www.heidi.news Open in urlscan Pro
185.54.7.127  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://lfz.madphilips.com/wp-content/themes/kallyas/css/languages/ Page URL
2. https://www.heidi.news/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response lfz.madphilips.com/wp-content/themes/kallyas/css/languages/	69 B 515 B	294ms 148ms	Document text/html	173.212.250.137 CONTABO
General Check archive.org Show headers Download Go to Full URL https://lfz.madphilips.com/wp-content/themes/kallyas/css/languages/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.212.250.137 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS server2.marketplus.com.ng Software Apache / Resource Hash 8e66c5b1b4f0742d9b0f3d961dcea2ac0f9c2523bb7cc2e20c916d20aa1f6b2b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 23 Aug 2023 13:53:53 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	Primary Request / Show response www.heidi.news/	86 KB 21 KB	280ms 121ms	Document text/html	185.54.7.127 SAFEHOSTNET Coloc...
General Check archive.org Show headers Download Go to Full URL https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.54.7.127 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH), Reverse DNS Software nginx / Phusion Passenger 6.0.6 Resource Hash 0200def80aa59bf806ec70d3ad08020bcfb437b301dd70e70064cd224942e064 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Referer https://lfz.madphilips.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Wed, 23 Aug 2023 13:53:53 GMT etag W/"0200def80aa59bf806ec70d3ad08020b" link <https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous server nginx status 200 OK strict-transport-security max-age=63072000; includeSubDomains x-powered-by Phusion Passenger 6.0.6 x-request-id 4ddcb8ff-363a-4887-a485-d0b83ec4dfaf x-runtime 0.082872
GET H2	200	roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2 heidi-17455.kxcdn.com/assets/heidi/	21 KB 22 KB	135ms 31ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-55a0" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/roboto-v18-latin_latin-ext-regular-68c23fc91a3de35e1bbb8510a573d4a5f29e29dd3a0dc0e316b65964eaa08416.woff2>; rel="canonical" content-length 21920 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2 heidi-17455.kxcdn.com/assets/heidi/	14 KB 14 KB	167ms 64ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 60827ed277197a683bace869b702a242eb317923bfc3fccc8d9df32679f07a87 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-37b4" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/SangBleuKingdom-Regular-subset-48bf45e8122270ec63e767865d2004b505b0454ad36d78dd3977fa91b7e35345.woff2>; rel="canonical" content-length 14260 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2 heidi-17455.kxcdn.com/assets/heidi/	12 KB 12 KB	197ms 94ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 3043c2aada437268bbab22de9757b017941c28cdd99c9fd06c2e5490079dca69 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-2e90" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/SangBleuKingdom-RegularItalic-subset-0eafd61597a795633bfdb1f61ee8c2e6f9ebd527692232bf0fe0371fb261735f.woff2>; rel="canonical" content-length 11920 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2 heidi-17455.kxcdn.com/assets/heidi/	11 KB 12 KB	197ms 95ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash d3a86ddbad660c28e45b2952f639757ec9014f82adbf6844eebb459396be5726 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-2de4" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/SangBleuKingdom-BoldItalic-subset-a11891584f3995a08a7b6f17c21443b6afeeb3591c1d64f0a6b2466b043eb63a.woff2>; rel="canonical" content-length 11748 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2 heidi-17455.kxcdn.com/assets/heidi/	25 KB 25 KB	197ms 95ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 9c1369d1bb82f208798dec741ce7d920794cc4ce429493a96b88acf0810a0cfb Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-6384" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/roboto-slab-v7-latin_latin-ext-700-312b0573235cbc4da6d3119b0ab2adf6dc97c8e8ab00174156b32ae831860f22.woff2>; rel="canonical" content-length 25476 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2 heidi-17455.kxcdn.com/assets/heidi/	11 KB 11 KB	227ms 125ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash db154999955478eb3c2ba66fde7e5b44dc0813683a2ca0d4a05a1d7709178872 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-2b6c" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/SangBleuKingdom-Bold-subset-a332aa53695f88e28f06db2c03abf0fe2c221ae29f6e09a229bb9890bf892659.woff2>; rel="canonical" content-length 11116 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2 heidi-17455.kxcdn.com/assets/heidi/	24 KB 24 KB	227ms 125ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 1adc11f962e72cdd362dc663024e7b3d57cbf1d614097dc6995aa010c7313d87 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-5ec8" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/EuclidFlex-Medium-subset-a8d80b2eae0b79edcdd68091f5f65cb3e8937156f7b916146aaed8ce8fb8d878.woff2>; rel="canonical" content-length 24264 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2 heidi-17455.kxcdn.com/assets/heidi/	25 KB 25 KB	227ms 125ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash c522ad036c6de7f50af3215dffd3c5b7ca323c6ed43c43baa736a7554ef6bbec Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-62e8" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/roboto-slab-v7-latin_latin-ext-regular-fc8b295a907129bf75bc373bb5f363f2ce7e13fb6aa5205c7b047dd1283ac566.woff2>; rel="canonical" content-length 25320 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2 heidi-17455.kxcdn.com/assets/heidi/	22 KB 22 KB	227ms 126ms	Font application/octet-stream	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi/roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 1f03b3082883c94de09ea4c0b38092a45f2f7ca60c14889818a3e19057da34b8 Request headers Referer https://www.heidi.news/ Origin https://www.heidi.news accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag "62430607-5664" x-cache HIT content-type application/octet-stream access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/roboto-v18-latin_latin-ext-700-96ed8912e9ea46e450fd9f812451349e7181a9e1c2b926d045ed2f48eb1e2847.woff2>; rel="canonical" content-length 22116 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	heidi-f47f4bf6f5dd1aa1e0a31dc08dc8f4822777aa87c26ce1d9b1d1c8b99f3e3dd1.css heidi-17455.kxcdn.com/assets/	238 KB 51 KB	133ms 32ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/heidi-f47f4bf6f5dd1aa1e0a31dc08dc8f4822777aa87c26ce1d9b1d1c8b99f3e3dd1.css Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash e4389990a786a3f11caeab69ef960a188f9d5cdb28fd2d98c9928b685fde5f16 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT content-encoding gzip last-modified Mon, 14 Aug 2023 08:50:59 GMT server keycdn-engine x-edge-location defr etag W/"64d9eaf3-3b965" x-cache HIT content-type text/css access-control-allow-origin * cache-control max-age=604800 link <https://www.heidi.news/assets/heidi-f47f4bf6f5dd1aa1e0a31dc08dc8f4822777aa87c26ce1d9b1d1c8b99f3e3dd1.css>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	logo-topbar-85d14085bd368b3d53e71d058f4506bf3f476bdbd0beda201682a7b0130b06bf.svg heidi-17455.kxcdn.com/assets/heidi/	4 KB 2 KB	73ms 71ms	Image image/svg+xml	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/assets/heidi/logo-topbar-85d14085bd368b3d53e71d058f4506bf3f476bdbd0beda201682a7b0130b06bf.svg Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 3906e0dbee620d8f7b68b01549d852d0dd7fecf08764aab0daf4919266ef477b Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT content-encoding gzip last-modified Wed, 31 Aug 2022 12:03:04 GMT server keycdn-engine x-edge-location defr etag W/"630f4df8-1190" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 link <https://www.heidi.news/assets/heidi/logo-topbar-85d14085bd368b3d53e71d058f4506bf3f476bdbd0beda201682a7b0130b06bf.svg>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	270 KB 90 KB	205ms 80ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86 Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 837e653fda90958efd6f1faabd3099e0fa2d2b84376433a2bb2519cbcd0175aa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91784 x-xss-protection 0 last-modified Wed, 23 Aug 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 23 Aug 2023 13:53:53 GMT
GET H2	200	medium heidi-17455.kxcdn.com/photos/3c9a1d13-323d-4fbd-ad8e-ae68d634a93b/	17 KB 18 KB	73ms 72ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/3c9a1d13-323d-4fbd-ad8e-ae68d634a93b/medium Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 81106d42f930c8817b99a9ac8e8887c7f5befda7cef5620966ea484695bef516 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="hD_Logo_rond_Rouge.jpg"; filename*=UTF-8''hD_Logo_rond_Rouge.jpg content-length 17514 x-request-id 0d30a4e9-45b2-4786-a46f-6cdb14165fe5 x-runtime 0.127873 server keycdn-engine etag W/"81106d42f930c8817b99a9ac8e8887c7" content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/3c9a1d13-323d-4fbd-ad8e-ae68d634a93b/medium>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium heidi-17455.kxcdn.com/photos/7a6c19f5-f4be-497c-a11b-5871108d5750/	27 KB 27 KB	74ms 72ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/7a6c19f5-f4be-497c-a11b-5871108d5750/medium Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 2a177fb2dc56833f94b94c6d0271d0fb2d2ba3e4c351c78f93cbc97133ef83e5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="shutterstock_2237091707.jpg"; filename*=UTF-8''shutterstock_2237091707.jpg content-length 27196 x-request-id 0f521f0b-f97b-47ee-8778-33021728d4d4 x-runtime 0.102685 server keycdn-engine etag W/"2a177fb2dc56833f94b94c6d0271d0fb" content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/7a6c19f5-f4be-497c-a11b-5871108d5750/medium>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium heidi-17455.kxcdn.com/photos/4e84f435-f02e-4cc2-bbe0-0c5ce34837c5/	4 KB 4 KB	74ms 72ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/4e84f435-f02e-4cc2-bbe0-0c5ce34837c5/medium Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 939366f95def4420fad52b9f8533ea4554a22ddffee2935ccb5471e8b017acc8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="shutterstock_1932017384.jpg"; filename*=UTF-8''shutterstock_1932017384.jpg content-length 3790 x-request-id 5520013b-22b6-4de0-bb17-687ee01eb36e x-runtime 0.076744 