/
X-Request-ID
c860f6d5-d75d-49eb-b118-b8aa34fccfd3
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:39 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
199e17f50be751ad9b3c13f6630c6ede
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PrivacyButton-8cc062dc.js
app.usercentrics.eu/browser-ui/3.42.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/PrivacyButton-8cc062dc.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6ed57528e4162443c7b65911a3a9ca969f670d9266d76e64c6898d421072bc9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPozE0VJb8X05Cs5u6QfTtwT4ZFdkR6lGtoq5fBnNPJVLfsh0evtXLse1nZTPysC7GbFTtw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2449
last-modified
Tue, 07 May 2024 10:37:20 GMT
server
UploadServer
etag
"1940a9a290a8f5c63595cdf89caf6768"
x-goog-generation
1715078239987494
x-goog-hash
crc32c=x7PHSw==, md5=GUCpopCo9cY1lc34nK9naA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2449
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
index-7cae7183.js
app.usercentrics.eu/browser-ui/3.42.0/ 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/index-7cae7183.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
70f3d063ecbf3d40db121b837f9c339a2b9350067aecba287a400b135efa4268
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPo-jXTHRMvuLLt8tQCDdaDmRNGwn09KfmIC1cni8TSlYM6DB9JexhPAGVPDTJdAboHmbSE
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Tue, 07 May 2024 10:37:25 GMT
server
UploadServer
etag
"cf7c64a0641b9217e9383617d56cf68d"
x-goog-generation
1715078245970709
x-goog-hash
crc32c=GBjXQA==, md5=z3xkoGQbkhfpODYX1Wz2jQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
806
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
uct
uct.service.usercentrics.eu/ 		35 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=3NnzKkP7Sdg38D&t=1&abv=&r=https%3A%2F%2Fwww.2xweihnachten.ch%2Frm%2F&cb=1715937099505
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:11:39 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
x-powered-by
Express
content-type
image/gif
x-cloud-trace-context
190a41b2c3f25440ee584252aa3c760d
cache-control
no-store
function-execution-id
jrnpt9xws7qt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
collect
r.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.2xweihnachten.ch
Date
Fri, 17 May 2024 09:11:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
act
analytics.tiktok.com/api/v2/pixel/ 		0
846 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.40 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-40.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8c12b361.34371de2
date
Fri, 17 May 2024 09:11:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405170911394B9EF016BE0B6B2CA004-3040135084F52E57-00
x-cache
TCP_MISS from a95-100-146-36.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
223,95.100.146.36
server-timing
cdn-cache; desc=MISS, edge; dur=113, origin; dur=123, inner; dur=119
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202405170911394B9EF016BE0B6B2CA004
x-cache-remote
TCP_MISS from a23-48-100-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
123,23.48.100.68
x-tt-trace-host
01a5c82cc0ab1129b208d1e459d885fefaf271cfae81b3aae7b051f5ed646ca9698f584e7884bb5cf4a8e109c2ac76b0ff613893eda2ef6fb0237b065cf4de68dbb0c5d58d38e17b2ffdab430cdc12ea625b5423cb733d21ba18d79632d187f634154a4120e8104f5af634196bc532ddb5
access-control-allow-headers
Authorization,*
expires
Fri, 17 May 2024 09:11:39 GMT
index-3b0ef6d3.js
app.usercentrics.eu/browser-ui/3.42.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/index-3b0ef6d3.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
abbb1137056602119de04d3e3e62aaa6a78749a25e004c84cf956c7cb57af5a7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index.module.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPoAj4UJKgeMbGYzeBNMJQOHqsA7rtbBQn3A7YhVK4i0gdJ8lI3PeicFtbkYMqTZvuaN03E
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2064
last-modified
Tue, 07 May 2024 10:37:25 GMT
server
UploadServer
etag
"3e4dfccb81106eedce419877f610590f"
x-goog-generation
1715078245747260
x-goog-hash
crc32c=uq9EHA==, md5=Pk38y4EQbu3OQZh39hBZDw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2064
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
