www.orellfuessli.ch Open in urlscan Pro
104.16.91.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Submission: On March 08 via api (March 8th 2022, 3:57:15 pm UTC) from CH — Scanned from DE

Summary HTTP 128 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 25 domains to perform 128 HTTP transactions. The main IP is 104.16.91.18, located in and belongs to CLOUDFLARENET, US. The main domain is www.orellfuessli.ch. The Cisco Umbrella rank of the primary domain is 500969.
TLS certificate: Issued by Thawte RSA CA 2018 on September 21st 2021. Valid for: a year.

This is the only time www.orellfuessli.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	104.16.91.18 104.16.91.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	104.16.5.2 104.16.5.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.66.12 65.9.66.12	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:210... 2600:9000:2104:600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
7 11	18.214.173.40 18.214.173.40	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.49.218.107 52.49.218.107	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 7	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
128	29

26 104.16.91.18 (None, )

ASN13335 (CLOUDFLARENET, US)

www.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 104.16.5.2 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

9327407.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8114602.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-12.fra56.r.cloudfront.net

vt.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.214.173.40 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-173-40.compute-1.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.218.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-218-107.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.141.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.48.120.130 (Hamburg, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemaxserver.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usemax.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	thalia.media assets.thalia.media — Cisco Umbrella Rank: 94023 ga.thalia.media — Cisco Umbrella Rank: 148500	163 KB
26	orellfuessli.ch www.orellfuessli.ch — Cisco Umbrella Rank: 500969	397 KB
12	myvisualiq.net 7 redirects vt.myvisualiq.net — Cisco Umbrella Rank: 12275 t.myvisualiq.net — Cisco Umbrella Rank: 1313	10 KB
8	doubleclick.net 3 redirects 9327407.fls.doubleclick.net — Cisco Umbrella Rank: 951391 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 8114602.fls.doubleclick.net	4 KB
5	clarity.ms 1 redirects e.clarity.ms — Cisco Umbrella Rank: 1869 c.clarity.ms — Cisco Umbrella Rank: 547	24 KB
5	usemaxserver.de www.usemaxserver.de — Cisco Umbrella Rank: 100331	207 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 785 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3334	2 KB
4	pinterest.de www.pinterest.de — Cisco Umbrella Rank: 30731	14 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 338 c.bing.com — Cisco Umbrella Rank: 193	13 KB
3	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 822 www.pinterest.com — Cisco Umbrella Rank: 1057	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	588 B
3	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 184	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 687	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	156 KB
1	usemax.de www.usemax.de — Cisco Umbrella Rank: 99135	552 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1202	124 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 404	304 B
1	tapad.com 1 redirects tapestry.tapad.com — Cisco Umbrella Rank: 1011	447 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4459	9 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
128	25

	Domain	Requested by
46	assets.thalia.media	www.orellfuessli.ch assets.thalia.media
26	www.orellfuessli.ch	www.orellfuessli.ch assets.thalia.media
11	t.myvisualiq.net	7 redirects
5	www.usemaxserver.de	www.dwin1.com www.usemaxserver.de
4	track.adform.net	2 redirects www.usemaxserver.de
4	8114602.fls.doubleclick.net	2 redirects www.usemaxserver.de
4	www.pinterest.de	s.pinimg.com www.orellfuessli.ch
3	e.clarity.ms	bat.bing.com www.orellfuessli.ch
3	adservice.google.com	9327407.fls.doubleclick.net 8114602.fls.doubleclick.net
3	www.facebook.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	c.clarity.ms	1 redirects
2	ct.pinterest.com	www.orellfuessli.ch
2	px.ads.linkedin.com	2 redirects
2	dpm.demdex.net	2 redirects
2	www.google.de
2	connect.facebook.net	www.orellfuessli.ch connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	9327407.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.orellfuessli.ch www.googletagmanager.com
1	www.usemax.de	www.usemaxserver.de
1	www.pinterest.com	1 redirects
1	c.bing.com	1 redirects
1	adservice.google.de	adservice.google.com
1	www.google.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	loadus.exelator.com
1	tags.bluekai.com
1	tapestry.tapad.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	vt.myvisualiq.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ga.thalia.media	www.orellfuessli.ch
128	38

This site contains links to these domains. Also see Links.

Domain
bookcircle.orellfuessli.ch
www.trustedshops.ch
de-de.facebook.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.orellfuessli.ch Thawte RSA CA 2018	`2021-09-21` - `2022-09-21`	a year	crt.sh
*.thalia.media Thawte RSA CA 2018	`2021-12-06` - `2023-01-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.myvisualiq.net Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-15` - `2022-03-15`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
usemaxserver.de Sectigo RSA Domain Validation Secure Server CA	`2021-06-09` - `2022-07-10`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.usemax.de R3	`2022-02-23` - `2022-05-24`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Frame ID: 57E6CCED9ABC8223E883A45445ECB330
Requests: 118 HTTP requests in this frame

Frame: https://9327407.fls.doubleclick.net/activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F
Frame ID: 2557E55407765064E08EDD04408834D7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F
Frame ID: 1AA29D8AC5F7F76CC8E72DB429A5762F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F
Frame ID: 0B2462D837DAEADE7A04F7905FEB96E2
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: F73C9AB1B2F56F4F4051D050082B5DE2
Requests: 4 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=2&product_id=undefined&checkout_amount=&checkout_order_id=&referrer=&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&iframe=1&k0=0&ci=dXNtX3VtX3J0PTE4MzMyMzE5MjUmfGUxZjQzYw==
Frame ID: D6B44611072B883985103788E2944E15
Requests: 3 HTTP requests in this frame

Frame: https://8114602.fls.doubleclick.net/activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: BD29B4415FE2E5376CF0A03D8C424F0B
Requests: 2 HTTP requests in this frame

Frame: https://8114602.fls.doubleclick.net/activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: E9C5EC64AE7BF6B149F4037F996FB552
Requests: 2 HTTP requests in this frame

Frame: https://www.usemax.de/rt.php?ext_i=1833231925
Frame ID: F27F551D06A9D7F9C4A5CB37467DED35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hilfe zur Geschenkkarte | Orell Füssli

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

128
Requests

93 %
HTTPS

48 %
IPv6

25
Domains

38
Subdomains

29
IPs

6
Countries

1149 kB
Transfer

3356 kB
Size

49
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://bookcircle.orellfuessli.ch/
Title: Book Circle Community

Search URL Search Domain Scan URL

URL: https://www.trustedshops.ch/bewertung/info_X31D6E98C374EA3E5B6AB582709F9185B.html

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orellfuessli/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ch/app/orell-fussli-mein-buch/id1119180724

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.thalia.oft

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F HTTP 302
https://9327407.fls.doubleclick.net/activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F

Request Chain 92

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_d80c3210-40f2-4333-b775-d9f413cfd03b

Request Chain 93

https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
https://tags.bluekai.com/site/21398?id=c74d04bb-0bbc-4239-bfd6-337b0a5e75ce

Request Chain 94

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=0-f7205366-45fb-40ce-932c-65ca95547315&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=125310&dpuuid=0-f7205366-45fb-40ce-932c-65ca95547315&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=34489114395789395090857990115204136833

Request Chain 95

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://loadus.exelator.com/load/?p=204&g=1260&buid=b96e23ce-63a4-47c8-af1e-44708ed9e55c

Request Chain 96

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1236519689830344%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0 HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1236519689830344%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0 HTTP 302
https://www.facebook.com/tr?id=1236519689830344&ev=PageView&cd[order_id]=b96e23ce-63a4-47c8-af1e-44708ed9e55c&dpo=LDU&dpoco=0&dpost=0

Request Chain 101

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1646755030192%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%252Fshop%252Fhilfe-geschenkkarte%252Fshow%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&liSync=true&e_ipv6=AQK4TlUqmd1-2gAAAX9qP6X59swULO2GRbliEqEWXX8xZZwoITqqHYKgpXJo-VRSpxQV3ObrWdtkS9m9KHz9FUUR9CVw

Request Chain 113

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=8C65ABE80B2944D796AFD68D835F0FBC&RedC=c.clarity.ms&MXFR=075DBCFE3CB3625A26C4AD9F38B36C5D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=8C65ABE80B2944D796AFD68D835F0FBC&MUID=08579F951D726B4308CC8EF41C196A09

Request Chain 114

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

Request Chain 117

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://8114602.fls.doubleclick.net/activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 118

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://8114602.fls.doubleclick.net/activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 120

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|

Request Chain 121

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C2%7COrellFuessliCH_2&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C2%7COrellFuessliCH_2&ADFdivider=|

128 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/ 75 KB
17 KB 197ms
158ms Document
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b2c9b4000b5fce514ff86def30f141d3f59b3506cd829230385737382c0dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-type: text/html;charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-language: de
vary: Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e8cc3d5dc7d6931-FRA
content-encoding: gzip

GET
H2 200 LatoLatin-Regular.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 29ms
26ms Font
text/plain 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Regular.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13878
vary: Origin, Accept-Encoding
content-length: 43760
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
accept-ranges: bytes
cf-ray: 6e8cc3d6fe8d6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 12:05:51 GMT

GET
H2 200 LatoLatin-Bold.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 37ms
35ms Font
text/plain 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Bold.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35835
vary: Origin, Accept-Encoding
content-length: 44380
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
accept-ranges: bytes
cf-ray: 6e8cc3d6fe996931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 05:59:54 GMT

GET
H2 200 globals.acff657f67f6.css
www.orellfuessli.ch/assets/css/37/ 170 KB
32 KB 32ms
29ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/css/37/globals.acff657f67f6.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2140a4c45e850bf971e68d188d2fed48dae2cf058e7e676d6d238bc3ef7fddcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: text/css
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
cf-ray: 6e8cc3d6fe906931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
H2 200 shell.4cd3184c716c.css
www.orellfuessli.ch/assets/static/ 2 KB
741 B 61ms
58ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.4cd3184c716c.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd3184c716c5c5ce43e037efdc0d8b1c052777dc8d3a6e68e92416c3e029468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: text/css
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
cf-ray: 6e8cc3d6fe956931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
H2 200 vendor.414e991e3e8d.js Show response
www.orellfuessli.ch/assets/static/ 342 KB
85 KB 63ms
62ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/vendor.414e991e3e8d.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414e991e3e8db52313d27b7fb14abba2350e59f9d6ec464acc721d484bcb8d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
cf-ray: 6e8cc3d6fe9b6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
H2 200 application.aacaad7d5f95.js Show response
www.orellfuessli.ch/assets/static/ 210 KB
52 KB 59ms
58ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/application.aacaad7d5f95.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aacaad7d5f95e5404af253efa7dd0f42209c265ab2bee73a3558a862f66c0adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
cf-ray: 6e8cc3d6fe9d6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
H2 200 shell.ec9ba0b84e6a.js Show response
www.orellfuessli.ch/assets/static/ 274 KB
76 KB 65ms
64ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9ba0b84e6a95fc4e7369af986177184c4066f2474d1ad352824b4ec7f3d0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=43200, public
cf-ray: 6e8cc3d6fea06931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
H2 200 main-nomodule.250d705888c74998bc8a.js Show response
assets.thalia.media/ocsassets/heimdall/script-consent/ 6 KB
2 KB 23ms
19ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.250d705888c74998bc8a.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7f8b2a413527de948a94923f2059cb2efd989b4fc31c6972676a31fc520178

