www.orellfuessli.ch Open in urlscan Pro
104.16.90.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://finki.ch/
Effective URL:
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Submission: On March 31 via api (March 31st 2024, 4:36:52 am UTC) from CH — Scanned from CH

Summary HTTP 223 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 23 domains to perform 223 HTTP transactions. The main IP is 104.16.90.18, located in and belongs to CLOUDFLARENET, US. The main domain is www.orellfuessli.ch.
TLS certificate: Issued by Thawte TLS RSA CA G1 on August 30th 2023. Valid for: a year.

This is the only time www.orellfuessli.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.10.114.133 176.10.114.133	51395 (AS-SOFTPLUS) (AS-SOFTPLUS)
42	104.16.90.18 104.16.90.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
83	104.16.5.2 104.16.5.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700::68... 2606:4700::6812:17de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
19	2a01:4f8:231:... 2a01:4f8:231:46c9::2	24940 (HETZNER-AS) (HETZNER-AS)
1 3	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:214... 2600:9000:214f:8600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	104.126.37.178 104.126.37.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	80.89.210.220 80.89.210.220	8758 (IWAY) (IWAY)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
1	2600:9000:20e... 2600:9000:20eb:c200:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.249.78.6 34.249.78.6	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.120.210.137 104.120.210.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	94.130.223.213 94.130.223.213	24940 (HETZNER-AS) (HETZNER-AS)
223	29

1 176.10.114.133 (Zurich, Switzerland) 1 redirects

ASN51395 (AS-SOFTPLUS, CH)
PTR: cp3.hostmax.ch

finki.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.16.90.18 (None, )

ASN13335 (CLOUDFLARENET, US)

www.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 104.16.5.2 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:17de (United States)

ASN13335 (CLOUDFLARENET, US)

images.thalia.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a01:4f8:231:46c9::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

mycliplister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.3.184 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.178 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-178.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 80.89.210.220 (Zurich, Switzerland)

ASN8758 (IWAY, CH)

chat.orellfuessli.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

9327407.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.48.120.130 (Simonsberg, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemaxserver.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c200:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.78.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-78-6.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.120.210.137 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-120-210-137.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.223.213 (Tübingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: es30.mycliplister.com

es30.mycliplister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	thalia.media assets.thalia.media — Cisco Umbrella Rank: 196673 images.thalia.media — Cisco Umbrella Rank: 212333 ga.thalia.media — Cisco Umbrella Rank: 311300	2 MB
55	orellfuessli.ch www.orellfuessli.ch chat.orellfuessli.ch	497 KB
20	mycliplister.com mycliplister.com — Cisco Umbrella Rank: 66450 es30.mycliplister.com — Cisco Umbrella Rank: 365886	3 MB
7	usemaxserver.de www.usemaxserver.de — Cisco Umbrella Rank: 173300	211 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 574 px4.ads.linkedin.com — Cisco Umbrella Rank: 6571	3 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 9327407.fls.doubleclick.net	3 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 717	154 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 928	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 360	14 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	111 B
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 4966	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	290 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	72 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 935	20 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 29666	455 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	973 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 8691	153 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 8951	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 814	17 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4442	13 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2042	257 B
1	finki.ch 1 redirects finki.ch	324 B
223	23

	Domain	Requested by
82	assets.thalia.media	www.orellfuessli.ch assets.thalia.media mycliplister.com
42	www.orellfuessli.ch	www.orellfuessli.ch assets.thalia.media
19	mycliplister.com	assets.thalia.media mycliplister.com
14	images.thalia.media	www.orellfuessli.ch
13	chat.orellfuessli.ch	www.googletagmanager.com chat.orellfuessli.ch
7	www.usemaxserver.de	www.dwin1.com www.usemaxserver.de
5	analytics.tiktok.com	www.orellfuessli.ch analytics.tiktok.com
4	ct.pinterest.com	s.pinimg.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.google.com	2 redirects
3	challenges.cloudflare.com	1 redirects www.orellfuessli.ch challenges.cloudflare.com
3	www.googletagmanager.com	www.orellfuessli.ch www.googletagmanager.com
2	9327407.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.orellfuessli.ch connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google.ch
2	stats.g.doubleclick.net	www.orellfuessli.ch
1	es30.mycliplister.com	mycliplister.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	www.facebook.com
1	lantern.roeye.com
1	lantern.roeyecdn.com	www.dwin1.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	region1.google-analytics.com	www.orellfuessli.ch
1	ga.thalia.media	www.orellfuessli.ch
1	finki.ch	1 redirects
223	31

This site contains links to these domains. Also see Links.

Domain
assets.thalia.media
www.oft.ch
bookcircle.orellfuessli.ch
www.trustedshops.ch
de-de.facebook.com
www.instagram.com
www.tiktok.com
www.youtube.com
www.pinterest.de
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.orellfuessli.ch Thawte TLS RSA CA G1	`2023-08-30` - `2024-09-23`	a year	crt.sh
*.thalia.media Thawte TLS RSA CA G1	`2023-12-20` - `2025-01-05`	a year	crt.sh
images.thalia.media Cloudflare Inc ECC CA-3	`2023-07-29` - `2024-07-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
mycliplister.com R3	`2024-03-24` - `2024-06-22`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 06	`2024-03-30` - `2024-06-27`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
chat.orellfuessli.ch DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-27` - `2024-10-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
usemaxserver.de R3	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.mycliplister.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-26` - `2024-08-25`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Frame ID: E41F05E2D15F2A10C767F88E13311007
Requests: 218 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tmrlc/0x4AAAAAAAGScWG5hN6qjtSf/light/normal
Frame ID: 95CCE72EF5C488A66C935F42FF55882B
Requests: 1 HTTP requests in this frame