server keycdn-engine etag W/"939366f95def4420fad52b9f8533ea45" content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/4e84f435-f02e-4cc2-bbe0-0c5ce34837c5/medium>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium heidi-17455.kxcdn.com/photos/2483d90f-08eb-455d-8d19-cb48c1324e81/	46 KB 47 KB	74ms 72ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/2483d90f-08eb-455d-8d19-cb48c1324e81/medium Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 18ae3a80d2938542365bd01a2f5c918fe4c8a39f2a18a760baea445acb8063f0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="pitch ainees.jpg"; filename*=UTF-8''pitch%20ain%C3%A9es.jpg content-length 47559 x-request-id 4985b1ba-f86f-4878-bd82-3b7406ffecbf x-runtime 0.135576 server keycdn-engine etag W/"18ae3a80d2938542365bd01a2f5c918f" content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/2483d90f-08eb-455d-8d19-cb48c1324e81/medium>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium heidi-17455.kxcdn.com/photos/db482c74-53d6-4ee4-8322-879a30f89ca2/	36 KB 36 KB	74ms 73ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/db482c74-53d6-4ee4-8322-879a30f89ca2/medium Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 5f02f3536597199d8089a7c1507d3e2f85edb2e99d9ce8528e6205d07d5d529c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="Bitcoin-138146-pixahive.jpg"; filename*=UTF-8''Bitcoin-138146-pixahive.jpg content-length 36707 x-request-id b205b072-e9e2-44a1-ac64-6a928b7333eb x-runtime 0.168265 server keycdn-engine etag W/"5f02f3536597199d8089a7c1507d3e2f" content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/db482c74-53d6-4ee4-8322-879a30f89ca2/medium>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium heidi-17455.kxcdn.com/photos/dd562424-9d5b-49ad-a3cd-3af81cbba0eb/	34 KB 35 KB	75ms 73ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/dd562424-9d5b-49ad-a3cd-3af81cbba0eb/medium Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 197ef9d84d9c5bc04165cb7bb5e1196f1fda0e33588c3023b1ae44e7e9a6691d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="shutterstock_1813735550.jpg"; filename*=UTF-8''shutterstock_1813735550.jpg content-length 35253 x-request-id 04bdf6aa-8cdf-46c3-a9e7-8fc628dfb5d3 x-runtime 0.164880 server keycdn-engine etag W/"197ef9d84d9c5bc04165cb7bb5e1196f" vary Accept content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/dd562424-9d5b-49ad-a3cd-3af81cbba0eb/medium>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	pdj-63686eb243ba2faee0018a0da65c0b5d864a20063311d5a8c1fac9abb32d0399.jpg heidi-17455.kxcdn.com/assets/home/	37 KB 37 KB	75ms 73ms	Image image/jpeg	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/assets/home/pdj-63686eb243ba2faee0018a0da65c0b5d864a20063311d5a8c1fac9abb32d0399.jpg Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 3f6021719ee34417752eccfc09ae0f08b5ae5cbf9e1f4be8223f70a2b49e6977 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Wed, 14 Sep 2022 06:45:54 GMT server keycdn-engine x-edge-location defr etag "632178a2-9409" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/home/pdj-63686eb243ba2faee0018a0da65c0b5d864a20063311d5a8c1fac9abb32d0399.jpg>; rel="canonical" content-length 37897 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	question-210b1ee8f2bd106d1401b99780826414bc26f5d8b1f0b19c42fa13f632f95684.svg heidi-17455.kxcdn.com/assets/pictos/	2 KB 1 KB	75ms 74ms	Image image/svg+xml	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/assets/pictos/question-210b1ee8f2bd106d1401b99780826414bc26f5d8b1f0b19c42fa13f632f95684.svg Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 394a3d0667e84cc1d3427dace577e771c28673b70b658d755f1bc1e2fa38d5ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT content-encoding gzip last-modified Tue, 29 Mar 2022 13:13:43 GMT server keycdn-engine x-edge-location defr etag W/"62430607-723" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 link <https://www.heidi.news/assets/pictos/question-210b1ee8f2bd106d1401b99780826414bc26f5d8b1f0b19c42fa13f632f95684.svg>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	logo-0f1dcefe0c0f5bb941e0b5513d3d21ee48bba421d5aad951144994c0989a7858.svg heidi-17455.kxcdn.com/assets/heidi/icons/	753 B 1 KB	76ms 74ms	Image image/svg+xml	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/assets/heidi/icons/logo-0f1dcefe0c0f5bb941e0b5513d3d21ee48bba421d5aad951144994c0989a7858.svg Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 3c0530efbe342f9f964d2c5b2f4030f559d695d07102bde1e6b020133f848c29 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT last-modified Tue, 14 Feb 2023 13:30:50 GMT server keycdn-engine x-edge-location defr etag "63eb8d0a-2f1" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/assets/heidi/icons/logo-0f1dcefe0c0f5bb941e0b5513d3d21ee48bba421d5aad951144994c0989a7858.svg>; rel="canonical" content-length 753 expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	application-a55461e9321ba9398b8a92978e8ea586047fc3669eecee924bca6f1c1c6516ce.js Show response heidi-17455.kxcdn.com/assets/	109 KB 36 KB	42ms 40ms	Script application/x-javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://heidi-17455.kxcdn.com/assets/application-a55461e9321ba9398b8a92978e8ea586047fc3669eecee924bca6f1c1c6516ce.js Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 