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 892401
x-originaluniqueid: Yhne4FlyHrdTaPX-PD@wUQAAAKs
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: Yhne4FlyHrdTaPX-PD@wUQAAAKs
last-modified: Fri, 04 Feb 2022 12:57:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d80f139299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Mon, 28 Mar 2022 08:03:44 GMT

GET
H2 200 main-module.1e675fc0c15020644c1d.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/ 3 KB
2 KB 51ms
18ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.1e675fc0c15020644c1d.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d83ce50820394dff540e26de30fb0d44311099e9efef36dab2639f28a712ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
cf-cache-status: HIT
age: 710749
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
x-messageid: YgDfuaFyFee2rAsMFSbyNAAAAKc
last-modified: Thu, 13 Jan 2022 16:15:39 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d72b349b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 09:00:41 GMT

GET
H2 200 style.a739893df5d405e527c3.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 67 KB
8 KB 54ms
22ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.a739893df5d405e527c3.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff64b6ffe5a336e9bb3616cbc47af44f9cfcd301b18baca35eb417063fbccfda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
cf-cache-status: HIT
age: 614977
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
x-messageid: Yh4ZCwim97OaLX3EOjw2hwAAABU
last-modified: Tue, 01 Mar 2022 11:17:05 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d72d519299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 31 Mar 2022 13:00:59 GMT

GET
H2 200 main-module.e4f012bc438b38a8eb46.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 8 KB
3 KB 51ms
19ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.e4f012bc438b38a8eb46.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39de51c712ed02cebfb980e6d17bbfc54138271579e6a932d9606da0d5a8eb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1043965
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
x-messageid: YheOzYL03I-EYglNvavIkwAAAJ0
last-modified: Thu, 24 Feb 2022 13:32:03 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d72b379b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 13:57:33 GMT

GET
H2 200 main-module.febc1d2281cb19b81d92.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 4 KB
2 KB 57ms
25ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.febc1d2281cb19b81d92.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ebb7c6743c30cc2c8091070328d4a0f4d33134b5aa81bbdefefd36d49e2dd41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
cf-cache-status: HIT
age: 980038
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
x-messageid: Yhb4nJgBkWmNPzv-grXZvgAAATQ
last-modified: Thu, 17 Feb 2022 15:18:11 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d72b389b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 03:16:44 GMT

GET
H2 200 main-nomodule.c8c0626bd8e5bba30828.js Show response
assets.thalia.media/kuba/login/global-header-login/ 8 KB
3 KB 24ms
20ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/kuba/login/global-header-login/main-nomodule.c8c0626bd8e5bba30828.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b612fd7b9551e4e9ff62dbf4d3fd8c5871adc8967f76127a1557518a77b8dab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1064837
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Wed, 23 Feb 2022 12:19:33 GMT
server: cloudflare
etag: W/"1ec0-5d8ae7a6a88ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80f149299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 08:09:19 GMT

GET
H2 200 main-nomodule.ff1f3fcd956e3213860b.js Show response
www.orellfuessli.ch/warenkorb/resources/header-warenkorb/ 6 KB
2 KB 36ms
31ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb/resources/header-warenkorb/main-nomodule.ff1f3fcd956e3213860b.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

024d39c5d5d0401655996da590c9f953f8ed1197ba78716c56842e73fe0a0560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139352
grace: none
x-cache: HIT
content-type: application/javascript
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Feb 2022 13:50:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=432000, max-age=2592000
cf-ray: 6e8cc3d8089e6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Wed, 06 Apr 2022 01:14:37 GMT

GET
H2 200 main-nomodule.3eb48991f7b0ac20e1a2.js Show response
www.orellfuessli.ch/affiliate/resources/affiliate-header-script/ 7 KB
3 KB 45ms
41ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/affiliate/resources/affiliate-header-script/main-nomodule.3eb48991f7b0ac20e1a2.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df260fa3c8e7d7f7f1f693d6d718085ec9db1c2c0ace246ab2f7bf1ddb54582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 357102
grace: none
x-cache: HIT
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Mar 2022 08:28:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=432000, max-age=2592000
cf-ray: 6e8cc3d808a16931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Sun, 03 Apr 2022 12:45:27 GMT

GET
H2 200 main-nomodule.7888f79364b67d01d81b.js Show response
www.orellfuessli.ch/club/kunde/components/club-cookie/ 5 KB
2 KB 35ms
31ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/club/kunde/components/club-cookie/main-nomodule.7888f79364b67d01d81b.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

942e1a6c9c553d8b7a8261004e790bf1472910dc079df358f8b639104d33b726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 219616
grace: none
x-cache: MISS
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Feb 2022 08:55:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=432000, max-age=2592000
cf-ray: 6e8cc3d808a26931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 02:56:53 GMT

GET
H2 200 merkur-0717cb4318546c954d54a99473e016fa.js Show response
assets.thalia.media/ocsassets/merkur/js/ 5 KB
2 KB 55ms
24ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/merkur/js/merkur-0717cb4318546c954d54a99473e016fa.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6272e41d542cd24382693dd1456bd2dbab631e416a886fdae4d7749b52d87ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 972894
x-originaluniqueid: YfGkCyL95K3bfIcMH0gWsQAAAT8
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: YfGkCyL95K3bfIcMH0gWsQAAAT8
last-modified: Tue, 04 Jan 2022 12:55:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d73d659299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Fri, 25 Feb 2022 19:42:03 GMT

GET
H2 200 legacy-red.css
www.orellfuessli.ch/assets/css/ 33 KB
6 KB 33ms
30ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/css/legacy-red.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b64f83f1cf51f9ef5e9ff322a7a1162f222ecf9f9bfdb17e80e2fd410d63589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: text/css
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=43200, public
cf-ray: 6e8cc3d70ea16931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
H2 200 style.d1be852ab92389bb8394.orellfuessli.css
assets.thalia.media/red/cms/components/header-global/ 6 KB
2 KB 40ms
23ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global/style.d1be852ab92389bb8394.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44383e1c6e19145f7bc45f4da0a59b695b1230fd4975719d9650266fe9ca14f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:03 GMT
server: cloudflare
etag: W/"17a7-5c818d05aea0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d72d5b9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 26 Jul 2022 03:07:43 GMT

GET
H2 200 style.fb1e3d999d2803fadc64.orellfuessli.css
assets.thalia.media/kuba/login/cclogin-banner/ 4 KB
2 KB 37ms
20ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/kuba/login/cclogin-banner/style.fb1e3d999d2803fadc64.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1148f43d6088e8d31064962e8e15cb2fa80300981713dfa1b8fdac8ee4f83be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1065050
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Wed, 23 Feb 2022 12:19:32 GMT
server: cloudflare
etag: W/"fae-5d8ae7a6548df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d72d539299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 08:06:15 GMT

GET
H2 200 main-nomodule.914846d8e16c04f5aa45.js Show response
assets.thalia.media/kuba/login/cclogin-banner/ 5 KB
2 KB 25ms
22ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/kuba/login/cclogin-banner/main-nomodule.914846d8e16c04f5aa45.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62697882c3bf6ccc5998d8351520b3a9839b8ef84a0abe8e7c40502334cbbf8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1065050
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Wed, 23 Feb 2022 12:19:32 GMT
server: cloudflare
etag: W/"15d8-5d8ae7a65598d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80f169299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 08:05:43 GMT

GET
H2 200 main-nomodule.0530811f06a5f6d42571.js Show response
assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/ 5 KB
2 KB 23ms
19ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.0530811f06a5f6d42571.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1a351c6d2e537bdaac9cad89a3324c79e0f450d86acd98fbdc54c46e0d7e0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 892409
x-originaluniqueid: Yhneyl9X3pQO@RlcOeAxBgAAABU
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: Yhneyl9X3pQO@RlcOeAxBgAAABU
last-modified: Fri, 04 Feb 2022 12:57:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d80f189299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Mon, 28 Mar 2022 08:03:22 GMT

GET
H2 200 main-module.5d3fcae93dd2cc8d9432.js Show response
assets.thalia.media/red/cms/components/header-global-filiale/ 4 KB
2 KB 24ms
20ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-filiale/main-module.5d3fcae93dd2cc8d9432.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8882007cb404f53ab2547fa3583995e789d7a1e93e75a443fc8e9bf04d38a57c

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 710749
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"1125-5c818d05cc52d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 6e8cc3d80cef9b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Sat, 19 Feb 2022 14:24:33 GMT

GET
H2 200 style.3f4f656487f50e180586.orellfuessli.css
assets.thalia.media/red/cms/components/header-global-filiale/ 10 KB
2 KB 39ms
22ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-filiale/style.3f4f656487f50e180586.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ccbfaa5935e315b8e5ffd74705975b89009075e5d94cb756d5961da991c156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"2898-5c818d05d4283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d72d549299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 19:59:02 GMT

GET
H2 200 style.233d45839774fc05f713.orellfuessli.css
assets.thalia.media/red/cms/components/header-global-bonusprogramme/ 5 KB
2 KB 37ms
20ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-bonusprogramme/style.233d45839774fc05f713.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b760c176070d015b8b4819efdbc94dce3704beb2ae04ef56028dce28ffdf3dc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"1405-5c818d05c0096"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d72d569299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 20:08:22 GMT

GET
H2 200 style.ec423b7119ecf9f12db2.orellfuessli.css
assets.thalia.media/red/cms/components/header-global-logo/ 4 KB
1 KB 45ms
28ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-logo/style.ec423b7119ecf9f12db2.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c99fb07f9a1b731f26532e91ab92e31373865e97e03fab2bc0cf4796c35229f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"f77-5c818d05f7289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d72d579299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 19:52:59 GMT

GET
H2 200 style.e7befe595aa85f2482c4.orellfuessli.css
assets.thalia.media/red/cms/components/header-global-kunde/ 53 KB
7 KB 39ms
23ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b79f58d73b2b10d108c1aaeac22d59c57ea25419f781f3e2346c922a9aecebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Thu, 02 Dec 2021 10:40:20 GMT
server: cloudflare
etag: W/"d274-5d2276aca0f6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d72d5a9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 26 Jul 2022 09:34:33 GMT

GET
H2 200 style.e71abbdd3c50beebe0fd.orellfuessli.css
assets.thalia.media/ocsassets/suchocs/suche-global/ 77 KB
11 KB 37ms
21ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/style.e71abbdd3c50beebe0fd.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cafa0a82329ccfcc93f5cc11e5b7d4e95b4a4d2959f5857e3fc352ea745d2701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 698480
x-originaluniqueid: YhzSl-lxYobCPXBNh7sFUAAAAAY
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: YhzSl-lxYobCPXBNh7sFUAAAAAY
last-modified: Mon, 28 Feb 2022 12:26:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d72d589299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Wed, 30 Mar 2022 13:48:07 GMT