Frame: https://9327407.fls.doubleclick.net/activityi;dc_pre=CNmuldLWnYUDFWUiBgAdZD4Aag;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub
Frame ID: 24D605B8B7BF028D1CA4B51A8EF561DB
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 7F3729FFC84EE36ECD21ADC83264EA3B
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&iframe=1&cbt=1711859783&k0=0&w=1600&h=1113&ci=IHVzbV91bV9ydD0zNzEzNjQxNzc1JnxlMWY0M2M=
Frame ID: 8D0B03A6C560218D4F109AC752AC9B84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://finki.ch/ HTTP 307
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

223
Requests

96 %
HTTPS

48 %
IPv6

23
Domains

31
Subdomains

29
IPs

6
Countries

5853 kB
Transfer

9316 kB
Size

42
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://assets.thalia.media/base/AA-Sonstiges/2024/CH/Kinderclub_Malvorlage_Ostern.pdf
Title: Malen mit Finki

Search URL Search Domain Scan URL

URL: https://www.oft.ch/karriere/
Title: Karriere & Jobs

Search URL Search Domain Scan URL

URL: https://bookcircle.orellfuessli.ch/
Title: Book Circle Community

Search URL Search Domain Scan URL

URL: https://www.trustedshops.ch/bewertung/info_X31D6E98C374EA3E5B6AB582709F9185B.html

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orellfuessli/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@orell.fuessli?lang=de-DE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OrellFuessli

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/OrellFuessli/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ch/app/orell-fussli-mein-buch/id1119180724

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.thalia.oft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://finki.ch/ HTTP 307
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?render=explicit

Request Chain 138

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=280823454 HTTP 302
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=280823454&slf_rd=1&random=2185679561

Request Chain 142

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=1907551650.1711859783&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He43r0n513TL3v6104277za200&auid=954261961.1711859783 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=1907551650.1711859783&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He43r0n513TL3v6104277za200&auid=954261961.1711859783

Request Chain 154

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub HTTP 302
https://9327407.fls.doubleclick.net/activityi;dc_pre=CNmuldLWnYUDFWUiBgAdZD4Aag;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub

Request Chain 156

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1711859782882%26li_adsId%3D536e9667-4ff7-4564-9ff1-68d2285972b9%26url%3Dhttps%253A%252F%252Fwww.orellfuessli.ch%252Fbonusprogramme%252Fuebersicht%252Fkinderclub%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=AQLtxD_m3-ygkgAAAY6Sy1erlyPOIh6WskteHgLSVJouHBLjWh2OJiHNxKIvvx4wP_ckDX-6fx7u

223 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kinderclub Show response
www.orellfuessli.ch/bonusprogramme/uebersicht/
Redirect Chain

https://finki.ch/
https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

158 KB
22 KB

184ms
99ms

Document
text/html

104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc297b072e626c720b67bbbfb6ee3d59fe10cdd954260e534c1b87dbc0bf5b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-CH,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 8726
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86cda35409133a88-FRA
content-encoding: gzip
content-language: de
content-type: text/html;charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 31 Mar 2024 04:36:21 GMT
expires: 0
grace: full
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
vha6-origin: shopcache3
x-cache: HIT
x-content-type-options: nosniff
x-crafter: true
x-frame-options: SAMEORIGIN DENY
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Encoding: br
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Date: Sun, 31 Mar 2024 04:36:21 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Server: Apache
Vary: Accept-Encoding

GET
H2 200 LatoLatin-Regular.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
43 KB 39ms
37ms Font
font/woff2 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Regular.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 947585
cross-origin-resource-policy: same-origin
content-length: 43760
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 10:46:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: font/woff2
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86cda354b9643a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 LatoLatin-Bold.woff2
www.orellfuessli.ch/assets/fonts/ 43 KB
44 KB 37ms
36ms Font
font/woff2 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/fonts/LatoLatin-Bold.woff2

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 689178
cross-origin-resource-policy: same-origin
content-length: 44380
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 10:46:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: font/woff2
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86cda354b9653a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 shell.3d4732d36c67.css
www.orellfuessli.ch/assets/static/ 3 KB
849 B 59ms
57ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.3d4732d36c67.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4732d36c67c702da4037ec0d02df6975ce7b6298aca74d2a69683a32c7cdab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1506948
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 07:37:06 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
cf-ray: 86cda354b9623a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 shell.50ac4f7a5286.js Show response
www.orellfuessli.ch/assets/static/ 522 KB
155 KB 59ms
58ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell.50ac4f7a5286.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ac4f7a5286fbd013b76df2a03b56845a8bac1688085bbc2f59d5ab19090b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 332253
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 08:18:44 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: max-age=31536000, public
cf-ray: 86cda354b9663a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.288154f1b7fcdb737c75.js Show response
assets.thalia.media/ocsassets/heimdall/script-consent/ 6 KB
2 KB 36ms
35ms Script
text/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf23c48bd6233118b9daf7d369d1ea218076f0e930eeb75405581b22248e3fe0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1502102
x-originaluniqueid: ZfH8sOotxW806dE6kBZDywAAAK0
x-envoy-upstream-service-time: 2
x-messageid: ZfH8sOotxW806dE6kBZDywAAAK0
last-modified: Thu, 07 Mar 2024 16:23:14 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3559ce43610-FRA