SaveButton-83451636.js
app.usercentrics.eu/browser-ui/3.42.0/ 		1 KB
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/SaveButton-83451636.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a9943fbabe51e835ec4bb366e825306a06bb3d106f82fcabfa48d5e25222a51b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index-3b0ef6d3.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPpPLtwb8lHteO85fmueQ1eCttxxN0RDAW9zMtf7773T0vytJZXw1du2HxO7VFzJa-zoEHc
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
618
last-modified
Tue, 07 May 2024 10:37:20 GMT
server
UploadServer
etag
"f5896bda85ad90b1acecbbe3b06f8fe1"
x-goog-generation
1715078240445790
x-goog-hash
crc32c=leJyLA==, md5=9Ylr2oWtkLGs7LvjsG+P4Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
618
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
VirtualServiceItem-34936f50.js
app.usercentrics.eu/browser-ui/3.42.0/ 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/VirtualServiceItem-34936f50.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aea803d43dba4d33cfe0cf644beb8fd49fe9c22a8e44cbc780ba8f49dda5df83
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index-3b0ef6d3.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPpzMOFEetqQmi1Qu9KWfIa_jWE1qBYT-ksyGS57_8y6cypPJO9Ifll2pv8206fT0iHa-Ps
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48641
last-modified
Tue, 07 May 2024 10:37:21 GMT
server
UploadServer
etag
"d2aec8fca614191228cd1de6d3dd9b4e"
x-goog-generation
1715078241939268
x-goog-hash
crc32c=1JccVg==, md5=0q7I/KYUGRIozR3m092bTg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
48641
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
DefaultTabs-18098327.js
app.usercentrics.eu/browser-ui/3.42.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.42.0/DefaultTabs-18098327.js
Requested by
Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/rm/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa3ae33c728a77cbda5b280d3d236656f04b5e58f09bfd603f7cbfe09fad4eb5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.usercentrics.eu/browser-ui/3.42.0/index-3b0ef6d3.js
Origin
https://www.2xweihnachten.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:39:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
858753
x-guploader-uploadid
ABPtcPoZ4d7sTkDQhj4t9Vo5VmRy_d903DnvSpoXMjba67TksBtjBWBd_2RICwMyMdJidq1hgvY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1698
last-modified
Tue, 07 May 2024 10:37:19 GMT
server
UploadServer
etag
"296c8403acca58fc3b1eaa9371afffec"
x-goog-generation
1715078239032102
x-goog-hash
crc32c=RwwZJw==, md5=KWyEA6zKWPw7HqqTca//7A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1698
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 May 2025 10:39:06 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0AB6E2A5145B4DEBAD87E6617BFEC809&RedC=c.clarity.ms&MXFR=222B0930066368443E1D1DB2026366D1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0AB6E2A5145B4DEBAD87E6617BFEC809&MUID=14C6FB4C03846035231AEFCE020F6146
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0AB6E2A5145B4DEBAD87E6617BFEC809&MUID=14C6FB4C03846035231AEFCE020F6146
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://www.2xweihnachten.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:41 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 17 May 2024 09:11:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC180246BBFF4C56ADA6CE8D3D4FA9BE Ref B: FRA31EDGE0508 Ref C: 2024-05-17T09:11:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0AB6E2A5145B4DEBAD87E6617BFEC809&MUID=14C6FB4C03846035231AEFCE020F6146
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon-32x32.png
www.2xweihnachten.ch/assets/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.2xweihnachten.ch/assets/images/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
5b810ec2c62fc949f4c313a271a48054e548aebb90497edda2f87dfa5fc14043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.2xweihnachten.ch/rm/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HY2X4H2XKX1C2FPFDTWHZN2P
date
Fri, 17 May 2024 09:11:41 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
1
cache-status
"Netlify Edge"; fwd=miss
etag
"a1d7e13ef8ffd63fc9fa5c3181414256-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
2178
collect