GET
H2 200 main-module.38fb9d97e70f93e43fac.js Show response
assets.thalia.media/ocsassets/suchocs/suche-global/ 15 KB
5 KB 41ms
25ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/main-module.38fb9d97e70f93e43fac.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8193469844f0601a5445d9c8c84748764ab5326d9e5bee6ea157cd6d4d9bde

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 714746
x-originaluniqueid: YhyUXffk4Li9sIBmfgPZ7AAAATU
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: YhyUXffk4Li9sIBmfgPZ7AAAATU
last-modified: Fri, 25 Feb 2022 15:29:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d72b399b27-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Wed, 30 Mar 2022 09:22:37 GMT

GET
H2 200 sprite03.png
www.orellfuessli.ch/cookiemonster/v1/ 95 B
246 B 95ms
92ms Image
image/png 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orellfuessli.ch/cookiemonster/v1/sprite03.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: image/png
vary: Origin
content-length: 95
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, must-revalidate
cf-ray: 6e8cc3d808a46931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H2 200 main-module.9d53f99de50b2cdcd99d.js Show response
assets.thalia.media/red/cms/components/header-global-navigation/ 9 KB
3 KB 25ms
21ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-navigation/main-module.9d53f99de50b2cdcd99d.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d0044ec70bea9f739cdb3fdc2ce733d0b9baa670c913dc6f6973137cf39ffa

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1041486
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"2420-5c818d0609399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80cf09b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 22:10:08 GMT

GET
H2 200 style.94f0c585ba6f6bddebcf.orellfuessli.css
assets.thalia.media/red/cms/components/header-global-navigation/ 28 KB
4 KB 30ms
30ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-global-navigation/style.94f0c585ba6f6bddebcf.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef73eda896c59619ae2f8ac00945f18bd6cd711008d941fd0d0a2769d1d8221

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"71a1-5c818d0611501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d77deb9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 19:59:02 GMT

GET
H2 200 email-decode.min.js Show response
www.orellfuessli.ch/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
809 B 11ms
11ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Mar 2022 15:11:12 GMT
server: cloudflare
etag: W/"621f8910-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6e8cc3d78f9e6931-FRA
vary: Accept-Encoding
expires: Thu, 10 Mar 2022 15:57:09 GMT

GET
H2 200 style.59b181f9d6687086dc39.orellfuessli.css
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 59 KB
7 KB 37ms
33ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/style.59b181f9d6687086dc39.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 632cf142106a544bf44011ab9d31a411e74ecfcc66069c5892820ade0a15ce5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 955557
x-originaluniqueid: YhjnHQ5QNV7KeThs6ffY1AAAAK0
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: YhjnHQ5QNV7KeThs6ffY1AAAAK0
last-modified: Fri, 25 Feb 2022 14:03:29 GMT
server: cloudflare
cache-control: max-age=15780000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 6e8cc3d80f089299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Sun, 27 Mar 2022 14:26:37 GMT

GET
H2 200 main-module.f2c459495bce266717ba.js Show response
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 3 KB
2 KB 20ms
16ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/main-module.f2c459495bce266717ba.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80bf90f24a867c8499d2883d4dbca78dd2aa5d950700065e465ccacb8a9748e7

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 1041486
x-originaluniqueid: YgJuj7MS7fPdx@LdcWCu-gAAAKk
content-encoding: br
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
x-messageid: YgJuj7MS7fPdx@LdcWCu-gAAAKk
last-modified: Tue, 08 Feb 2022 13:03:19 GMT
server: cloudflare
cache-control: max-age=15780000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 6e8cc3d80ce69b27-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
expires: Thu, 10 Mar 2022 13:22:23 GMT

GET
H2 200 style.e7536c1b86adff0e681a.orellfuessli.css
assets.thalia.media/red/cms/components/customer-contact/ 7 KB
2 KB 23ms
18ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/customer-contact/style.e7536c1b86adff0e681a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2512af68bd2e16aa7b3b3ff2f71fd99e0839581f66194ae1c04a4ee6d7664f70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:03 GMT
server: cloudflare
etag: W/"1c68-5c818d054042b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d80f0d9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Sat, 20 Aug 2022 22:10:08 GMT

GET
H2 200 main-module.edf0dab896fa727e1cc0.js Show response
assets.thalia.media/red/cms/components/footer-sitemap/ 1 KB
1 KB 24ms
21ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/main-module.edf0dab896fa727e1cc0.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01d9b804163687231bb208eed2033be7baf16926664c78ddda4fda2d1c5dbd8

Request headers

Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1003534
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:03 GMT
server: cloudflare
etag: W/"5be-5c818d057fda0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80cf19b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 01:05:33 GMT

GET
H2 200 style.7bdbb27e0cb55fbca306.orellfuessli.css
assets.thalia.media/red/cms/components/footer-sitemap/ 7 KB
2 KB 31ms
26ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/style.7bdbb27e0cb55fbca306.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c11f27fe4f117dadc3526cc328ee4ff7494c7b33c1b88009c693f3219179b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:03 GMT
server: cloudflare
etag: W/"1b92-5c818d0588d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d80f0e9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 26 Jul 2022 05:56:26 GMT

GET
H2 200 style.3f64811c8b504b874a41.orellfuessli.css
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 11 KB
3 KB 48ms
43ms Stylesheet
text/css 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/style.3f64811c8b504b874a41.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4f226c560774c8c3304ce9e1f7cd070b9fabf21fb90e3c3addad5b0d50110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 200818
grace: none
x-cache: MISS
content-type: text/css
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 10:44:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=432000, max-age=2592000
cf-ray: 6e8cc3d8089c6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 05 Apr 2022 08:10:11 GMT

GET
H2 200 main-nomodule.d51ada56ca61815577af.js Show response
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 18 KB
6 KB 31ms
28ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/main-nomodule.d51ada56ca61815577af.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5fb386e76b563d76bde9f5f9174d454b3c21a0af71b690b797f59b83d67cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 279612
grace: none
x-cache: MISS
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 10:44:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=432000, max-age=2592000
cf-ray: 6e8cc3d808a56931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 10:16:57 GMT

GET
H2 200 style.808cfb3d0546d98f386e.orellfuessli.css
assets.thalia.media/red/cms/components/footer-badges/ 4 KB
1 KB 27ms
23ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-badges/style.808cfb3d0546d98f386e.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f859b366662b300a244839939efd60a91fa5ed0b2b2e7dd96c1d733894a94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:03 GMT
server: cloudflare
etag: W/"ff3-5c818d0547747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 6e8cc3d80f0f9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 14:19:27 GMT

GET
H2 200 5fc14d44e8cd1b6aaa512f2ffc2fd62855f027d9.jpg
assets.thalia.media/img/cms/ 2 KB
3 KB 29ms
26ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/5fc14d44e8cd1b6aaa512f2ffc2fd62855f027d9.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec73414e003a81ec90fffb891d9bf502557524278658810b7e270767b953617b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 1017540
cf-polished: origFmt=jpeg, origSize=3500
content-disposition: inline; filename="5fc14d44e8cd1b6aaa512f2ffc2fd62855f027d9.webp"
content-length: 2530
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Thu, 24 Feb 2022 20:37:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Mar 2022 20:37:00 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f199299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 d05842d0fec955215226e913e5d792a898f12fb9.jpg
assets.thalia.media/img/cms/ 3 KB
4 KB 27ms
24ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/d05842d0fec955215226e913e5d792a898f12fb9.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dcfe8a5bea5c54beddd7e8f147187d97b00245879ca2222fe31db2ce1fe72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 22316
cf-polished: origSize=4058, status=webp_bigger
content-length: 3402
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Mon, 07 Mar 2022 08:32:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 21 Mar 2022 08:32:35 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f1a9299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 f5727e549dd68028c3a01a1270aa9601794ac3ca.jpg
assets.thalia.media/img/cms/ 2 KB
3 KB 22ms
19ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/f5727e549dd68028c3a01a1270aa9601794ac3ca.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1760c1c867942132a2a8847c363b38981311ff81e377976a64d06e5b217094e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 118866
cf-polished: origFmt=jpeg, origSize=2685
content-disposition: inline; filename="f5727e549dd68028c3a01a1270aa9601794ac3ca.webp"
content-length: 2340
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Sun, 06 Mar 2022 01:10:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 01:10:27 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f1b9299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 78fc4361451a43a77483ab3a713ff195298e5f31.jpg
assets.thalia.media/img/cms/ 4 KB
4 KB 29ms
26ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/78fc4361451a43a77483ab3a713ff195298e5f31.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0387790bc7c24a1e63cf9ac50874f74178f4cbf4bfacfea88d92c4a1eaddb945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 22317
cf-polished: origSize=4535, status=webp_bigger
content-length: 3675
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Mon, 07 Mar 2022 08:32:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 21 Mar 2022 08:32:35 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f1d9299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 185e473fadc4eaba0e03cda8beaeb3d3b599e77e.png
assets.thalia.media/img/cms/ 2 KB
2 KB 28ms
25ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/185e473fadc4eaba0e03cda8beaeb3d3b599e77e.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eda9a0bc9b26cfa969d01e880ae2c397aa6823511f6a38c965ba1e6e24fedac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 972778
cf-polished: origFmt=png, origSize=3499
content-disposition: inline; filename="185e473fadc4eaba0e03cda8beaeb3d3b599e77e.webp"
content-length: 2002
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Thu, 17 Feb 2022 19:16:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Mar 2022 19:16:20 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f1f9299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 ce2e23906089344a980a004452137bceb733ee5e.png
assets.thalia.media/img/cms/ 6 KB
6 KB 23ms
20ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/ce2e23906089344a980a004452137bceb733ee5e.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ccbf093f9b1fd58f9a0a3fb98d7d334034d1c4416be963da8fc043cb55b8de4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 1111701
cf-polished: origFmt=png, origSize=6761
content-disposition: inline; filename="ce2e23906089344a980a004452137bceb733ee5e.webp"
content-length: 6116
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Wed, 23 Feb 2022 17:41:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 09 Mar 2022 17:41:47 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f209299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 style.99debd9737e28658137a.orellfuessli.css
assets.thalia.media/red/cms/components/footer-benefits/ 6 KB
2 KB 28ms
24ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-benefits/style.99debd9737e28658137a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cbce8097875392869cb76e08f7bb128a42b3e9672482dd4ed5b3d420ff5ae94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:03 GMT
server: cloudflare
etag: W/"172d-5c818d05557a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d80f119299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 26 Jul 2022 03:07:43 GMT