GET
H2 200 main-module.238743214083792128ec.js Show response
www.orellfuessli.ch/filialbestandsanzeige/resources/abfrage-bestand/ 2 KB
1016 B 60ms
58ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/abfrage-bestand/main-module.238743214083792128ec.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aef3286cef56e8d99cc6eb7c31aadf6f64a3d72a488f635155cac1931d36c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1515740
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 09:38:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354b9683a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.e54f75dbbd4d841e1e90.orellfuessli.css
www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/ 1 KB
650 B 60ms
58ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/style.e54f75dbbd4d841e1e90.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9c7a84d5d586c9945e1ca3b379a766c93cf191f121c6bb8c3f319fd2f7bac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511607
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 09:38:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354b9633a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.27bf727e613f7dacb631.js Show response
www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/ 1 KB
642 B 60ms
59ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialbestandsanzeige/resources/buchhandlung-bestandanzeige/main-module.27bf727e613f7dacb631.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52900a78c2cada7f3bf92acdd03a4f71de5cbb2ed0473c959705075036d2439f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1506948
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 09:38:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354b9693a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.e84787360e3d1e79f283.js Show response
www.orellfuessli.ch/affiliate/resources/affiliate-header-script/ 15 KB
5 KB 37ms
36ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/affiliate/resources/affiliate-header-script/main-nomodule.e84787360e3d1e79f283.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe51bd9771317274642c174e0d159b76c57b88adc5b36cefb3060444930dfb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1515725
grace: none
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 13:23:35 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda355a9d53a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.b19a09e625e622e3515f.js Show response
www.orellfuessli.ch/filialservice/components/buchhandlung-global-header/ 35 KB
13 KB 35ms
34ms Script
text/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialservice/components/buchhandlung-global-header/main-module.b19a09e625e622e3515f.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6367d85c99d7856f2a114060b51ad928c44c81a778c8e6a09997608c5ad866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1502088
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 11:53:38 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/javascript;charset=UTF-8
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354b96a3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.9cb67ce054858b66a5d9.js Show response
www.orellfuessli.ch/club/kunde/components/club-cookie/ 13 KB
4 KB 42ms
41ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/club/kunde/components/club-cookie/main-nomodule.9cb67ce054858b66a5d9.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad8de3e4a335ca2feb50b9dc7b8029fef89f084097a59306d4cd593747c9df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511608
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Mar 2024 08:09:25 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda355a9d63a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.e90d8b0ebaadd92660be.js Show response
www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/ 2 KB
1 KB 59ms
58ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/main-module.e90d8b0ebaadd92660be.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefb7435c521f71a773ad466654a0d91d448491cf67d9fd65fcb2d0d8d55f125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1502088
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
content-length: 924
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 20:47:21 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
accept-ranges: bytes
cf-ray: 86cda354b96b3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.a29726ca4a88428c064e.js Show response
www.orellfuessli.ch/login/resources/global-header-login/ 14 KB
5 KB 44ms
43ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d7403d0e8af93961a03ff7d398933205a76199afc26ba980066b0e4801c72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1506972
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 11:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda355a9d73a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 merkur-7f4f0dd39d194ba28a5130a8e2367848.js Show response
assets.thalia.media/ocsassets/merkur/js/ 6 KB
3 KB 120ms
56ms Script
text/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/merkur/js/merkur-7f4f0dd39d194ba28a5130a8e2367848.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c770c4d465e153f8c9cfa69f9c548a9d67d0212c0e6095326f499a25b6da0cab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 769097
x-originaluniqueid: ZfHHNSo8a0Rtyk9swGBI0gAABCg
x-envoy-upstream-service-time: 1
x-messageid: ZfHHNSo8a0Rtyk9swGBI0gAABCg
last-modified: Wed, 28 Feb 2024 09:38:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3553caf3610-FRA

GET
H2 200 main-module.898aca118c638e9b52b2.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/ 27 KB
10 KB 126ms
61ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.898aca118c638e9b52b2.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7f127c5e334ff314f189d9e146f560d7148d8ba984bd9b23086fba8022e07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 1515740
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHHaUNFemIgluXxshNCvAAAAAw
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda35518068efb-FRA

GET
H2 200 style.ac3848cac72126ee5c20.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 11 KB
2 KB 97ms
33ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328795e6658d61dff37f8f99257d4fd3d0cdd91f839ed85dc97840044ac4eb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 1515740
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHHaSo8a0Rtyk9swGBN7AAABCY
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3551c8f3610-FRA

GET
H2 200 main-module.57010d197aa50e35e4bc.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/ 50 KB
19 KB 104ms
40ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.57010d197aa50e35e4bc.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a80023096c5c4ef05584d8bcef41cef0b4b6c4ad0a9f90817872eb288360cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 1506907
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHp6nReELRFbfv5Bll3hAAAAv8
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda35518078efb-FRA

GET
H2 200 main-module.42d6263c759e6013a5ed.js Show response
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 37 KB
14 KB 113ms
64ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.42d6263c759e6013a5ed.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b78c93f967d7d7cdac04c8540749f47c15b902e8ed93f683b04192e4511bf82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 1511568
content-encoding: br
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-messageid: ZfHXtV7XouUhXP-vku2cRAAAAcM
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda35538228efb-FRA