1ec55333ca6f32cacf10f939ab6b1d48356fa94982643dc6d93a5569fe0756ec Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT content-encoding gzip last-modified Wed, 12 Jul 2023 11:59:51 GMT server keycdn-engine x-edge-location defr etag W/"64ae95b7-1b5b3" x-cache HIT content-type application/x-javascript access-control-allow-origin * cache-control max-age=604800 link <https://www.heidi.news/assets/application-a55461e9321ba9398b8a92978e8ea586047fc3669eecee924bca6f1c1c6516ce.js>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	91 KB 28 KB	122ms 29ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6772) / Resource Hash 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Wed, 23 Aug 2023 13:53:53 GMT Content-Encoding gzip Age 964 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 27630 Last-Modified Tue, 24 Jan 2023 21:41:51 GMT Server ECS (frb/6772) Etag "9e99725b7a4cd730a934afba2a438bb5+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=1800
GET H2	200	load Show response experience-eu.piano.io/xbuilder/experience/	4 KB 2 KB	182ms 100ms	Script application/javascript	2606:4700::6811:6206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://experience-eu.piano.io/xbuilder/experience/load?aid=9T0ty974pe Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:6206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 505f8fcfc9ab458308de8b23d96c8a20d21822d532fb8ba1452ba54f58769725 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers pragma date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status EXPIRED last-modified Wed, 23 Aug 2023 12:16:08 GMT server cloudflare vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control public, max-age=1800 cf-ray 7fb3d8273c59ca33-HAM alt-svc h3=":443"; ma=86400 x-request-id p4b8thuufn expires Wed, 23 Aug 2023 14:23:53 GMT
GET H/1.1	200 OK	widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response platform.twitter.com/widgets/ Frame 101A	320 KB 104 KB	28ms 28ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.heidi.news Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6795) / Resource Hash 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf Request headers Referer https://www.heidi.news/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 544790 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 105435 Content-Type text/html; charset=utf-8 Date Wed, 23 Aug 2023 13:53:53 GMT Etag "95e1b50b0c179aefb47b5b211bb347b5+gzip" Last-Modified Tue, 24 Jan 2023 21:41:13 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/6795) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/0adbc83a-2541-4d54-818a-7783e035a191/	50 KB 51 KB	35ms 31ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/0adbc83a-2541-4d54-818a-7783e035a191/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash c1d2a6cb58e3b6ce3a26a261f070b01ff1911fa09ba05c6abf54289675730d29 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="20211010 Energiedorf Wildpoldsried - copie.avif"; filename*=UTF-8''20211010%20Energiedorf%20Wildpoldsried%20-%20copie.avif content-length 51407 x-request-id 7f1dd0da-9e5a-475a-9b4f-94e4372fbb1e x-runtime 0.090980 server keycdn-engine etag W/"c1d2a6cb58e3b6ce3a26a261f070b01f" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/0adbc83a-2541-4d54-818a-7783e035a191/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/4c832c16-7b59-4e01-b563-eb98cc3b59cd/	19 KB 20 KB	45ms 41ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/4c832c16-7b59-4e01-b563-eb98cc3b59cd/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 78a5569ae8b780d8baa562fde9605678ebaf6d9a8b371c01ec7d9506b73d70b0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="2022_moving-mountains-07.avif"; filename*=UTF-8''2022_moving-mountains-07.avif content-length 19853 x-request-id 7697221d-bfbb-4462-9b23-712e88abfe81 x-runtime 0.140236 server keycdn-engine etag W/"78a5569ae8b780d8baa562fde9605678" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/4c832c16-7b59-4e01-b563-eb98cc3b59cd/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/a1f00afb-64f5-4396-a782-f9b999ef14a9/	39 KB 40 KB	45ms 41ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/a1f00afb-64f5-4396-a782-f9b999ef14a9/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash e27ef9548ef5af78a96372b87ad72752b3dc88af8c77100b91c5f39ac0d4a50f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="action 269.avif"; filename*=UTF-8''action%20269.avif content-length 40425 x-request-id 77b06de8-ffc3-4936-a0a8-259084ce7798 x-runtime 0.102155 server keycdn-engine etag W/"e27ef9548ef5af78a96372b87ad72752" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/a1f00afb-64f5-4396-a782-f9b999ef14a9/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/dd0567ad-7f9a-40d8-836d-56c6c461933c/	22 KB 23 KB	47ms 43ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/dd0567ad-7f9a-40d8-836d-56c6c461933c/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 756b5da17ffd354318811f3728cf51dd391246c2b77122e1667f270dad261df3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="Virginia Markus.avif"; filename*=UTF-8''Virginia%20Markus.avif content-length 22806 x-request-id 7e60e18d-1bb5-45eb-9c7a-7d41005f0956 x-runtime 0.070090 