GET
H2 200 49a6269d73a1e6f3c5e24960f4af4d7041e8b2a6.png
assets.thalia.media/img/cms/ 2 KB
2 KB 25ms
22ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/49a6269d73a1e6f3c5e24960f4af4d7041e8b2a6.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90006bc7232ead0649fc99ba50ee615d44a669bce856939d65ba5022a7d233d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 1724214
cf-polished: origFmt=png, origSize=4678
content-disposition: inline; filename="49a6269d73a1e6f3c5e24960f4af4d7041e8b2a6.webp"
content-length: 2148
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Mon, 14 Feb 2022 08:08:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 08:08:37 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f229299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 7d893685729ead71215e36c3c231da2b0a0a4b61.png
assets.thalia.media/img/cms/ 1 KB
1 KB 29ms
27ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/7d893685729ead71215e36c3c231da2b0a0a4b61.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fa7512718d54cad5e4ff03f9b8a710ad9ed03ca186ec64dafa6fb6cdb92309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 828981
cf-polished: origFmt=png, origSize=1625
content-disposition: inline; filename="7d893685729ead71215e36c3c231da2b0a0a4b61.webp"
content-length: 1094
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Fri, 25 Feb 2022 20:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Mar 2022 20:34:59 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f239299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 41da2fb1560352383fdc3a47f18891ae920acba8.png
assets.thalia.media/img/cms/ 7 KB
8 KB 37ms
35ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/41da2fb1560352383fdc3a47f18891ae920acba8.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8400494c03878a6e2cfd30efe3bdd2b4ae5ba570d9a0f85ffd9e99943fe7c5ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 2322612
cf-polished: origFmt=png, origSize=9672
content-disposition: inline; filename="41da2fb1560352383fdc3a47f18891ae920acba8.webp"
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Wed, 09 Feb 2022 16:18:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 16:18:46 GMT
cache-control: max-age=1209600
cf-ray: 6e8cc3d80f249299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 302fb2ce466c2ef996f6b59e6610311898d15bb1.png
assets.thalia.media/img/cms/ 2 KB
3 KB 30ms
27ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/302fb2ce466c2ef996f6b59e6610311898d15bb1.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c691ceb7165ef23459d25989bebd750f229b569a376d3c2a6fd279b1c27c3bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 2311219
cf-polished: origFmt=png, origSize=6328
content-disposition: inline; filename="302fb2ce466c2ef996f6b59e6610311898d15bb1.webp"
content-length: 2412
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Wed, 09 Feb 2022 21:14:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 23 Feb 2022 21:14:26 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6e8cc3d80f279299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 bf7ac8828f7830f7be1e97694c0e61c7d04585bb.png
assets.thalia.media/img/cms/ 4 KB
4 KB 31ms
29ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/bf7ac8828f7830f7be1e97694c0e61c7d04585bb.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5babc60df486644e28508d026a5f0a6eabaf629899d31816b0db0be14371399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: HIT
age: 1902481
cf-polished: origFmt=png, origSize=8629
content-disposition: inline; filename="bf7ac8828f7830f7be1e97694c0e61c7d04585bb.webp"
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Mon, 14 Feb 2022 00:23:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 28 Feb 2022 00:23:25 GMT
cache-control: max-age=1209600
cf-ray: 6e8cc3d80f289299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-brandlogo--orellfuessli.32789c9f9b1b1deb15ae877d7057ac60.svg
assets.thalia.media/red/cms/components/header-global-logo/assets/ 2 KB
889 B 24ms
22ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-global-logo/assets/icon-brandlogo--orellfuessli.32789c9f9b1b1deb15ae877d7057ac60.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-global-logo/style.ec423b7119ecf9f12db2.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e068fe06805d1508581e20d3e80d22914b2fbb97fd5cf6d0e5dc27bb93f66c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.thalia.media/red/cms/components/header-global-logo/style.ec423b7119ecf9f12db2.orellfuessli.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 972778
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Tue, 27 Jul 2021 11:03:04 GMT
server: cloudflare
etag: W/"673-5c818d0603e5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=3099436
cf-ray: 6e8cc3d80f299299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 06:58:06 GMT

GET
H2 200 icon-account--orellfuessli.2dc3d33575e36310d7c70d0686962510.svg
assets.thalia.media/red/cms/components/header-global-kunde/assets/ 396 B
572 B 24ms
23ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-global-kunde/assets/icon-account--orellfuessli.2dc3d33575e36310d7c70d0686962510.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d93d1c7393d4ee6be0847a04e0c9c11f701ba20e4ce38b3454136030d161ab5

Request headers

Referer: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1073784
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Thu, 02 Dec 2021 10:40:20 GMT
server: cloudflare
etag: W/"18c-5d2276ac87ccc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80cf59b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Wed, 23 Feb 2022 22:46:33 GMT

GET
H2 200 icon-favourites--orellfuessli.f58b2d59bd3db0dd915ba19fc11f10e4.svg
assets.thalia.media/red/cms/components/header-global-kunde/assets/ 836 B
790 B 21ms
20ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-global-kunde/assets/icon-favourites--orellfuessli.f58b2d59bd3db0dd915ba19fc11f10e4.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071f8654cecb170f1b46723d95e16219551fd8b44b0ffb006862455d051a037d

Request headers

Referer: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1041495
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Thu, 02 Dec 2021 10:40:20 GMT
server: cloudflare
etag: W/"344-5d2276ac8f11f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80cf89b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 10:44:39 GMT

GET
H2 200 icon-warenkorb--orellfuessli.b23590c1a65d37932b6ae0a5552345df.svg
assets.thalia.media/red/cms/components/header-global-kunde/assets/ 318 B
534 B 24ms
23ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-global-kunde/assets/icon-warenkorb--orellfuessli.b23590c1a65d37932b6ae0a5552345df.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 003af04fc1e2f801731f4fc7d682e12252caf8ecb770e7e0d3176f6f43a2f889

Request headers

Referer: https://assets.thalia.media/red/cms/components/header-global-kunde/style.e7befe595aa85f2482c4.orellfuessli.css
Origin: https://www.orellfuessli.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 277550
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Thu, 02 Dec 2021 10:40:20 GMT
server: cloudflare
etag: W/"13e-5d2276ac96f0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d80cfc9b27-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 22:31:48 GMT

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccf4d3cf9b1587a1ae059ffcf660a901022ffebd98279eea01293954b4b71ec0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 774 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hilfeHeader.jpg
assets.thalia.media/base/unternehmen/hilfecenter/ 16 KB
16 KB 21ms
20ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/base/unternehmen/hilfecenter/hilfeHeader.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867b366f3443363cd16a66fe90abdec56fe4b486f48b8b93d7f8451620e97f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
cf-cache-status: HIT
age: 14160
cf-polished: origSize=17212, status=webp_bigger
content-length: 16267
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
last-modified: Tue, 23 Feb 2016 01:24:14 GMT
server: cloudflare
etag: "433c-52c65cea82b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 08 Mar 2022 15:53:27 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8cc3d84f9c9299-FRA
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-bgj: imgq:100,h2pri

GET
H2 200 shell-consent.59e24f699b30.js Show response
www.orellfuessli.ch/assets/static/ 41 KB
14 KB 28ms
27ms Script
application/javascript 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell-consent.59e24f699b30.js

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.250d705888c74998bc8a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e24f699b3060dcd288edec9e91f3f081682aee2d873495af6855e29549568e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 210
content-type: application/javascript
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 08:35:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=43200, public
cf-ray: 6e8cc3d8da276931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 15:53:39 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 368 KB
98 KB 39ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3TL3

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/application.aacaad7d5f95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f52d176c1dd9ad885dc2b6f142fea25d4e70e971f06b46e62ec58b41364f6340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99651
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Mar 2022 15:57:09 GMT

GET
H2 200 artikelnummern Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/ 22 B
141 B 89ms
89ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/artikelnummern

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: application/json
vary: Origin
content-length: 22
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6e8cc3d8ea436931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 style.965802a69fe5b5b57e4e.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 70 KB
8 KB 19ms
19ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/style.965802a69fe5b5b57e4e.orellfuessli.css

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.febc1d2281cb19b81d92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

245e0cdccfffcf44dc0508f677183c1b78261f478cedd013651bd195cd97ce4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
cf-cache-status: HIT
age: 614977
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
x-messageid: Yh4ZF-mYpWBanLqUsVGyhAAAAJY
last-modified: Tue, 01 Mar 2022 11:17:05 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15780000
cf-ray: 6e8cc3d8e88c9299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 31 Mar 2022 13:01:11 GMT

GET
H2 200 header-overlay Show response
www.orellfuessli.ch/include/login/ 5 KB
2 KB 79ms
79ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/login/header-overlay

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9796ccddf54213f6712791514e3d8e294dc58e05d90d9da685b27009c8b617f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 507
grace: none
x-cache: HIT
content-type: text/html;charset=UTF-8
vary: Origin
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6e8cc3d8ea4a6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
192 B 35ms
35ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: application/json
vary: Origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6e8cc3d8ea4e6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 ajax Show response
www.orellfuessli.ch/include/heimdall/v1/consent/ 0
161 B 157ms
156ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/heimdall/v1/consent/ajax

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: text/html;charset=UTF-8
vary: Origin
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=600
cf-ray: 6e8cc3d8fa5e6931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 16:07:10 GMT

GET
H2 200 / Show response
www.orellfuessli.ch/shop/home/headerfiliale/getHeader/ 0
109 B 94ms
94ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/shop/home/headerfiliale/getHeader/?detail=true

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: application/json;charset=ISO-8859-1
vary: Origin
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, no-store
cf-ray: 6e8cc3d8fa616931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 suchhistorie.html Show response
www.orellfuessli.ch/suche/v1/ 1 KB
704 B 102ms
101ms Fetch
text/html 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/suche/v1/suchhistorie.html

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f1f72697f3d6ad98c3edcae1fd048371a04bef4aba666b614822d3f5c02f8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
content-type: text/html;charset=UTF-8
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-xss-protection: 1; mode=block
access-control-allow-headers: Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-language: de
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cf-ray: 6e8cc3d8fa636931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 flyout.json Show response
www.orellfuessli.ch/cms/api/1/services/ 50 KB
6 KB 84ms
84ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/cms/api/1/services/flyout.json?tenantId=37&storeUrl=L3NpdGUvY29tcG9uZW50cy9waW5uZWQvb3JlbGxmdWVzc2xpX2NoL25hdmlnYXRpb24vMTRlNjUxZGYtZjhkYy1iMTNmLTU0OTYtZjhlYWE1OGJlZDgxLnhtbA==

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868c1a2535c55c9ccba0cbaf764bd887b43b837efa582c1059f888b7df7809ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 407
grace: none
x-cache: HIT
content-type: application/json;charset=UTF-8
vary: Origin
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: max-age=600, max-age=172800
cf-ray: 6e8cc3d8fa656931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 15:57:09 GMT