GET
H2 200 main-nomodule.80c8918f2f1ea9a449a4.js Show response
www.orellfuessli.ch/warenkorb-resources/header-warenkorb/ 14 KB
5 KB 39ms
38ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312dc456b9380d06788ab121df550b43a1f239fe896b29741275c59181c2750f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 692255
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 11:49:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda355a9d83a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.11a0c199145f771060f1.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/ 3 KB
887 B 45ms
42ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/style.11a0c199145f771060f1.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939df079b2c41a9e69370f1b3e98660e7b84072b36544acd32478499d78cafae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511607
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d9773a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.a6980a6d126a4f21eb9b.js Show response
www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/ 33 KB
12 KB 64ms
61ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/hinzugefuegt-overlay/main-module.a6980a6d126a4f21eb9b.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6f4339c6d36961c0fab4d627e4f10b922e9253a6d832de4751f9ad07c03309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1506948
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d97b3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.51155b3d0fe5ab2f6519.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/addtocart-button/ 7 KB
1 KB 45ms
42ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/addtocart-button/style.51155b3d0fe5ab2f6519.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f803dd591fb4e35d55eaf557347593f7169e362a79e80f3cc155bf960415a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 606180
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 11:49:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d97a3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.a3dc15c539310d87eda3.js Show response
www.orellfuessli.ch/warenkorb-resources/addtocart-button/ 43 KB
16 KB 65ms
62ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/addtocart-button/main-module.a3dc15c539310d87eda3.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b13642881704e22f0efe3b9f6052c1bc3baf8780ee07aed84a2ea7149cb94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1502088
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d97d3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.d5673046369bc522ddcb.js Show response
www.orellfuessli.ch/kundeninteressen/resources/kundeninteressen-loader/ 40 KB
14 KB 44ms
42ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/kundeninteressen/resources/kundeninteressen-loader/main-module.d5673046369bc522ddcb.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017507d60a6fe84bec3520bf94e6182d4c80120c489b6cb2185ee1fd5236c117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511607
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 05 Mar 2024 08:01:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d97e3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.be0c0c844e87cddce3d4.js Show response
www.orellfuessli.ch/abokaufen/resources/abodaten-loader/ 39 KB
14 KB 64ms
61ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/abokaufen/resources/abodaten-loader/main-module.be0c0c844e87cddce3d4.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee18f1aa99e891d96d37fb9123542ea6e40aa6d3daa0b27fa59b80cc0b29b471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1515740
grace: none
x-cache: MISS
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 05:04:53 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d9803a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.d79ebf0dbe7263e4a3d1.orellfuessli.css
assets.thalia.media/red/cms/components/layout-marginal/ 3 KB
997 B 84ms
35ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/layout-marginal/style.d79ebf0dbe7263e4a3d1.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 721dbe613cba5aaa9ab39799acd16f1beb9614d522015828ab533fcd3b450d4c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4653
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
etag: W/"bc7-610140f690064"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3551c903610-FRA

GET
H2 200 main-module.8f26e09e6ed3a680e828.js Show response
assets.thalia.media/red/cms/components/layout-marginal/ 856 B
757 B 112ms
63ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/layout-marginal/main-module.8f26e09e6ed3a680e828.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a2a0d42c7d26076bc1e2dec3d440d2600540757bf6d3ec186e73da83c38294

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4653
last-modified: Mon, 29 Jan 2024 11:36:44 GMT
server: cloudflare
etag: W/"358-610140f68569f"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35538208efb-FRA

GET
H2 200 main-module.aad8ca8cc01f1ad79d0c.js Show response
assets.thalia.media/red/cms/components/header-prime/ 38 KB
15 KB 113ms
64ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime/main-module.aad8ca8cc01f1ad79d0c.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad688c5ce80ca90b61e8af537bf2d220072ad10b953644f44d97f2fcea7a392

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4264
last-modified: Tue, 09 Jan 2024 08:21:48 GMT
server: cloudflare
etag: W/"9819-60e7f0176c433"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355381f8efb-FRA

GET
H2 200 style.9795f7dc25e0d80c98ba.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime/ 5 KB
1 KB 82ms
34ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime/style.9795f7dc25e0d80c98ba.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a354624dca9abdfc95710800d950ece30b4a66f43363b2ee846d50d22d43920d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6716
last-modified: Mon, 27 Mar 2023 14:13:45 GMT
server: cloudflare
etag: W/"1555-5f7e259da056c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3551c923610-FRA

GET
H2 200 main-nomodule.7159af68cbdcfe45f6ed.js Show response
assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/ 13 KB
5 KB 37ms
37ms Script
text/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.7159af68cbdcfe45f6ed.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f2ae2696ab61313c0b1646f79f17acfe9c80c1a0379f3c41be1922edb27b06

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1515758
x-originaluniqueid: ZfHHWMKZXJuZuZ864mlwagAAAAE
x-envoy-upstream-service-time: 1
x-messageid: ZfHHWMKZXJuZuZ864mlwagAAAAE
last-modified: Thu, 07 Mar 2024 16:23:14 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3559ce73610-FRA

GET
H2 200 style.beb1526f8b8e21946dcf.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-logo/ 322 B
632 B 90ms
42ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-logo/style.beb1526f8b8e21946dcf.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba54e2810a7a9fbbb9b186b5435e334b0ff88dad85db1c1fc73c09be764d40c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6716
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"142-5ee1d394e53bc"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3551c913610-FRA

GET
H2 200 main-module.dc85d9796bd777ce0a3c.js Show response
assets.thalia.media/red/cms/components/header-prime-kunde/ 20 KB
8 KB 112ms
64ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/main-module.dc85d9796bd777ce0a3c.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea5ca6545d808e0c23b8a7d08df6ece065d2e88758b5b8984a3153297345cce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 2706
last-modified: Tue, 09 Jan 2024 08:21:48 GMT
server: cloudflare
etag: W/"517f-60e7f017abe04"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355381e8efb-FRA

GET
H2 200 style.13b7606ed78b8cbab3ea.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-kunde/ 4 KB
1 KB 85ms
37ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89537e777efa2b1a26fee74b40f73f53ec881c1e0c74c387e2ce09a0c3e285d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4264
last-modified: Thu, 22 Feb 2024 09:27:11 GMT
server: cloudflare
etag: W/"f4f-611f50c50bf91"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3551c943610-FRA

GET
H2 200 style.dbae726c3816ceed6535.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-filiale/ 12 KB
2 KB 86ms
38ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.dbae726c3816ceed6535.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc654571f28fd25e4d2d4c12457dc015e203ad67d7bd6bc0c57ccdb5871b6908

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 3454
last-modified: Thu, 22 Feb 2024 09:27:11 GMT
server: cloudflare
etag: W/"30be-611f50c4df51a"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3551c953610-FRA

GET
H2 200 style.59dfa9f0cdf8870143ee.orellfuessli.css
assets.thalia.media/ocsassets/suchocs/suche-global/ 28 KB
5 KB 84ms
36ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/style.59dfa9f0cdf8870143ee.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49feee554240f639c7c41be1729c336be4bbaf05d18c4fa9d369e0c563e6c2dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1506907
x-originaluniqueid: ZfHp6qMhmq3nQr11Tf7IqAAAA5g
x-envoy-upstream-service-time: 10
x-messageid: ZfHp6qMhmq3nQr11Tf7IqAAAA5g
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3551c963610-FRA