r.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://www.2xweihnachten.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.2xweihnachten.ch
Date
Fri, 17 May 2024 09:11:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| google object| mapboxgl object| L object| bitmovin object| Twitch object| grecaptcha object| H function| _wcomWidget object| Microsoft function| js3q object| Calendly object| oa object| hbspt object| uc object| google_tag_manager object| google_tag_data object| dataLayer object| zmwDwConfig object| twttr object| zmwFormConfig object| FB function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill object| __twttrll object| __twttr function| clarity function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| __buffer object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO undefined| projectId object| mtiTracking object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| UC_UI

20 Cookies

Domain/Path Name / Value
.2xweihnachten.ch/ Name: _gcl_au
Value: 1.1.281327421.1715937098
.tiktok.com/ Name: _ttp
Value: 2gaYLQUf2B6j7BF7RyCz31hxj0C
www.clarity.ms/ Name: CLID
Value: c0ac97cb2fa74acb83ca69aa55e3a0d5.20240517.20250517
.2xweihnachten.ch/ Name: _ga_8R7RXSFQEG
Value: GS1.1.1715937098.1.0.1715937098.60.0.0
.2xweihnachten.ch/ Name: _ga
Value: GA1.1.1803868661.1715937098
.2xweihnachten.ch/ Name: _fbp
Value: fb.1.1715937098719.1183599339
.doubleclick.net/ Name: IDE
Value: AHWqTUnRePzXZ8Zgn_Yzz30BXHR3hO7uGSWdBhfpK-z5XgmRxhjC8FPk6yDZFmPg
.fonts.net/ Name: __cf_bm
Value: ETqb6DGyTMo3cqynAvvZ.MTwONiv1eP26lapdz5giJM-1715937099-1.0.1.1-iioRfXvO1AD.TCHweY1DMwV_aMHa9fBpTWQOJZ7yFASUfDlG7sR7ALZUHUC74_nyXUopYmRDUW_5oB5ePeSbEg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.2xweihnachten.ch/ Name: _tt_enable_cookie
Value: 1
.2xweihnachten.ch/ Name: _ttp
Value: 3bSm2l6q3MFxump6ZNbmFo54Aqh
.2xweihnachten.ch/ Name: _clck
Value: bykfaf%7C2%7Cflu%7C0%7C1598
.2xweihnachten.ch/ Name: _clsk
Value: wdhvvh%7C1715937099720%7C1%7C1%7Cr.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 14C6FB4C03846035231AEFCE020F6146
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 14C6FB4C03846035231AEFCE020F6146
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 14C6FB4C03846035231AEFCE020F6146
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

26 Console Messages

Source Level URL
Text
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1602194843373061?v=2.9.156&r=stable&domain=www.2xweihnachten.ch&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.2xweihnachten.ch/rm/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12086158.fls.doubleclick.net
2xnadal.ch
analytics.tiktok.com
api.usercentrics.eu
app.usercentrics.eu
c.bing.com
c.clarity.ms
connect.facebook.net
consent-api.service.consent.usercentrics.eu
fast.fonts.net
googleads.g.doubleclick.net
images.ctfassets.net
platform.twitter.com
privacy-proxy.usercentrics.eu
r.clarity.ms
stats.g.doubleclick.net
syndication.twitter.com
uct.service.usercentrics.eu
www.2xweihnachten.ch
www.clarity.ms
www.facebook.com
www.google.ch
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
104.244.42.200
142.250.184.198
142.250.186.66
142.250.74.196
142.251.168.155
157.240.252.13
20.119.174.243
216.58.206.34
2600:1901:0:1e38::
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:235a:800:12:94b3:c380:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:281c
2620:1ec:48:1::45
2620:1ec:c11::237
2a00:1450:4001:80e::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d014:58f:6202::64
34.95.108.180
35.190.14.188
35.241.3.184
68.219.88.97
76.76.21.21
95.100.146.40
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
019891d475428e68363d644ff7ecb4c148a1e905cd084dc6f9ff8494f1e9b19a
08979d805f74b296598422b81a04d9c28f967fe1119c85a8cda546fbfc8ea681
0b7ded52919ddb0fe85579298b5a0945168c309e49001a1bfa9cdc9b8fe36c97
10c427773d74c0724adf14522a7a506056969e5eae68201f328707a9bef6f844
11c356ed33d2ed32d9acdeedeb2b5fef41b7211442091c51fcd23a4f5be0b25f
153a2d327976bab543b4c8170f1b3613a2f82447f8badb86f359e616d49e86c4
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1b9d05c2efa854dc057e7ce3fb13ecff7ba038ced6631dd48e3614b351a742ce
2266f44385c1337837b7ef108a668da3a3d829063e1fc7c6d4f54284360458f6
230edc85fba60b7e535f3304bd4c501efbba20e6db22600955226210a73bdd03