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 style.bc389dde4448b0a6c7fa.orellfuessli.css
assets.thalia.media/kuba/login/login-form-kompakt/ 68 KB
9 KB 23ms
21ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/kuba/login/login-form-kompakt/style.bc389dde4448b0a6c7fa.orellfuessli.css
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/kuba/login/global-header-login/main-nomodule.c8c0626bd8e5bba30828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 682462d8e4bd027a5eb50a24ebc1d0c7845319bed8955e3027483d9f0fe5e108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 1064871
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Wed, 23 Feb 2022 12:19:34 GMT
server: cloudflare
etag: W/"1105e-5d8ae7a76df30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15552000
cf-ray: 6e8cc3d979869299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 08:07:39 GMT

GET
H2 200 main-nomodule.a04d8ba2786688a9ad72.js Show response
assets.thalia.media/kuba/login/login-form-kompakt/ 7 KB
3 KB 23ms
22ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/kuba/login/login-form-kompakt/main-nomodule.a04d8ba2786688a9ad72.js
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/kuba/login/global-header-login/main-nomodule.c8c0626bd8e5bba30828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a2ec81ed88f95c991477cda604d7c0d77cd7a2ffa653e7a31bc8bdc20d16f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 1065029
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
last-modified: Wed, 23 Feb 2022 12:19:34 GMT
server: cloudflare
etag: W/"1c51-5d8ae7a770bb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 6e8cc3d979899299-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Thu, 10 Mar 2022 08:06:39 GMT

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
112 B 97ms
97ms Fetch
application/json 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: application/json
vary: Origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6e8cc3d9bbc66931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 send
ga.thalia.media/j/ 2 B
0 131ms
119ms Fetch
text/plain 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.thalia.media/j/send?v=1&ds=web&aip=1&tid=UA-39319847-14&cid=6d460afe-207c-4f80-aaee-791721f07325&sd=24-bits&dt=Hilfe%20zur%20Geschenkkarte%20%20%7C%20Orell%20F%C3%BCssli&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&ul=en-us&de=UTF-8&sr=1600x1200&vp=1600x1200&_r=1&jid=582399241&plt=659&pdt=48&tcp=28&dit=519&clt=541&srt=159&dns=10&t=pageview&cm11=395&cm8=500&cm12=159

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
cf-ray: 6e8cc3d9e8c69b27-FRA
content-length: 2
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 157 KB
58 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BE2W3ZY94G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87c3edfa0541f715cb57f875c2c656ed94ea3f08325c0ebbd45cad1d802bfdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59022
x-xss-protection: 0
expires: Tue, 08 Mar 2022 15:57:10 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 49ms
21ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 15:57:10 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 71ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2912AA4B983B4279BCAFE4EB2376545D Ref B: FRAEDGE1519 Ref C: 2022-03-08T15:57:10Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H3

200

activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=und... Show response
9327407.fls.doubleclick.net/ Frame 2557
Redirect Chain

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=u...
https://9327407.fls.doubleclick.net/activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefi...

829 B
518 B

44ms
19ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9327407.fls.doubleclick.net/activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

9b248ea9ba39f82bcc53fd5a1857d8a82403ac869e97de89aebf0595892deda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 493
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9327407.fls.doubleclick.net/activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 96ms
9ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1007 B
794 B 57ms
15ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 68195809df6d702b8d2c25c97140def7f78f61a3a946a751ed0c304f96c8677f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:57:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Mar 2022 21:40:24 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=20704
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 481

GET
H/1.1 200
OK vt-278.js Show response
vt.myvisualiq.net/2/wGnp5w%2BUEsXB63e7ZHic1g%3D%3D/ 14 KB
5 KB 58ms
23ms Script
application/x-javascript 65.9.66.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vt.myvisualiq.net/2/wGnp5w%2BUEsXB63e7ZHic1g%3D%3D/vt-278.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0b42ccfbaf151f93c01e45d91aca0f23025cc36c5cdb35b5b51d6512aeb911

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 07:00:47 GMT
Content-Encoding: gzip
Age: 32184
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
Connection: keep-alive
x-amz-request-id: SYDQ2V71JJH7BSHY
x-amz-id-2: PUPdLX2FHWYAhvga4hB7Y8HdQlb71y4FyTWYMUNhHMhk4f7/yjnOM66LmQlFClBcSFSdAA4kDOI=
access-control-allow-origin: *
Last-Modified: Fri, 03 Dec 2021 08:09:00 GMT
Server: AmazonS3
ETag: W/"5d0648e9841121ebb9dc3a4c56d4fd96"
Vary: Accept-Encoding
x-amz-version-id: AIduKLgbQRCr1VuNw6iXm9aYlYrEWg2H
Via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Content-Type: application/x-javascript
X-Amz-Cf-Id: 758SQzov2tRQmc9QtLlmCQmLytCtin_5_mCDmclXbgBxLWHiQ8OOJQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: 0k0sNtMVPPGJcqHTnM7ZBzIWvoeF2Efnh/IWCoUEXgGV8GYPGgWGyy1DkSDgM83ZkEBX1FRXj2te0SO/XeyDPg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 08 Mar 2022 15:57:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 13971.js Show response
www.dwin1.com/ 34 KB
9 KB 207ms
135ms Script
application/javascript 2600:9000:2104:600:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/13971.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34b73edfaf54967cef6c17a2f5dddd4952b6aa4e993c1b7e883055a94a096e25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: FJ76cSY._y_8jPFlFGCynQhfiRTMXMXu
content-encoding: gzip
etag: W/"3818468c701dd2ebc672eefe463409f6"
age: 111
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 24 Feb 2022 12:57:14 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 15:57:01 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Clz7vH79xw2YmCBB_2CmLhXEWt2pOWD-EvcafQmwwbhbmOAID6xNiw==

POST
H2 204 collect
analytics.google.com/g/ 0
350 B 46ms
13ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BE2W3ZY94G&gtm=2oe370&_p=683809353&_z=ccd.BK&_gaz=1&cid=1167357739.1646755030&ul=en-us&sr=1600x1200&_s=1&sid=1646755030&sct=1&seg=0&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&dt=Hilfe%20zur%20Geschenkkarte%20%7C%20Orell%20F%C3%BCssli&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BE2W3ZY94G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
350 B 63ms
21ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BE2W3ZY94G&cid=1167357739.1646755030&gtm=2oe370&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BE2W3ZY94G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 62ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BE2W3ZY94G&cid=1167357739.1646755030&gtm=2oe370&aip=1&z=759135872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/ 2 KB
2 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/?random=1646755030146&cv=9&fst=1646755030146&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&frm=0&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&tiba=Hilfe%20zur%20Geschenkkarte%20%7C%20Orell%20F%C3%BCssli&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52571826f9f6f9a712aa8fe3bd07b1adf86da4fa4116fe255068151222885766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1990369294524981 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1990369294524981?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

451c86b962a31e3785123351af00c7d89a79a66b349caa068d0e2fe5195095c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89161
x-xss-protection: 0
pragma: public
x-fb-debug: cyKkgwXw81VHsL8pTqLWp4rQf2ci1EGiKm2vbWkcg1Hb0wME2lCBHW5ZnNDWdQ30bw+nlX4f+7+Oz0ZxkFTjGA==
x-frame-options: DENY
date: Tue, 08 Mar 2022 15:57:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:57:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=26773
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_d80c3210-40f2-4333-b775-d9f413cfd03b

43 B
296 B

580ms
98ms

Image
image/gif

18.214.173.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_d80c3210-40f2-4333-b775-d9f413cfd03b
Protocol: HTTP/1.1
Server: 18.214.173.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-173-40.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_d80c3210-40f2-4333-b775-d9f413cfd03b
date: Tue, 08 Mar 2022 15:57:10 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

21398
tags.bluekai.com/site/
Redirect Chain

https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D
https://tags.bluekai.com/site/21398?id=c74d04bb-0bbc-4239-bfd6-337b0a5e75ce

62 B
304 B

231ms
169ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/21398?id=c74d04bb-0bbc-4239-bfd6-337b0a5e75ce
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:57:11 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://tags.bluekai.com/site/21398?id=c74d04bb-0bbc-4239-bfd6-337b0a5e75ce

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253D...
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=0-f7205366-45fb-40ce-932c-65ca95547315&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=125310&dpuuid=0-f7205366-45fb-40ce-932c-65ca95547315&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_...
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=34489114395789395090857990115204136833

43 B
296 B

98ms
98ms

Image
image/gif

18.214.173.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=34489114395789395090857990115204136833
Protocol: HTTP/1.1
Server: 18.214.173.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-173-40.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v029-0510a3d3b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6yIWWGiBQTE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=34489114395789395090857990115204136833
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
loadus.exelator.com/load/
Redirect Chain

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://loadus.exelator.com/load/?p=204&g=1260&buid=b96e23ce-63a4-47c8-af1e-44708ed9e55c

124 B
124 B

131ms
29ms

Image
application/x-javascript

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=1260&buid=b96e23ce-63a4-47c8-af1e-44708ed9e55c
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://loadus.exelator.com/load/?p=204&g=1260&buid=b96e23ce-63a4-47c8-af1e-44708ed9e55c

GET
H3

200

tr
www.facebook.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1236519689830344%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0
https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1236519689830344%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0
https://www.facebook.com/tr?id=1236519689830344&ev=PageView&cd[order_id]=b96e23ce-63a4-47c8-af1e-44708ed9e55c&dpo=LDU&dpoco=0&dpost=0

44 B
91 B

15ms
7ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1236519689830344&ev=PageView&cd[order_id]=b96e23ce-63a4-47c8-af1e-44708ed9e55c&dpo=LDU&dpoco=0&dpost=0

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 08 Mar 2022 15:57:10 GMT

Redirect headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://www.facebook.com/tr?id=1236519689830344&ev=PageView&cd[order_id]=b96e23ce-63a4-47c8-af1e-44708ed9e55c&dpo=LDU&dpoco=0&dpost=0

GET
H/1.1 200
OK impression_pixel
t.myvisualiq.net/ 43 B
296 B 526ms
98ms Image
image/gif 18.214.173.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/impression_pixel?r=1027171&et=i&ago=212&ao=983&aca=-10&si=-10&ci=-10&pi=-10&ad=-10&advt=-10&chnl=-10&vndr=101&sz=9437&u=||https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&pt=i&othercookie_id=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.173.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-173-40.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK sync_pixel
t.myvisualiq.net/ 43 B
296 B 516ms
99ms Image
image/gif 18.214.173.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync_pixel?r=3888964&ago=212&ao=983&p1_eml=|||&p1_uid=&p1_cid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.173.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-173-40.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 08 Mar 2022 15:57:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 12000244.js Show response
bat.bing.com/p/action/ 777 B
794 B 181ms
180ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/12000244.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 848d69de61d92af9af16686093e8247073857bc78934a10de9f118097ded6732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28B6C01FBD1A4BF3A8CFDE6DE817B740 Ref B: FRAEDGE1519 Ref C: 2022-03-08T15:57:10Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 642

GET
H2 204 0
bat.bing.com/action/ 0
151 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=12000244&tm=gtm002&Ver=2&mid=90a8203d-ee7d-4e52-a5d3-8f24f0a06699&sid=698fef109ef811ec8cff47dcf3b31e1c&vid=69902cb09ef811ec8c9aa148d83fac7b&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hilfe%20zur%20Geschenkkarte%20%7C%20Orell%20F%C3%BCssli&p=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&r=&lt=676&evt=pageLoad&msclkid=N&sv=1&rn=891569
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8D2BC1B3E714CE49B63869E5B6FC564 Ref B: FRAEDGE1519 Ref C: 2022-03-08T15:57:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1646755030192%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&liSync=true&e_ipv6=AQK4TlUqmd1-2gAAAX9qP6...