GET
H2 200 main-module.acbd7d760235a8245e1e.js Show response
assets.thalia.media/ocsassets/suchocs/suche-global/ 74 KB
28 KB 111ms
63ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-global/main-module.acbd7d760235a8245e1e.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00cd7ef1b2c2288020489e6cf158c5c923e8b1b14b0df955c2865a1942b3cb93

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 215032
x-originaluniqueid: ZfHXhF7XouUhXP-vku2WmQAAAdk
x-envoy-upstream-service-time: 2
x-messageid: ZfHXhF7XouUhXP-vku2WmQAAAdk
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda355180d8efb-FRA

GET
H2 200 main-module.8fc040370870983c146e.js Show response
assets.thalia.media/ocsassets/suchocs/kategorie-info/ 52 KB
20 KB 110ms
62ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/kategorie-info/main-module.8fc040370870983c146e.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba74bb5389bd06cf0ba8b893de9f885eabc602edc99720da90314a6116fd64da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1506907
x-originaluniqueid: ZfHp6qMhmq3nQr11Tf7IqQAAA40
x-envoy-upstream-service-time: 2
x-messageid: ZfHp6qMhmq3nQr11Tf7IqQAAA40
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda355180b8efb-FRA

GET
H2 200 main-module.1ef4117f1e3dd1dfdfa1.js Show response
assets.thalia.media/ocsassets/suchocs/dl-search-redirect/ 72 KB
27 KB 91ms
44ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/dl-search-redirect/main-module.1ef4117f1e3dd1dfdfa1.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ba886faae44035ccf1a94ebf94ed6994841826c94ca15ba8f7f8e7269d2d77

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1502088
x-originaluniqueid: ZfH8vZePjWr5@giuLmNfXgAAATc
x-envoy-upstream-service-time: 1
x-messageid: ZfH8vZePjWr5@giuLmNfXgAAATc
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda355180a8efb-FRA

GET
H2 200 style.8155baf680c7508f1880.orellfuessli.css
assets.thalia.media/red/cms/components/header-prime-navigation/ 34 KB
5 KB 101ms
54ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/style.8155baf680c7508f1880.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28293a3d90ecf78abb79a7f14ffffc380ccdece92b136a0948a2896c8a16adfe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5622
last-modified: Thu, 22 Feb 2024 09:27:11 GMT
server: cloudflare
etag: W/"87f1-611f50c568fc6"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3553caa3610-FRA

GET
H2 200 main-module.a0d63f1047cfcdc8f7c4.js Show response
assets.thalia.media/red/cms/components/header-prime-navigation/ 38 KB
13 KB 86ms
39ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/main-module.a0d63f1047cfcdc8f7c4.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e292809c2b9568134100abd26e945e5fa68e8c5e8fb2bb899aacd191b45542

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6983
last-modified: Thu, 22 Feb 2024 09:27:11 GMT
server: cloudflare
etag: W/"96ef-611f50c55d4b4"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35518088efb-FRA

GET
H2 200 style.8e536af8f378dd0d819d.orellfuessli.css
www.orellfuessli.ch/login/resources/cclogin-banner/ 346 B
282 B 62ms
61ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/cclogin-banner/style.8e536af8f378dd0d819d.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80f3437104722d25b2a6f77a6391902738f5f491ad5c23730c131a69e25b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511607
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 11:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda354d9813a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.ac486f573cbb5d1a8fca.js Show response
www.orellfuessli.ch/login/resources/cclogin-banner/ 5 KB
2 KB 39ms
39ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/cclogin-banner/main-nomodule.ac486f573cbb5d1a8fca.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca830f3388ed000d8d9c2456894a716b67558a45ca67590aaec5e304a43d0377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511608
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 11:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda355a9d93a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.ff354c4f3703ab028c3a.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize-schmuckbanner/ 5 KB
1 KB 102ms
55ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize-schmuckbanner/style.ff354c4f3703ab028c3a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89e8fbe1de8235d37c94b2cc58b34ca13ce7bd814ff8e883390a39ef8cefcbaa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5432
last-modified: Tue, 09 Jan 2024 08:21:47 GMT
server: cloudflare
etag: W/"1368-60e7f0160ceaa"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3553cab3610-FRA

GET
H2 200 style.221400d18eb13b881525.orellfuessli.css
assets.thalia.media/red/cms/components/content-text/ 16 KB
3 KB 105ms
58ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/style.221400d18eb13b881525.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874747d524c2f35155a46db383236e8d9f56a98126051fe4355782286526ae45

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1342
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"3e7b-611f50c3f7d70"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3553cae3610-FRA

GET
H2 200 main-module.52dcae7cd4f1eb246dbc.js Show response
assets.thalia.media/red/cms/components/content-text/ 1 KB
867 B 111ms
64ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/main-module.52dcae7cd4f1eb246dbc.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd67e7b23d0fa209538c2c3f459f8391da49b93084827573a12d52e31924be9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1342
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"5e8-5f5e79ef08c55"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355381d8efb-FRA

GET
H2 200 style.1a8bc14b6634af38e84a.orellfuessli.css
assets.thalia.media/red/cms/components/content-button/ 5 KB
1 KB 107ms
60ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-button/style.1a8bc14b6634af38e84a.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b668228dcbfa360735dafc49caddd3a054a4fdd01dce9ea4b7bf0a379cbaa45

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Wed, 06 Dec 2023 09:09:39 GMT
server: cloudflare
cf-cache-status: HIT
etag: W/"153f-60bd3b6013db6"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3551c973610-FRA