27727268e956a5b856b91a47ed8d906b568df9e49aceb2cf04ee1cf0df65512a
2980a821ca3c3109a4bc155b11430ac24ce69c5aaf069ff293d2cb1bd39b2de5
2f14cd3085521c1973caab7781ba0d4c5e4f5b834fa1c40c3a9c127b806ce164
36ca6086bbd619cb4a8aa383480359083f56c577fe7d6a90d0e2f8b6de9441f6
373e48505a545e861cd1109ab7f8a9afd2ce03556981a0c524e3182327676b15
41d6e8b03d34634319423f3acd2d542c43acfaa3213f161727c4e9b86c579914
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
4a6c4895284f7e0be73851d3eed451fc1cacb2ad4736ed73f5c9c4151b39f0a3
4bd683b271e9bfa5baf2785e8568640662883a412dbace1d4341f746ad1adb8b
4dee7b7f5bd454fc7b52f623814a23be6e9bc6b191ffb1b14a8202ce10d6813f
519536006cd07bfce7ffa9bb61618333db7e0db8b766d5448bf4962ca14ac55a
5216538991df7fb0d1e5e55fd185a805e3b00a795058dd466f4713ead1f8a4e8
54795ec7d81b386fd21fc0b81a67ce4bfcfdcbc28d8905dc6b31cfebea81992e
5b810ec2c62fc949f4c313a271a48054e548aebb90497edda2f87dfa5fc14043
63b4d00f7e88d4c69629deab2eaf5f1120d49e02e9d807b2d9ba6925091749f2
6724df2eaab91ac07cb607b6027db6d0e9a9f4171a4d55e66ce1c45d0d7e2ab7
698578b0b53f330c214271449273a190d45dbf7f3f9227dc077618e92563c6aa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e0e958e27bb3eaf4b03d1062ef30a83e0e38d8cdec9bf9b423819d79f6571ea
6f8d898e291a6556a67c2c70bf4e19df082279a2d1d59a2d8821f98adcefc306
702b84fac5e859748def23a4eae23892deb98f543876b89170cab0ba021de941
70369e2deafc7a0d15ce6e4988feda5538fd3555ad0e2b977b9d47d1387b4a06
70479b4e4bbb5e3d0eb95c786c6a1c825a1ebe6a8d5e9605784cb1ea64020617
705978ece57bc92b7928e87defdabb5695fe92c45f56373e6d6b0b9ac64e57f5
70debb26ab16499454bd7b2f229c202c246bebee44b6e16b558564d0fb7bcab5
70f3d063ecbf3d40db121b837f9c339a2b9350067aecba287a400b135efa4268
7ab2ea8fd27fef64c455115e17f1932f0710ddce3f74455c11820b826d76154f
7e1eac13f53887711729c482a796cf09cf82359b4c16a94dd3bc1744accd9a00
82d8e2c64e2db16772d93ffa4a1cfb7c138f9071c103904d1e3e525acec094a6
89e17b83a2e06b56061234766b5d9f8feef650531e2e4734504ee9f6425bbf73
8d5cf8b6748030407427c10d5d27a994cc4838691cc415138b4a6c9ff2e26f42
91e799884d9c8edd92a87c3060eb144023ab1c87035e7cf638e25e253dab182b
925914f519063ebef6984ffff2efe62f52b5c4727f2ced03ac5f91d64c7baf73
96caecb9d0d356db4aa5d630b3115b80ff625d039904cf79ab85532f5da29b72
97e043ee1f733cc967c475ff757f07b20a0c4b11a5f94998cac358bf455cf348
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cf0bfbdf8164a95502ff8e1d059e7eb5847d7ae8fc12433b095e8c99de4eab5
a557931c2ecdd87b97095ee3a4fb001acc6715a5616495f665d3112744389283
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
a9943fbabe51e835ec4bb366e825306a06bb3d106f82fcabfa48d5e25222a51b
aa2e1383512e5aced732bb1cccd528f7f0a6dd88db4ec0b520e9d8e53d74fefd
aa3ae33c728a77cbda5b280d3d236656f04b5e58f09bfd603f7cbfe09fad4eb5
abbb1137056602119de04d3e3e62aaa6a78749a25e004c84cf956c7cb57af5a7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea803d43dba4d33cfe0cf644beb8fd49fe9c22a8e44cbc780ba8f49dda5df83
b6a63a83c4b69f91e185938410d70c7b0bf0991f0e0f26e6b57c954e453324fc
b7063a6b78377a64df7a8eef4bc2bed3579b50a92ad09c49928d25f68a1336ce
ba753c5b0d52cc49451a0e5b7ef8c6ab12f742311446330d217e29c62067fcde
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
c19bb0d72e07f345c35f939da5664fee9efa22b68d08480abaa027dfb5696bfd
c59c67e371590615365dad338299f0ee7116a571d4a049c41d0201721e0d266d
c8bbcf66989e3dee7dea54901c79a7b05520785f5ace119cd665ddc25cc2ca2e
ca61f2ecdd14c962119c00d8eb5f4912e6b400b4817e41fd27a3765fec580c00
d4f287c2fb699469e5d1047900f29d8057f599b5069a4f17ad97f3f560e35785
d644d604f9a15a5375d4c88f14973f9d1ee415bad0088b88c911f9c65d1dcb2d
d6ed57528e4162443c7b65911a3a9ca969f670d9266d76e64c6898d421072bc9
dce7a1990586d3fd97ccc08d16abf1524307a77df2a5e2798b5b66dd1f2d4d04
de677fcd831a387a1037fe0bc92f1b588daaaf14e9d345f3db6fd7e39d07bb9f
e2df0d10eb100b81daa06c74bf17c3d613647d2222a7ac8a1d5892f6ed7f41c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f78f0e3eb47a6e91298eafae4862acadc34f5afd14af704fc09245d650ad2
e8754bab8aebc724a2e6478e9e2a69b686e99dbe63286b8198e3abeb4a2072e5
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f474550de1e03d58f1d19a2d95b7d12781ed5752886a2639be1ddda8e5172c70
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
f5d56fecd3d54995a7f3f86e5b929400b4e86e65ce437ef51cc6c3e49c328a46
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988