0
264 B

131ms
111ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&liSync=true&e_ipv6=AQK4TlUqmd1-2gAAAX9qP6X59swULO2GRbliEqEWXX8xZZwoITqqHYKgpXJo-VRSpxQV3ObrWdtkS9m9KHz9FUUR9CVw
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B3C7859E58444092AB54B089C30D8D52 Ref B: FRAEDGE1110 Ref C: 2022-03-08T15:57:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZtwiiM+y/HNiTxQM7Xg==
x-li-fabric: prod-lva1

Redirect headers

date: Tue, 08 Mar 2022 15:57:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 182E9A1BE7764B45A2361F67A5743F8F Ref B: FRAEDGE1415 Ref C: 2022-03-08T15:57:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1646755030192&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&liSync=true&e_ipv6=AQK4TlUqmd1-2gAAAX9qP6X59swULO2GRbliEqEWXX8xZZwoITqqHYKgpXJo-VRSpxQV3ObrWdtkS9m9KHz9FUUR9CVw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZtwigIuD3z2RICFsNEg==

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 15ms
13ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 /
www.google.com/pagead/1p-user-list/978673102/ 42 B
548 B 50ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978673102/?random=1646755030146&cv=9&fst=1646751600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&frm=0&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&tiba=Hilfe%20zur%20Geschenkkarte%20%7C%20Orell%20F%C3%BCssli&async=1&fmt=3&is_vtc=1&random=3796875230&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/978673102/ 42 B
64 B 45ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/978673102/?random=1646755030146&cv=9&fst=1646751600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&frm=0&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&tiba=Hilfe%20zur%20Geschenkkarte%20%7C%20Orell%20F%C3%BCssli&async=1&fmt=3&is_vtc=1&random=3796875230&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anzahl.html Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/ 1 B
157 B 45ms
42ms Fetch
text/plain 104.16.91.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/anzahl.html

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.91.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: text/plain; charset=utf-8
vary: Origin
content-length: 1
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6e8cc3dade246931-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 28ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1990369294524981&ev=PageView&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&rl=&if=false&ts=1646755030220&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646755030218.905581798&it=1646755030154&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 08 Mar 2022 15:57:10 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
835 B 126ms
34ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1646755030231

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:10 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.8499645f.1646755030.fd1623a
x-envoy-upstream-service-time: 1
x-pinterest-rid: 3120661235135836
pin-unauth: dWlkPU1UWTFNR1E0TmpFdE9UTmpZaTAwTnpZd0xXRTRaakl0TjJZNVpHVXpOV1EwWmprNA
access-control-allow-origin: https://www.orellfuessli.ch
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 84ms
39ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1646755030232

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8499645f.1646755030.fd1623c
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 8168193340396966
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=... Show response
adservice.google.com/ddm/fls/i/ Frame 1AA2 828 B
960 B 72ms
48ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F

Requested by

Host: 9327407.fls.doubleclick.net
URL: https://9327407.fls.doubleclick.net/activityi;dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f025dc9846be6a40de54fa7879075b2b1439fce3b573c49b2767de1dc04c33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9327407.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 491
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 5 KB
2 KB 143ms
16ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238&place=2&category_id=undefined
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 86edb2be764e54b35082d4b0e429444300a06aeabb2df137d3af8258f1f9e806

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 15:57:10 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=3, max=70
Content-Length: 1559
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=... Show response
adservice.google.de/ddm/fls/i/ Frame 0B24 194 B
870 B 74ms
51ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJmM7MTwtvYCFRIdGwodiMEA0A;src=9327407;type=pageview;cat=global00;ord=675384737399;gtm=2wg370;auiddc=401349359.1646755030;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Hilfe%20Geschenkkarte;u10=Hilfe%20Geschenkkarte;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F;u24=undefined;u25=alle%20Seiten;u30=desktop;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
expires: Tue, 08 Mar 2022 15:57:10 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.32/ 53 KB
23 KB 310ms
108ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/12000244.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:09 GMT
content-encoding: br
etag: "1d8314040aa9e90"
last-modified: Sun, 06 Mar 2022 09:55:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 22927
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=8C65ABE80B2944D796AFD68D835F0FBC&RedC=c.clarity.ms&MXFR=075DBCFE3CB3625A26C4AD9F38B36C5D
https://c.clarity.ms/c.gif?CtsSyncId=8C65ABE80B2944D796AFD68D835F0FBC&MUID=08579F951D726B4308CC8EF41C196A09

42 B
369 B

29ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=8C65ABE80B2944D796AFD68D835F0FBC&MUID=08579F951D726B4308CC8EF41C196A09
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c5ed6a6f22cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1E85C6D332440CF871FEDDE77073909 Ref B: FRAEDGE1519 Ref C: 2022-03-08T15:57:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=8C65ABE80B2944D796AFD68D835F0FBC&MUID=08579F951D726B4308CC8EF41C196A09
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame F73C
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

309ms
299ms

Document
text/html

2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

c0424c8a0cb20abdf3f322107d5ee79679a53e37647f87fc8e0b29fdc12e4ede

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.googleapis.com .adyen.com .adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-f27c51f56cd46e1d72f4997d135d2a1f' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3532589278083291; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-f27c51f56cd46e1d72f4997d135d2a1f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3532589278083291; frame-ancestors *
content-security-policy-report-only: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-f27c51f56cd46e1d72f4997d135d2a1f' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 91
pinterest-generated-by: coreapp-webapp-prod-0a011265
content-encoding: gzip
pinterest-version: 9863f04
referrer-policy: origin
x-pinterest-rid: 3532589278083291
date: Tue, 08 Mar 2022 15:57:10 GMT
content-length: 280
akamai-grn: 0.8499645f.1646755030.fd1651f
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 103
pinterest-generated-by: coreapp-webapp-prod-0a0112ca
content-encoding: gzip
pinterest-version: 9863f04
referrer-policy: origin
x-pinterest-rid: 7769693776533517
date: Tue, 08 Mar 2022 15:57:10 GMT
akamai-grn: 0.8499645f.1646755030.fd16288
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H/1.1 200
OK rt.php Show response
www.usemaxserver.de/ Frame D6B4 1 KB
917 B 18ms
17ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=2&product_id=undefined&checkout_amount=&checkout_order_id=&referrer=&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&iframe=1&k0=0&ci=dXNtX3VtX3J0PTE4MzMyMzE5MjUmfGUxZjQzYw==
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238&place=2&category_id=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 58e40e19336ca39c31c47d92983c66d3e7f70ebb71bd564dbd297e85903d2797

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/

Response headers

Date: Tue, 08 Mar 2022 15:57:10 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 581
Keep-Alive: timeout=3, max=69
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 25 KB
7 KB 24ms
23ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=2&product_id=undefined&u=1&um_coupon=&pid=undefined&w=1600&h=1200&referrer=leer&ext_ident=&ext_par1=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&ci=dXNtX3VtX3J0PTE4MzMyMzE5MjUmfGUxZjQzYw==
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238&place=2&category_id=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 60ed6ccb5904aa9c635d5b32598f9c68df18bbd2b1a3671831ab3d951637fd2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 15:57:10 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=68
Content-Length: 6461
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Show response
8114602.fls.doubleclick.net/ Frame BD29
Redirect Chain

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://8114602.fls.doubleclick.net/activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

379 B
338 B

25ms
25ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8114602.fls.doubleclick.net/activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=2&product_id=undefined&checkout_amount=&checkout_order_id=&referrer=&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&iframe=1&k0=0&ci=dXNtX3VtX3J0PTE4MzMyMzE5MjUmfGUxZjQzYw==

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

b2aa1e5ad6b3703dbcea2eb903fc38bbd040583969c2b3e04503cf4c0b5aa7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
expires: Tue, 08 Mar 2022 15:57:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8114602.fls.doubleclick.net/activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Show response
8114602.fls.doubleclick.net/ Frame E9C5
Redirect Chain

https://8114602.fls.doubleclick.net/activityi;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://8114602.fls.doubleclick.net/activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

380 B
339 B

25ms
24ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8114602.fls.doubleclick.net/activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

d07f9b0f7f88a82c891d0764cb53a7a221d2a7effe4060f7d199593f5ae3c410

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
expires: Tue, 08 Mar 2022 15:57:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Mar 2022 15:57:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8114602.fls.doubleclick.net/activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rt.php Show response
www.usemax.de/ Frame F27F 0
552 B 132ms
12ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemax.de/rt.php?ext_i=1833231925
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=2&product_id=undefined&checkout_amount=&checkout_order_id=&referrer=&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&iframe=1&k0=0&ci=dXNtX3VtX3J0PTE4MzMyMzE5MjUmfGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/

Response headers

Date: Tue, 08 Mar 2022 15:57:10 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Length: 0
Keep-Alive: timeout=3, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame D6B4
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|

35 B
395 B

18ms
18ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|

Requested by

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7COrellFuessliCH_0&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame D6B4
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C2%7COrellFuessliCH_2&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C2%7COrellFuessliCH_2&ADFdivider=|

35 B
396 B

19ms
19ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C2%7COrellFuessliCH_2&ADFdivider=|

Requested by

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C2%7COrellFuessliCH_2&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame E9C5 42 B
63 B 65ms
49ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 8114602.fls.doubleclick.net
URL: https://8114602.fls.doubleclick.net/activityi;dc_pre=COXBgcXwtvYCFQqYhQod9WkJ0g;src=8114602;type=invmedia;cat=yhvflq6j;u1=2;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8114602.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame BD29 42 B
63 B 66ms
51ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 8114602.fls.doubleclick.net
URL: https://8114602.fls.doubleclick.net/activityi;dc_pre=CIfCgcXwtvYCFZdCHQkdZr8O4Q;src=8114602;type=invmedia;cat=yhvflq6j;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8114602.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 15:57:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK exint_close.png
www.usemaxserver.de/images/ 3 KB
3 KB 12ms
12ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/images/exint_close.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) /
Resource Hash: d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:57:10 GMT
Last-Modified: Tue, 28 Jun 2016 13:42:27 GMT
Server: Apache/2.4.25 (Debian)
ETag: "a51-53656cebaf6c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=67
Content-Length: 2641