GET
H2 200 style.2ec3b6e501775f436b8e.orellfuessli.css
assets.thalia.media/red/cms/components/banner-textbox/ 7 KB
2 KB 100ms
53ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-textbox/style.2ec3b6e501775f436b8e.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d56b02386e690dfe02496e01198ed62608a7a0cb72a0cb11d6ac9d095f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 6161
last-modified: Wed, 27 Mar 2024 09:36:38 GMT
server: cloudflare
etag: W/"1de2-614a124bac87d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3553cad3610-FRA

GET
H2 200 style.e13e021e4e3134fc7b41.orellfuessli.css
assets.thalia.media/red/cms/components/content-video/ 22 KB
3 KB 139ms
92ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/style.e13e021e4e3134fc7b41.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b92e0ae90202ed99ba28875caa8d7bf7359434b76c0e53c52f7bb19186b0c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"563e-611f50c428715"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3553cac3610-FRA

GET
H2 200 main-module.394870c66d6c83348e20.js Show response
assets.thalia.media/red/cms/components/content-video/ 3 KB
1 KB 133ms
86ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/main-module.394870c66d6c83348e20.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c56a10a3cf1bab1fbee8905b21b6efa1805b756c0378595566cb961479b0e23

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Mon, 29 Jan 2024 11:36:42 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"a03-610140f56a0bf"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35518098efb-FRA

GET
H2 200 style.30ad910966448c1231e6.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize/ 5 KB
1 KB 103ms
57ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/style.30ad910966448c1231e6.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf922dfd5ce8d0846e5347f1287b14e356a15b9cd535d804f16f22326a55fc9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1341
last-modified: Thu, 22 Feb 2024 09:27:09 GMT
server: cloudflare
etag: W/"147f-611f50c2df325"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3553ca83610-FRA

GET
H2 200 main-module.f2151473b32879773e29.js Show response
assets.thalia.media/red/cms/components/banner-fullsize/ 24 KB
9 KB 88ms
42ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/main-module.f2151473b32879773e29.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e201db105f746b344722f7df9ee1efe6d6e2341bececa0a3ca64ed2cd29c362b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:21 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1342
last-modified: Tue, 09 Jan 2024 08:21:46 GMT
server: cloudflare
etag: W/"61e8-60e7f015e2454"
vary: X-Forwarded-For, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355180c8efb-FRA

GET
H2 200 icon-brandlogo--orellfuessli.30dd9a2150a8bc490b70.svg
assets.thalia.media/red/cms/components/header-prime-logo/assets/ 2 KB
826 B 33ms
33ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-logo/assets/icon-brandlogo--orellfuessli.30dd9a2150a8bc490b70.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-logo/style.beb1526f8b8e21946dcf.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25fd20923c13ee0a6142d7c392e7cc1cfac15821033738f615b63bc465a21b5a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/header-prime-logo/style.beb1526f8b8e21946dcf.orellfuessli.css
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5622
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"671-5ee1d394def0f"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355ccf93610-FRA

GET
H2 200 icon-location--orellfuessli.39df4e9154916133e62a.svg
assets.thalia.media/red/cms/components/header-prime-filiale/assets/ 505 B
538 B 35ms
34ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/assets/icon-location--orellfuessli.39df4e9154916133e62a.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.dbae726c3816ceed6535.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170545c89c8d0895ac96182d133fdd3a262c5f3776ddc8444678c6a8166ee2ec

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/header-prime-filiale/style.dbae726c3816ceed6535.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1342
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"1f9-5ee1d3948a60c"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355c8598efb-FRA

GET
H2 200 icon-account--orellfuessli.f5a0af2e5edc6c67747d.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 424 B
525 B 37ms
36ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-account--orellfuessli.f5a0af2e5edc6c67747d.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56127e85c1038ad70c134feadcc61572b5fbafecf6210463fec360d86655338f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5623
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"1a8-5ee1d394ac7ee"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355c85a8efb-FRA

GET
H2 200 icon-favourites--orellfuessli.25c0dc63063a3fb44a32.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 760 B
795 B 33ms
33ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-favourites--orellfuessli.25c0dc63063a3fb44a32.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f10f200274cb4b7840c7de1494582a797a0f85bcda19e6b25062e2e626882885

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1342
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"2f8-5ee1d394b2bb4"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355c85b8efb-FRA

GET
H2 200 icon-warenkorb--orellfuessli.dda3db7cac68caebecde.svg
assets.thalia.media/red/cms/components/header-prime-kunde/assets/ 435 B
550 B 36ms
36ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/assets/icon-warenkorb--orellfuessli.dda3db7cac68caebecde.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7383ba3638c475b400bbbb8c70f3ad520cc2d177ec2bdf88555fdab5eeab45

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/header-prime-kunde/style.13b7606ed78b8cbab3ea.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5623
last-modified: Wed, 23 Nov 2022 06:16:06 GMT
server: cloudflare
etag: W/"1b3-5ee1d394c5e60"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355c85c8efb-FRA

GET
DATA 200
OK truncated
/ 774 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 534814fc10c5c6becfe063d84c59c911e4be6a46.jpg
assets.thalia.media/img/cms/ 41 KB
41 KB 110ms
110ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/534814fc10c5c6becfe063d84c59c911e4be6a46.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9861f953a05fb5f60be03b86c05f6a657fe6f7495b330d0f5433210b046e0708

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:45 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355ccfb3610-FRA

GET
H2 200 5f20722b32171f41adaba6fc2b14fcf464bd6da6.jpg
assets.thalia.media/img/cms/ 41 KB
41 KB 132ms
132ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/5f20722b32171f41adaba6fc2b14fcf464bd6da6.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3263c5c71bbd58de05ede382f98866a1bd2ae3490952f0489f91fefbf556b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:45 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355ccfc3610-FRA

GET
H2 200 b3a4bc4f2a5fdf434b296c9963ec9121c9e9cfc9.jpg
assets.thalia.media/img/cms/ 42 KB
42 KB 132ms
132ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/b3a4bc4f2a5fdf434b296c9963ec9121c9e9cfc9.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f7ccb47a0cb56622048dfcd7cad913595b76eac517307515eb18b10b752954