server keycdn-engine etag W/"756b5da17ffd354318811f3728cf51dd" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/dd0567ad-7f9a-40d8-836d-56c6c461933c/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/c4247f23-efe8-429c-9bf7-00cfd65f4b2e/	18 KB 19 KB	50ms 47ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/c4247f23-efe8-429c-9bf7-00cfd65f4b2e/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 051f495002d63691a7745b5fbe251bbea296d413561e158d8a42f024412938c2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache STALE content-transfer-encoding binary content-disposition inline; filename="H2_S2_02.avif"; filename*=UTF-8''H2_S2_02.avif content-length 18633 x-request-id b52c2e79-40f8-47dc-aa12-cfb444739fc6 x-runtime 0.164253 server keycdn-engine etag W/"051f495002d63691a7745b5fbe251bbe" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/c4247f23-efe8-429c-9bf7-00cfd65f4b2e/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/1dadbc2d-c50f-4383-b28e-cdd51d0ac4a8/	26 KB 27 KB	51ms 47ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/1dadbc2d-c50f-4383-b28e-cdd51d0ac4a8/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash ceaaf41d8139fd15459517e9f28bebfc61b4fde768eb7a9b670d8f3c26fd3433 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:53 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache HIT content-transfer-encoding binary content-disposition inline; filename="H3_S3_01.avif"; filename*=UTF-8''H3_S3_01.avif content-length 26989 x-request-id d3265781-7bbb-47a9-a49a-5e06ba213855 x-runtime 0.163717 server keycdn-engine etag W/"ceaaf41d8139fd15459517e9f28bebfc" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/1dadbc2d-c50f-4383-b28e-cdd51d0ac4a8/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:53 GMT
GET H2	200	medium.avif heidi-17455.kxcdn.com/photos/c8886d27-6b32-4462-9244-147d7c343184/	18 KB 19 KB	280ms 277ms	Image image/avif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://heidi-17455.kxcdn.com/photos/c8886d27-6b32-4462-9244-147d7c343184/medium.avif Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Phusion Passenger 6.0.6 Resource Hash 44626ce61000e2b8b7571646ea69a0c78212f3cb6230a293dcd31639d7849ea8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:54 GMT strict-transport-security max-age=63072000; includeSubDomains x-edge-location defr x-powered-by Phusion Passenger 6.0.6 x-cache MISS content-transfer-encoding binary content-disposition inline; filename="H4_03_fur_01 copy.avif"; filename*=UTF-8''H4_03_fur_01%20copy.avif content-length 18717 x-request-id 5e3c1305-1105-4f22-bf32-6e8f9d32e161 x-runtime 0.138673 server keycdn-engine etag W/"44626ce61000e2b8b7571646ea69a0c7" content-type image/avif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <https://www.heidi.news/photos/c8886d27-6b32-4462-9244-147d7c343184/medium.avif>; rel="canonical" expires Wed, 30 Aug 2023 13:53:54 GMT
GET H2	200	loader.js Show response sdk.privacy-center.org/9899fcc5-cb95-4338-bf4d-b1ff05675c7a/	18 KB 8 KB	165ms 51ms	Script application/javascript	2600:9000:2450:9c00:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/9899fcc5-cb95-4338-bf4d-b1ff05675c7a/loader.js?target_type=notice&target=9QHe9zgB Requested by Host: lfz.madphilips.com URL: https://lfz.madphilips.com/wp-content/themes/kallyas/css/languages/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:9c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash ed550fc2b72a72643c6710ac8d0965442bf9fdc9a6e096820b51fdef2ab60577 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 11:56:23 GMT content-encoding gzip x-didomi-remote-config-metadata multiReg:true;legacyGlobalGdpr:true x-didomi-remote-config-source Lambda via 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop CDG50-P4 age 7051 etag "fad4e8dd90801abf7813064c924535ac" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=7200, public content-length 8016 x-amz-cf-id qhA54gj0uINMKtqfktdvi-QaS6aINDBwLZAUqQLJe_VTQkzCDVHKow==
GET H2	200	piano-analytics.js Show response tag.aticdn.net/	73 KB 22 KB	136ms 39ms	Script application/javascript	18.173.187.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.aticdn.net/piano-analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-81.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash e79e44a9b1140d3980ddb96b9c8644ae4fc0d479082a6aeebab1c13b24759fcb Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-amz-version-id cCx8c_FU34lwSqcVUqNH4cLTn_1olNd3 content-encoding br via 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront) date Wed, 23 Aug 2023 13:53:25 GMT x-amz-cf-pop MUC50-P4 age 30 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Thu, 25 May 2023 09:06:12 GMT server AmazonS3 etag W/"254be8cc5ba50e23ccd5ba1a0c62b5e8" vary Accept-Encoding, Origin content-type application/javascript; charset=utf-8 cache-control max-age=600 x-amz-cf-id 5l58ThkBUSjkQup0NVXCA1qh7_qMuaMIq_JR5mbEHoe61WeH16Mt9w==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	173 KB 47 KB	100ms 29ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: lfz.madphilips.com URL: https://lfz.madphilips.com/wp-content/themes/kallyas/css/languages/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 23 Aug 2023 13:53:53 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47412 x-xss-protection 0 pragma public x-fb-debug q2G8AXQJXmD16ONBfK7cPGDQjXVGUfJ7LwcJ1AHMql5lx0tE8CLTdQD6DxTySQAq6aCBpGNXTtsIzylqoX0VUw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-2396958.js Show response static.hotjar.com/c/	9 KB 4 KB	144ms 48ms	Script application/javascript	18.173.187.