GET
H/1.1 200
OK newsletter_012020.png
www.usemaxserver.de/partner/orellfuessli/onsite/ 193 KB
194 KB 24ms
12ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/partner/orellfuessli/onsite/newsletter_012020.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) /
Resource Hash: 4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:57:10 GMT
Last-Modified: Wed, 08 Jan 2020 13:33:48 GMT
Server: Apache/2.4.25 (Debian)
ETag: "305b7-59ba0f13e0700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=66
Content-Length: 198071

POST
H2 204 collect Show response
e.clarity.ms/ 0
96 B 235ms
235ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.orellfuessli.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Tue, 08 Mar 2022 15:57:10 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame F73C 0
3 KB 133ms
133ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=3532589278083291

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.googleapis.com .adyen.com .adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-ad93ef8a5cb931b144f5cd6b6fb05ac7' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3390557097887141; frame-ancestors 'self' , script-src 'nonce-ad93ef8a5cb931b144f5cd6b6fb05ac7' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3390557097887141
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-ad93ef8a5cb931b144f5cd6b6fb05ac7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3390557097887141; frame-ancestors 'self' , script-src 'nonce-ad93ef8a5cb931b144f5cd6b6fb05ac7' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3390557097887141
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8499645f.1646755030.fd16727
content-security-policy-report-only: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-ad93ef8a5cb931b144f5cd6b6fb05ac7' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 30
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 3390557097887141
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 9863f04
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 08 Mar 2022 15:57:11 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011b8b

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame F73C 0
3 KB 134ms
133ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.googleapis.com .adyen.com .adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-f97500b7520ba0c53592fef1a3acd2ac' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1339637654304755; frame-ancestors 'self' , script-src 'nonce-f97500b7520ba0c53592fef1a3acd2ac' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1339637654304755
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-f97500b7520ba0c53592fef1a3acd2ac' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1339637654304755; frame-ancestors 'self' , script-src 'nonce-f97500b7520ba0c53592fef1a3acd2ac' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1339637654304755
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8499645f.1646755030.fd16729
content-security-policy-report-only: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-f97500b7520ba0c53592fef1a3acd2ac' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 29
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1339637654304755
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 9863f04
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 08 Mar 2022 15:57:11 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0110f9

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame F73C 0
3 KB 123ms
122ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.googleapis.com .adyen.com .adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-b4af392ab06152d96c2e5f79e66fde09' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1617759253814056; frame-ancestors 'self' , script-src 'nonce-b4af392ab06152d96c2e5f79e66fde09' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1617759253814056
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; img-src * data: blob:; script-src 'nonce-b4af392ab06152d96c2e5f79e66fde09' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1617759253814056; frame-ancestors 'self' , script-src 'nonce-b4af392ab06152d96c2e5f79e66fde09' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1617759253814056
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8499645f.1646755030.fd1672c
content-security-policy-report-only: default-src 'self' s.pinimg.com; style-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; font-src 'self' data: s.pinimg.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; script-src 'nonce-b4af392ab06152d96c2e5f79e66fde09' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' * 'unsafe-inline' blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 24
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1617759253814056
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 9863f04
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 08 Mar 2022 15:57:11 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011d56

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1990369294524981&ev=Microdata&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fshop%2Fhilfe-geschenkkarte%2Fshow%2F&rl=&if=false&ts=1646755031724&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hilfe%20zur%20Geschenkkarte%20%20%7C%20Orell%20F%C3%BCssli%22%2C%22meta%3Adescription%22%3A%22Finden%20Sie%20hier%20alle%20Informationen%20rund%20um%20die%20Orell%20F%C3%BCssli%20Geschenkkarte%3A%20Verschenken%2C%20Einl%C3%B6sen%2C%20Erstattung%20und%20Guthaben%20%7C%20Orell%20F%C3%BCssli%3A%20Der%20Buchh%C3%A4ndler%20Ihres%20Vertrauens%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646755030218.905581798&it=1646755030154&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:57:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 08 Mar 2022 15:57:11 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 97ms
97ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell.ec9ba0b84e6a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.orellfuessli.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Tue, 08 Mar 2022 15:57:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: FDCSESSION Value: 450158B96F199D57C4830E3FC168631A.shoptc5
www.orellfuessli.ch/	1970-01-20 10:11:31	Name: KUNDE_LAYOUT Value: FLAT
www.orellfuessli.ch/	1970-01-25 20:31:27	Name: gcor Value: "SIDYid81dl7h6kqoow2@ApgmAAAAHQ"
www.orellfuessli.ch/	1970-01-20 10:21:35	Name: ab_bucket Value: 7
www.orellfuessli.ch/	1970-01-20 10:21:35	Name: ab_container Value: 8
.orellfuessli.ch/	1970-01-20 01:25:56	Name: __cf_bm Value: Fq5JsapkluayzPGSywmw4MEhJu3eP3IZAsAQFPcT25U-1646755029-0-Abq9JhADsntoShrO2aLMSi85ACeMfGIk7ZDlv3mkkM4wv/w7AFlXrIIIDqnx/rYkfTCV1ZfaZCFk4nx/dAsMgWQ=
.thalia.media/	1970-01-20 01:25:56	Name: __cf_bm Value: E.HYhV7nh1WIaxrOs0ReZUm_xG8YvXjxo19_SO.8e2E-1646755029-0-AaEXT307cyg2QXTS2Br0jVNkMVJ0ISsz/xCT28pvweyI6De4ZogkmLe3La6tII3G8UR/sJcA2QPOGM47gji4rf4=
www.orellfuessli.ch/	1970-01-20 01:26:05	Name: club Value: KEIN_MITGLIED
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: WARENKORB-XSRF-TOKEN Value: e83b83ed-bde2-4bef-b388-8c6df8f5ba03
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: MERKZETTEL-XSRF-TOKEN Value: 10b42bb5-c28d-4ee4-a0ae-1e31e423b3ad
.orellfuessli.ch/	1970-01-20 03:35:31	Name: _gcl_au Value: 1.1.401349359.1646755030
.orellfuessli.ch/	1970-01-20 18:57:07	Name: _ga_BE2W3ZY94G Value: GS1.1.1646755030.1.0.1646755030.60
.orellfuessli.ch/	1970-01-20 18:57:07	Name: _ga Value: GA1.1.1167357739.1646755030
.bing.com/	1970-01-20 10:47:31	Name: MUID Value: 08579F951D726B4308CC8EF41C196A09
.orellfuessli.ch/	1970-01-20 01:27:21	Name: _uetsid Value: 698fef109ef811ec8cff47dcf3b31e1c
.orellfuessli.ch/	1970-01-20 10:47:31	Name: _uetvid Value: 69902cb09ef811ec8c9aa148d83fac7b
.orellfuessli.ch/	1970-01-20 03:35:31	Name: _fbp Value: fb.1.1646755030218.905581798
.tapad.com/	1970-01-20 02:52:19	Name: TapAd_TS Value: 1646755030218
.tapad.com/	1970-01-20 02:52:19	Name: TapAd_DID Value: d80c3210-40f2-4333-b775-d9f413cfd03b
.facebook.com/	1970-01-20 03:35:31	Name: fr Value: 0dfJauxnjXjP4VyJF..BiJ3zW...1.0.BiJ3zW.
.linkedin.com/	1970-01-20 02:09:07	Name: UserMatchHistory Value: AQKqUCXx_q7_SgAAAX9qP6URZkHKHaPByHvhIX0FLWUTONKhiL2ZYQQTCkEyy6f7yZywAFvZzlDgxg
.linkedin.com/	1970-01-20 02:09:07	Name: AnalyticsSyncHistory Value: AQLlesyjkzgh6gAAAX9qP6URxfsd_HIljE3Fuhi8S4dI75rzjEw1drNBaJn4LXyrDiedDafxg8a_xQRsANfq9A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:57:48	Name: bcookie Value: "v=2&387136c8-22a8-4546-843b-17bfa522a05b"
.linkedin.com/	1970-01-20 01:27:21	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2553:u=1:x=1:i=1646755030:t=1646841430:v=2:sig=AQEsdxemQw32Y-312_tLFJ3qubiPLkVn"
.orellfuessli.ch/	1970-01-20 10:11:31	Name: _pin_unauth Value: dWlkPU1UWTFNR1E0TmpFdE9UTmpZaTAwTnpZd0xXRTRaakl0TjJZNVpHVXpOV1EwWmprNA
.usemaxserver.de/	1970-01-20 10:11:31	Name: um_rt Value: 1833231925
.usemaxserver.de/	1970-01-20 10:11:31	Name: ident_v Value: 1
www.orellfuessli.ch/	1970-01-20 10:11:31	Name: usm_um_rt Value: 1833231925
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:57:48	Name: bscookie Value: "v=1&202203081557102be9aaf8-5aab-4d97-82d6-7ad3a78fd720AQFlkQGb1O2nT2vJ14809plkIV6xxUCc"
.linkedin.com/	1970-01-20 18:49:27	Name: li_gc Value: MTswOzE2NDY3NTUwMzA7MjswMjHbKoDuZU/7NScDYOjwESOOqJ//OFvq04f7h/ZFuueijQ==
.adform.net/	1970-01-20 02:10:29	Name: C Value: 1
.doubleclick.net/	1970-01-20 10:47:31	Name: IDE Value: AHWqTUkK8nftGU-LQ2cJsawCq9qwm6L3cS40nFqy0gxBY_o0TvGSsh7VhqmTOjZNtew
.adform.net/	1970-01-20 02:52:15	Name: uid Value: 6451570719337969487
.c.bing.com/	1970-01-20 10:47:31	Name: SRM_B Value: 08579F951D726B4308CC8EF41C196A09
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:47:31	Name: MUID Value: 08579F951D726B4308CC8EF41C196A09
.c.clarity.ms/	1970-01-20 01:25:55	Name: ANONCHK Value: 0
.usemax.de/	1970-01-20 10:11:31	Name: um_rt Value: 1833231925
.usemax.de/	1970-01-20 10:11:31	Name: ident_v Value: 1
.myvisualiq.net/	1970-01-20 18:57:07	Name: c Value: 1646755030
.myvisualiq.net/	1970-01-20 18:57:07	Name: tuuid_lu Value: 1646755030
.orellfuessli.ch/	1970-01-20 10:11:31	Name: _clck Value: 10sbgrh\|1\|ezl\|0
.myvisualiq.net/	1970-01-20 18:57:07	Name: tuuid Value: b96e23ce-63a4-47c8-af1e-44708ed9e55c
.demdex.net/	1970-01-20 05:45:07	Name: demdex Value: 34489114395789395090857990115204136833
www.pinterest.de/	1970-01-20 10:04:19	Name: _pinterest_sess Value: TWc9PSZnd1UwaUNvbW9yWTl3TVRYUTJrOFAyRDFnQkF1anJKaHlOalNiWVRTTFlld0F4dDA4eFFTTTJPOFU2NjBSalpXK3hReUZEUXRTd2laTEhHeDVTUjl1V1Vlek9nWjkxdlVkNTQ2Ni85QXFOdz0manJyR3lpSUdRWG53UWNuUTRmQTZYQVNnaHRRPQ==
.dpm.demdex.net/	1970-01-20 05:45:07	Name: dpm Value: 34489114395789395090857990115204136833
.orellfuessli.ch/	1970-01-20 01:27:21	Name: _clsk Value: 13sztde\|1646755031127\|1\|1\|e.clarity.ms/collect