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:45 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355ccfd3610-FRA

GET
H2 200 f435f2b03dabec5912d1afcabf9d81b4af89d23c.jpg
assets.thalia.media/img/cms/ 66 KB
66 KB 112ms
111ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/f435f2b03dabec5912d1afcabf9d81b4af89d23c.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197ee6f261c3f2b9b963e42f42eda148786afe60dd99328d165b9a545ad64812

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:45 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355ccfe3610-FRA

GET
H2 200 icon-link-standard-arrow--orellfuessli.72657723d40f6858c903.svg
assets.thalia.media/red/cms/components/content-video/assets/ 250 B
484 B 80ms
79ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/icon-link-standard-arrow--orellfuessli.72657723d40f6858c903.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/content-video/style.e13e021e4e3134fc7b41.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc36bbad1b334ed6d3a4661937c16df39ddb65c279c0c3f486363fecb4c174bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/content-video/style.e13e021e4e3134fc7b41.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Wed, 23 Nov 2022 06:16:04 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"fa-5ee1d3936ad1d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355c85d8efb-FRA

GET
H2 200 d12a190a5ced918abbcb9754c120825857b2ea3d.png
assets.thalia.media/img/cms/ 19 KB
20 KB 92ms
92ms Image
image/png 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/d12a190a5ced918abbcb9754c120825857b2ea3d.png
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352a6f3693673e51f1e53c561b455454a5d9ff3a0ff3caec2bf69ce14d42ae53

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:45 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda355ccff3610-FRA

GET
H2 200 style.f17c5553ea2998baa23e.orellfuessli.css
assets.thalia.media/red/cms/components/artikel-fokus/ 16 KB
3 KB 34ms
34ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/artikel-fokus/style.f17c5553ea2998baa23e.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c969d28c1b536b1b989ca6233b0721ac58f97f2d6f9efd64afe8c803cd5d1f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1083
last-modified: Thu, 22 Feb 2024 09:27:08 GMT
server: cloudflare
etag: W/"3ed3-611f50c293f49"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356bd733610-FRA

GET
H2 200 style.b7ee49559128a57c2f75.orellfuessli.css
www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/ 8 KB
1 KB 33ms
32ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/style.b7ee49559128a57c2f75.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372fe35b8719da99e5698b606693fdf643640fd3de6a8fb2667220c002e7fd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1501867
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda356ba4e3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.3174a655de850bebf636.js Show response
www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/ 42 KB
15 KB 43ms
42ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/main-module.3174a655de850bebf636.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273719d6c07b987e9906b9bf60ea9502301b05f5272c6419ec81c1b729768966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 786882
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 11:49:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda356ba4d3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.30ad910966448c1231e6.orellfuessli.css
assets.thalia.media/red/cms/components/banner-fullsize/ 5 KB
1 KB 31ms
30ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/style.30ad910966448c1231e6.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf922dfd5ce8d0846e5347f1287b14e356a15b9cd535d804f16f22326a55fc9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1342
last-modified: Thu, 22 Feb 2024 09:27:09 GMT
server: cloudflare
etag: W/"147f-611f50c2df325"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356bd753610-FRA

GET
H2 200 main-module.f2151473b32879773e29.js Show response
assets.thalia.media/red/cms/components/banner-fullsize/ 24 KB
10 KB 35ms
34ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/banner-fullsize/main-module.f2151473b32879773e29.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e201db105f746b344722f7df9ee1efe6d6e2341bececa0a3ca64ed2cd29c362b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1343
last-modified: Tue, 09 Jan 2024 08:21:46 GMT
server: cloudflare
etag: W/"61e8-60e7f015e2454"
vary: X-Forwarded-For, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356b8c58efb-FRA

GET
H2 200 style.599b54815c283eacee1f.orellfuessli.css
assets.thalia.media/ocsassets/suchocs/suche-ueberschrift/ 4 KB
1 KB 33ms
33ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-ueberschrift/style.599b54815c283eacee1f.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d925317e6ef6116f1facc3a28598b10bd5a89da0491982a8f293adc551ef4a7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1515741
x-originaluniqueid: ZfHHacKZXJuZuZ864ml0vAAAABc
x-envoy-upstream-service-time: 3
x-messageid: ZfHHacKZXJuZuZ864ml0vAAAABc
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda356bd773610-FRA

GET
H2 200 style.55bd5ca7e72aa615ce29.orellfuessli.css
assets.thalia.media/ocsassets/suchocs/suche-produktslider/ 20 KB
3 KB 35ms
35ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ee7571106f9eb81a06e17031bfc240da8fc1ca4ff253146daebd05226b9882

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1513210
x-originaluniqueid: ZfHRTIOTluGB5e37VbnU2gAAAKs
x-envoy-upstream-service-time: 4
x-messageid: ZfHRTIOTluGB5e37VbnU2gAAAKs
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda356bd783610-FRA

GET
H2 200 main-module.64bd576dec641f0f6d86.js Show response
assets.thalia.media/ocsassets/suchocs/suche-produktslider/ 74 KB
28 KB 38ms
38ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/main-module.64bd576dec641f0f6d86.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3f6cc19a53a259391e281b4265f28c92c9291f9f8e3eda0323c07d07213d93

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1513210
x-originaluniqueid: ZfHKrsoLVptvxH7MI4mkpAAAAlw
x-envoy-upstream-service-time: 2
x-messageid: ZfHKrsoLVptvxH7MI4mkpAAAAlw
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda356b8c68efb-FRA

GET
H2 200 fa8d85075c3b6cc7ec32b5073488a555f6590637.jpg
assets.thalia.media/img/cms/ 117 KB
117 KB 116ms
115ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/fa8d85075c3b6cc7ec32b5073488a555f6590637.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b927b95aa61814389841d31ca9eafa0e3f1c8fd6d7184005551dc7d5ad1c079e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:46 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356cd823610-FRA