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2396958.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFWJM86 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-31.muc50.r.cloudfront.net Software / Resource Hash 3df63903c0877d7aa1ed00edd71bfed99a7c3db2b256fa44a0e36226f042b2aa Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:00 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 54 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/6ad1ec5a5893c04c127b2666abc79a32 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 x-amz-cf-id cUusTty-U-dmgh7JdBUKoY6iS0FABd6lBUEY7ZzPKTQxf3OcqH184w==
GET H2	200	p.js Show response cdn.parsely.com/keys/heidi.news/	71 KB 25 KB	157ms 54ms	Script application/javascript	18.173.155.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/heidi.news/p.js Requested by Host: lfz.madphilips.com URL: https://lfz.madphilips.com/wp-content/themes/kallyas/css/languages/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.155.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-155-56.muc50.r.cloudfront.net Software nginx / Resource Hash 691a5064b609248671ba348e35ba0b9c868e2be039e6d90ffdecdab0a9ca2605 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers pragma public date Wed, 23 Aug 2023 04:27:49 GMT content-encoding gzip via 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront) last-modified Tue, 19 Oct 2021 21:48:54 GMT server nginx x-amz-cf-pop MUC50-P3 age 33965 etag W/"616f3d46-11d9b" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400, public x-amz-cf-id NGkB6IKXPt1NMgudjV2bzY7bfU0DGIo8Ini_mvjxF-shKZ0wykk7WA== expires Thu, 24 Aug 2023 04:27:49 GMT
GET H2	200	sdk.js Show response l.heidi.news/	2 KB 1 KB	180ms 63ms	Script application/javascript	35.227.233.185 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://l.heidi.news/sdk.js Requested by Host: lfz.madphilips.com URL: https://lfz.madphilips.com/wp-content/themes/kallyas/css/languages/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.233.185 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 185.233.227.35.bc.googleusercontent.com Software nginx / Resource Hash 3e7c5ec153fd5d2a18ff96ea1ada37852d4fa33042381d1b109ffb3057611199 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:54 GMT content-encoding gzip via 1.1 google server nginx vary Accept-Encoding x-cache HIT content-type application/javascript cache-control public, max-age=7200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	settings Show response syndication.twitter.com/ Frame 101A	869 B 659 B	206ms 140ms	Fetch application/json	104.244.42.200 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=e62d25033d9e9f86ff9ffb9e68160af36e0ed915 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.heidi.news Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.200 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash 302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-response-time 112 date Wed, 23 Aug 2023 13:53:54 GMT content-encoding gzip strict-transport-security max-age=631138519 last-modified Wed, 23 Aug 2023 13:53:54 GMT server tsa_o vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com x-transaction-id b62b5434d1cfd394 cache-control must-revalidate, max-age=600 access-control-allow-credentials true perf 7626143928 x-connection-hash 8df538683787496b00203f4c9035a77b14be198d45bcd4b150e7af1c5d62f567 content-length 337
GET H2	200	tinypass.min.js Show response cdn-eu.piano.io/api/	353 KB 104 KB	78ms 62ms	Script application/javascript	2606:4700::6811:6206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-eu.piano.io/api/tinypass.min.js Requested by Host: experience-eu.piano.io URL: https://experience-eu.piano.io/xbuilder/experience/load?aid=9T0ty974pe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:6206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4dbc2eae03ca4226fc3d257599eefc3b4867a581725ae4e1d7845a11f784786 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:54 GMT x-amz-version-id o7LEoQhg2j80ke.JcbOSxlNPTqD6sKdW content-encoding br cf-cache-status HIT strict-transport-security max-age=86400; includeSubDomains x-amz-request-id 2F93BB1E44ZJC38Z age 1107 x-amz-server-side-encryption AES256 x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 x-amz-id-2 8BNH01fPcFxtZGomVXwoikFLWMpR0XmkKTQjnVy0wAjvvjxN3A63UgAlk9DdikPJ0BQixW9D1nI= last-modified Mon, 14 Aug 2023 09:57:02 GMT server cloudflare etag W/"131add1ff0f42a5786f44982ecb16d46" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 7fb3d8286eb0ca33-HAM expires Wed, 23 Aug 2023 17:53:54 GMT