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3(Line 74) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-f27c51f56cd46e1d72f4997d135d2a1f' 'strict-dynamic' 'report-sample' 'self' * 'unsafe-inline' blob:".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' * 'unsafe-inline' blob:".
javascript	warning	URL: https://www.orellfuessli.ch/shop/hilfe-geschenkkarte/show/ Message: The resource https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.a739893df5d405e527c3.orellfuessli.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8114602.fls.doubleclick.net
9327407.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.google.com
assets.thalia.media
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
e.clarity.ms
ga.thalia.media
googleads.g.doubleclick.net
loadus.exelator.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
snap.licdn.com
stats.g.doubleclick.net
t.myvisualiq.net
tags.bluekai.com
tapestry.tapad.com
track.adform.net
vt.myvisualiq.net
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.orellfuessli.ch
www.pinterest.com
www.pinterest.de
www.usemax.de
www.usemaxserver.de
104.111.215.191
104.16.5.2
104.16.91.18
13.107.42.14
142.250.184.226
142.250.186.102
18.214.173.40
2.21.141.169
20.62.48.180
212.48.120.130
2600:9000:2104:600:f:8ce2:fb80:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9a
2a02:26f0:6c00::210:ba20
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:62::84
34.254.143.3
35.227.248.159
37.157.3.29
52.142.114.2
52.49.218.107
65.9.66.12
003af04fc1e2f801731f4fc7d682e12252caf8ecb770e7e0d3176f6f43a2f889
024d39c5d5d0401655996da590c9f953f8ed1197ba78716c56842e73fe0a0560
0387790bc7c24a1e63cf9ac50874f74178f4cbf4bfacfea88d92c4a1eaddb945
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
071f8654cecb170f1b46723d95e16219551fd8b44b0ffb006862455d051a037d
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c691ceb7165ef23459d25989bebd750f229b569a376d3c2a6fd279b1c27c3bc
0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1148f43d6088e8d31064962e8e15cb2fa80300981713dfa1b8fdac8ee4f83be6
11ccbfaa5935e315b8e5ffd74705975b89009075e5d94cb756d5961da991c156
1760c1c867942132a2a8847c363b38981311ff81e377976a64d06e5b217094e3
1d93d1c7393d4ee6be0847a04e0c9c11f701ba20e4ce38b3454136030d161ab5
2140a4c45e850bf971e68d188d2fed48dae2cf058e7e676d6d238bc3ef7fddcb
245e0cdccfffcf44dc0508f677183c1b78261f478cedd013651bd195cd97ce4c
2512af68bd2e16aa7b3b3ff2f71fd99e0839581f66194ae1c04a4ee6d7664f70
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
29c11f27fe4f117dadc3526cc328ee4ff7494c7b33c1b88009c693f3219179b4
2f1a351c6d2e537bdaac9cad89a3324c79e0f450d86acd98fbdc54c46e0d7e0d
34b73edfaf54967cef6c17a2f5dddd4952b6aa4e993c1b7e883055a94a096e25
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39de51c712ed02cebfb980e6d17bbfc54138271579e6a932d9606da0d5a8eb11
3a5fb386e76b563d76bde9f5f9174d454b3c21a0af71b690b797f59b83d67cba
3b64f83f1cf51f9ef5e9ff322a7a1162f222ecf9f9bfdb17e80e2fd410d63589
414e991e3e8db52313d27b7fb14abba2350e59f9d6ec464acc721d484bcb8d4d
43f859b366662b300a244839939efd60a91fa5ed0b2b2e7dd96c1d733894a94a
451c86b962a31e3785123351af00c7d89a79a66b349caa068d0e2fe5195095c5
4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395
49d83ce50820394dff540e26de30fb0d44311099e9efef36dab2639f28a712ad
4b79f58d73b2b10d108c1aaeac22d59c57ea25419f781f3e2346c922a9aecebc
4c99fb07f9a1b731f26532e91ab92e31373865e97e03fab2bc0cf4796c35229f
4ccbf093f9b1fd58f9a0a3fb98d7d334034d1c4416be963da8fc043cb55b8de4
4cd3184c716c5c5ce43e037efdc0d8b1c052777dc8d3a6e68e92416c3e029468
4ef73eda896c59619ae2f8ac00945f18bd6cd711008d941fd0d0a2769d1d8221
4f1f72697f3d6ad98c3edcae1fd048371a04bef4aba666b614822d3f5c02f8d7
52571826f9f6f9a712aa8fe3bd07b1adf86da4fa4116fe255068151222885766
54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58e40e19336ca39c31c47d92983c66d3e7f70ebb71bd564dbd297e85903d2797
59e24f699b3060dcd288edec9e91f3f081682aee2d873495af6855e29549568e
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5f0b42ccfbaf151f93c01e45d91aca0f23025cc36c5cdb35b5b51d6512aeb911
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ed6ccb5904aa9c635d5b32598f9c68df18bbd2b1a3671831ab3d951637fd2f
62697882c3bf6ccc5998d8351520b3a9839b8ef84a0abe8e7c40502334cbbf8a
632cf142106a544bf44011ab9d31a411e74ecfcc66069c5892820ade0a15ce5e
68195809df6d702b8d2c25c97140def7f78f61a3a946a751ed0c304f96c8677f
682462d8e4bd027a5eb50a24ebc1d0c7845319bed8955e3027483d9f0fe5e108
6cbce8097875392869cb76e08f7bb128a42b3e9672482dd4ed5b3d420ff5ae94
6df260fa3c8e7d7f7f1f693d6d718085ec9db1c2c0ace246ab2f7bf1ddb54582
6eda9a0bc9b26cfa969d01e880ae2c397aa6823511f6a38c965ba1e6e24fedac
72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2
7f8193469844f0601a5445d9c8c84748764ab5326d9e5bee6ea157cd6d4d9bde
80bf90f24a867c8499d2883d4dbca78dd2aa5d950700065e465ccacb8a9748e7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8400494c03878a6e2cfd30efe3bdd2b4ae5ba570d9a0f85ffd9e99943fe7c5ea
848d69de61d92af9af16686093e8247073857bc78934a10de9f118097ded6732
84fa7512718d54cad5e4ff03f9b8a710ad9ed03ca186ec64dafa6fb6cdb92309
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
867b366f3443363cd16a66fe90abdec56fe4b486f48b8b93d7f8451620e97f77
868c1a2535c55c9ccba0cbaf764bd887b43b837efa582c1059f888b7df7809ae
86edb2be764e54b35082d4b0e429444300a06aeabb2df137d3af8258f1f9e806
87c3edfa0541f715cb57f875c2c656ed94ea3f08325c0ebbd45cad1d802bfdda
8882007cb404f53ab2547fa3583995e789d7a1e93e75a443fc8e9bf04d38a57c
90006bc7232ead0649fc99ba50ee615d44a669bce856939d65ba5022a7d233d7
942e1a6c9c553d8b7a8261004e790bf1472910dc079df358f8b639104d33b726
9796ccddf54213f6712791514e3d8e294dc58e05d90d9da685b27009c8b617f4
995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b248ea9ba39f82bcc53fd5a1857d8a82403ac869e97de89aebf0595892deda0
9ebb7c6743c30cc2c8091070328d4a0f4d33134b5aa81bbdefefd36d49e2dd41
aacaad7d5f95e5404af253efa7dd0f42209c265ab2bee73a3558a862f66c0adf
b2a2ec81ed88f95c991477cda604d7c0d77cd7a2ffa653e7a31bc8bdc20d16f6
b2aa1e5ad6b3703dbcea2eb903fc38bbd040583969c2b3e04503cf4c0b5aa7aa
b4b2c9b4000b5fce514ff86def30f141d3f59b3506cd829230385737382c0dce
b612fd7b9551e4e9ff62dbf4d3fd8c5871adc8967f76127a1557518a77b8dab4
b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7
b760c176070d015b8b4819efdbc94dce3704beb2ae04ef56028dce28ffdf3dc1
c0424c8a0cb20abdf3f322107d5ee79679a53e37647f87fc8e0b29fdc12e4ede
ca7dcfe8a5bea5c54beddd7e8f147187d97b00245879ca2222fe31db2ce1fe72
cafa0a82329ccfcc93f5cc11e5b7d4e95b4a4d2959f5857e3fc352ea745d2701
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
ccf4d3cf9b1587a1ae059ffcf660a901022ffebd98279eea01293954b4b71ec0
d07f9b0f7f88a82c891d0764cb53a7a221d2a7effe4060f7d199593f5ae3c410
d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
de7f8b2a413527de948a94923f2059cb2efd989b4fc31c6972676a31fc520178
e01d9b804163687231bb208eed2033be7baf16926664c78ddda4fda2d1c5dbd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5babc60df486644e28508d026a5f0a6eabaf629899d31816b0db0be14371399
e6272e41d542cd24382693dd1456bd2dbab631e416a886fdae4d7749b52d87ef
ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e
ec73414e003a81ec90fffb891d9bf502557524278658810b7e270767b953617b
ec9ba0b84e6a95fc4e7369af986177184c4066f2474d1ad352824b4ec7f3d0f3
ecf4f226c560774c8c3304ce9e1f7cd070b9fabf21fb90e3c3addad5b0d50110
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f025dc9846be6a40de54fa7879075b2b1439fce3b573c49b2767de1dc04c33bf
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f44383e1c6e19145f7bc45f4da0a59b695b1230fd4975719d9650266fe9ca14f
f52d176c1dd9ad885dc2b6f142fea25d4e70e971f06b46e62ec58b41364f6340
f6e068fe06805d1508581e20d3e80d22914b2fbb97fd5cf6d0e5dc27bb93f66c
f8d0044ec70bea9f739cdb3fdc2ce733d0b9baa670c913dc6f6973137cf39ffa
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff64b6ffe5a336e9bb3616cbc47af44f9cfcd301b18baca35eb417063fbccfda

www.orellfuessli.ch Open in urlscan Pro 104.16.91.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

93 %HTTPS

48 %IPv6

25 Domains

38 Subdomains

29 IPs

6 Countries

1149 kBTransfer

3356 kBSize

49 Cookies

6 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.orellfuessli.ch Open in urlscan Pro
104.16.91.18 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

93 %
HTTPS

48 %
IPv6

25
Domains

38
Subdomains

29
IPs

6
Countries

1149 kB
Transfer

3356 kB
Size

49
Cookies

128 HTTP transactions
5 data transactions