GET H2	200	modules.14b820ab47d618317075.js Show response script.hotjar.com/	223 KB 55 KB	137ms 43ms	Script application/javascript	18.173.154.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.14b820ab47d618317075.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2396958.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-13.muc50.r.cloudfront.net Software / Resource Hash 55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 09:22:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 16308 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55646 last-modified Wed, 23 Aug 2023 09:21:33 GMT etag "acd31f178f50b6cbf2246edb86e5753a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id HQ6owUC9HHSfzBnBiZ3eAoBqIHT5FeG9jP_OoKRLRmPzezM9RhLtnA==
GET H2	200	650545972298267 Show response connect.facebook.net/signals/config/	116 KB 31 KB	105ms 104ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/650545972298267?v=2.9.124&r=stable&domain=www.heidi.news Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cb2849baeb22385d6685553642d57b7048689b17aed00de134769bd38027543a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 23 Aug 2023 13:53:54 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug yIZrHzwJiZEi2Gd+Hjn+bxlAmMnkdidqHhYTN6q81PFw8Y23dGO8s0phQYlafAObO8cd0zxSzCYOYOcSdRQOKg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sdk.6437a41838f8c3dacb80814cea666007a569789c.js Show response sdk.privacy-center.org/sdk/6437a41838f8c3dacb80814cea666007a569789c/modern/	343 KB 89 KB	42ms 41ms	Script application/javascript	2600:9000:2450:9c00:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk/6437a41838f8c3dacb80814cea666007a569789c/modern/sdk.6437a41838f8c3dacb80814cea666007a569789c.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/9899fcc5-cb95-4338-bf4d-b1ff05675c7a/loader.js?target_type=notice&target=9QHe9zgB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:9c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 53e5b9279870ebfe30a459c90024bd856c32af7c505039d407d74f6d48bc72ee Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 10:10:32 GMT content-encoding gzip via 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront) last-modified Wed, 23 Aug 2023 10:04:43 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1692784701/ctime:1692784701/gid:0/gname:root/md5:085325f1c52fa82939351be29a74be0b/mode:33188/mtime:1692784701/uid:0/uname:root x-amz-cf-pop CDG50-P4 age 13403 etag W/"085325f1c52fa82939351be29a74be0b" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-cf-id 9CBaSvs1sNzYKivbCa4unXM5y1iUyzKh5czFXpSiMAPR4PRQajALhQ==
POST H2	200	execute Show response c2-eu.piano.io/xbuilder/experience/	25 KB 4 KB	80ms 63ms	XHR application/json	2606:4700::6811:6206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c2-eu.piano.io/xbuilder/experience/execute?aid=9T0ty974pe Requested by Host: cdn-eu.piano.io URL: https://cdn-eu.piano.io/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:6206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 647a74d724593d1b5e7a25439ea9b13c2fb89dff690d427936892949c587be0b Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://www.heidi.news/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded Response headers date Wed, 23 Aug 2023 13:53:54 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 x-request-id xk0tjb98c8 pragma no-cache server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://www.heidi.news access-control-expose-headers Composer-Request-Control-Policy cache-control no-cache, no-store access-control-allow-credentials true cf-ray 7fb3d82968c1ca33-HAM
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 260 B	213ms 46ms	Image image/gif	63.34.81.234 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1692798834144&plid=96585021&idsite=heidi.news&url=https%3A%2F%2Fwww.heidi.news%2F&urlref=https%3A%2F%2Flfz.madphilips.com%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.heidi.news%2F&sref=https%3A%2F%2Flfz.madphilips.com%2F&sts=1692798834140&slts=0&title=Heidi.news&date=Wed+Aug+23+2023+15%3A53%3A54+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=41045042&u=pid%3D9cfcc69266b4f9e6437f52b3a021cef0 Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-81-234.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Wed, 23 Aug 2023 13:53:54 GMT Cache-Control no-cache Last-Modified Wednesday, 23-Aug-2023 13:53:54 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	t.js Show response l.heidi.news/	0 191 B	44ms 43ms	Script application/javascript	35.227.233.185 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://l.heidi.news/t.js Requested by Host: l.heidi.news URL: https://l.heidi.news/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.233.185 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 185.233.227.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:54 GMT content-encoding gzip via 1.1 google server nginx alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Accept-Encoding content-type application/javascript
GET H2	200	ui-gdpr-fr-web.6437a41838f8c3dacb80814cea666007a569789c.js Show response sdk.privacy-center.org/sdk/6437a41838f8c3dacb80814cea666007a569789c/modern/	227 KB 45 KB	41ms 41ms	Script application/javascript	2600:9000:2450:9c00:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk/6437a41838f8c3dacb80814cea666007a569789c/modern/ui-gdpr-fr-web.6437a41838f8c3dacb80814cea666007a569789c.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/sdk/6437a41838f8c3dacb80814cea666007a569789c/modern/sdk.6437a41838f8c3dacb80814cea666007a569789c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:9c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c7de9ebcb87e81a0e158a12a94b938174ae53638f5ff6f3da600ecc044ea57a1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 10:10:34 GMT content-encoding gzip via 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront) last-modified Wed, 23 Aug 2023 10:05:00 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1692784701/ctime:1692784701/gid:0/gname:root/md5:bd7159e539d129384bf928605f60fb45/mode:33188/mtime:1692784701/uid:0/uname:root x-amz-cf-pop CDG50-P4 age 13401 etag W/"bd7159e539d129384bf928605f60fb45" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-cf-id zO101F3te8Ky_oJf4_jW0gvW5I2lP-96jM4AqAgTbXt-e4GXPiMong==
GET H2	200	/ www.facebook.com/tr/	0 185 B	102ms 28ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=650545972298267&ev=PageView&dl=https%3A%2F%2Fwww.heidi.news%2F&rl=https%3A%2F%2Flfz.madphilips.com%2F&if=false&ts=1692798834311&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692798834310.1041583636&it=1692798834084&coo=false&rqm=GET Requested by Host: www.heidi.news URL: https://www.heidi.news/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 23 Aug 2023 13:53:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	pv.js Show response l.heidi.news/	0 35 B	45ms 45ms	Script application/javascript	35.227.233.185 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://l.heidi.news/pv.js?s=1&b=BNLI-1419&u=https://www.heidi.news/ Requested by Host: l.heidi.news URL: https://l.heidi.news/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.233.185 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 185.233.227.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 23 Aug 2023 13:53:54 GMT content-encoding gzip via 1.1 google server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	204	event logs1412.xiti.com/	0 329 B	163ms 46ms	Ping text/plain	108.138.35.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://logs1412.xiti.com/event?s=628827&idclient=llnspvuopiouj1kv Requested by Host: tag.aticdn.net URL: https://tag.aticdn.net/piano-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.35.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-35-57.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://www.heidi.news/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 23 Aug 2023 13:53:54 GMT strict-transport-security max-age=15768000 via 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 access-control-max-age 600 x-cache Miss from cloudfront access-control-allow-origin https://www.heidi.news cache-control no-store access-control-allow-credentials true x-amz-cf-id zFfvFtkR6UbCuq1ARKTPyrKvpsp9KQlpxEiCJLwXUJz049VO0efFdg==
GET H2	200	/ www.facebook.com/tr/	0 31 B	33ms 31ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=650545972298267&ev=Microdata&dl=https%3A%2F%2Fwww.heidi.news%2F&rl=https%3A%2F%2Flfz.madphilips.com%2F&if=false&ts=1692798834819&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Heidi.news%22%2C%22meta%3Adescription%22%3A%22Heidi.news%20est%20un%20nouveau%20m%C3%A9dia%20suisse%20%C3%A0%20vocation%20internationale.%20Il%20propose%20un%20journalisme%20de%20pr%C3%A9cision%20sur%20la%20science%20et%20la%20sant%C3%A9%2C%20ainsi%20que%20de%20grands%20reportages.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heidi.news%2F%22%2C%22og%3Atitle%22%3A%22Heidi.news%22%2C%22og%3Adescription%22%3A%22Heidi.news%20est%20un%20nouveau%20m%C3%A9dia%20suisse%20%C3%A0%20vocation%20internationale.%20Il%20propose%20un%20journalisme%20de%20pr%C3%A9cision%20sur%20la%20science%20et%20la%20sant%C3%A9%2C%20ainsi%20que%20de%20grands%20reportages.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fheidi-17455.kxcdn.com%2Fassets%2Fheidi%2Fmeta-d9ec86ae20d203ad05fe45d97f9f9b51302bbd06a278a93aa6a48e5e897386de.jpg%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.heidi.news%2F%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heidi.news%2F%22%2C%22name%22%3A%22Heidi.news%22%7D%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692798834310.1041583636&it=1692798834084&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.heidi.news/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 23 Aug 2023 13:53:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	gaAccount Show response buy-eu.piano.io/api/v3/anon/assets/	52 B 563 B	144ms 62ms	XHR application/json	2606:4700::6811:6206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buy-eu.piano.io/api/v3/anon/assets/gaAccount?aid=9T0ty974pe Requested by Host: cdn-eu.piano.io URL: https://cdn-eu.piano.io/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:6206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4eac8377ba0e00c11eed5deeb500b607a2b49b361ea7458a22e02023846e0002 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://www.heidi.news/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded Response headers date Wed, 23 Aug 2023 13:53:57 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC wn prod-euc1-dash-10-4-146-170 server cloudflare p3p CP="NON DSP COR OUR IND" access-control-allow-origin * server-time 0.009 content-type application/json cache-control public, max-age=86400, s-maxage=86400 x-forwarded-https on cf-ray 7fb3d83dbf43cac1-HAM alt-svc h3=":443"; ma=86400 x-request-id XxxjuzrHN8p