GET
H2 200 style.e13e021e4e3134fc7b41.orellfuessli.css
assets.thalia.media/red/cms/components/content-video/ 22 KB
3 KB 33ms
31ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/style.e13e021e4e3134fc7b41.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b92e0ae90202ed99ba28875caa8d7bf7359434b76c0e53c52f7bb19186b0c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 0
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"563e-611f50c428715"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356dd863610-FRA

GET
H2 200 main-module.394870c66d6c83348e20.js Show response
assets.thalia.media/red/cms/components/content-video/ 3 KB
1 KB 40ms
38ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/main-module.394870c66d6c83348e20.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c56a10a3cf1bab1fbee8905b21b6efa1805b756c0378595566cb961479b0e23

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1
last-modified: Mon, 29 Jan 2024 11:36:42 GMT
server: cloudflare
etag: W/"a03-610140f56a0bf"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356d8d08efb-FRA

GET
H2 200 style.221400d18eb13b881525.orellfuessli.css
assets.thalia.media/red/cms/components/content-text/ 16 KB
2 KB 34ms
32ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/style.221400d18eb13b881525.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874747d524c2f35155a46db383236e8d9f56a98126051fe4355782286526ae45

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1343
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"3e7b-611f50c3f7d70"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356dd873610-FRA

GET
H2 200 main-module.52dcae7cd4f1eb246dbc.js Show response
assets.thalia.media/red/cms/components/content-text/ 1 KB
897 B 39ms
37ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-text/main-module.52dcae7cd4f1eb246dbc.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd67e7b23d0fa209538c2c3f459f8391da49b93084827573a12d52e31924be9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1343
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"5e8-5f5e79ef08c55"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356d8d18efb-FRA

GET
H2 200 style.fa1ac1e3f7d969828ff2.orellfuessli.css
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 2 KB
949 B 38ms
36ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/style.fa1ac1e3f7d969828ff2.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2950d2260bcd95444f687efd4368d98ec9c359d5a6a2416e81730d4ba0c966ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1502096
x-originaluniqueid: ZfH8tleK@We0@rPP7e63ZgAAB6A
x-envoy-upstream-service-time: 0
x-messageid: ZfH8tleK@We0@rPP7e63ZgAAB6A
last-modified: Mon, 04 Mar 2024 10:03:58 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
cf-ray: 86cda356dd883610-FRA
x-robots-tag: noindex
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-module.8eaa5cedc4eb759a2050.js Show response
assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/ 28 KB
11 KB 41ms
39ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/empfehlungenocs/empfehlungen-bootstrap/main-module.8eaa5cedc4eb759a2050.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d765337f0bd0aa25f29dcec8e9e750d56ab339bb0ac112da6ea96bf7bc54e816

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1502089
x-originaluniqueid: ZUMEV0fZtG@yHnXQ90RkFAAAAA0
x-messageid: ZUMEV0fZtG@yHnXQ90RkFAAAAA0
last-modified: Mon, 30 Oct 2023 12:51:55 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
cf-ray: 86cda356d8d38efb-FRA
x-robots-tag: noindex
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.c4a2f88e96b0c1fda2ae.orellfuessli.css
assets.thalia.media/red/cms/components/customer-contact/ 4 KB
963 B 35ms
33ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/customer-contact/style.c4a2f88e96b0c1fda2ae.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2a7a85ef1ef5fb19548cd1ef1d49b9be19a39a65d68decd30346443473430d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4265
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"105c-611f50c431538"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356dd893610-FRA

GET
H2 200 style.9cd6268149266d9416b0.orellfuessli.css
assets.thalia.media/red/cms/components/footer-sitemap/ 4 KB
1 KB 36ms
35ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/style.9cd6268149266d9416b0.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ca7d41db73658983ffa90ef29e7e119a304fc14dc98f8a19667c2fc0507e09

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 2706
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"fdf-611f50c465bcb"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356dd8a3610-FRA

GET
H2 200 main-module.e1f841c9633749486659.js Show response
assets.thalia.media/red/cms/components/footer-sitemap/ 522 B
583 B 40ms
38ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-sitemap/main-module.e1f841c9633749486659.js
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16fbc0805e269461252d6aa054fca96cdfb61c5a9b4edcfa7a9a7387a3e6211

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5623
last-modified: Thu, 02 Mar 2023 09:40:36 GMT
server: cloudflare
etag: W/"20a-5f5e79ef990ca"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356d8d58efb-FRA

GET
H2 200 style.4a11ef5f64ef9e26add0.orellfuessli.css
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 13 KB
2 KB 42ms
41ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/style.4a11ef5f64ef9e26add0.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2214189306ff7d35d45e5f7031ec11611ab48ed0c5704a2e3712db96c5b316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1511608
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Mar 2024 07:58:24 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda356da593a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.379c40874c487cd28daf.js Show response
www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/ 14 KB
5 KB 41ms
40ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/newsletter/resources/newsletter-anmelden/main-nomodule.379c40874c487cd28daf.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29c7a027de269cd511d5a2c5c8cc0ac98473b2b8dc0bdadf95e5f3770415362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1502089
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Mar 2024 07:58:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda356da5a3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 style.10caa02e793e97378b6f.orellfuessli.css
assets.thalia.media/red/cms/components/footer-badges/ 532 B
294 B 35ms
34ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-badges/style.10caa02e793e97378b6f.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf3b82857bf409edd43b6a8a1bfbaa3231eb4b907ec23625b72a2195feb674b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 5623
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"214-611f50c43cffd"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356dd8b3610-FRA

GET
H2 200 VISA.png
images.thalia.media/Footer/-/62d2df7c259d44bf94d670f81c222181/ 2 KB
2 KB 132ms
41ms Image
image/png 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/62d2df7c259d44bf94d670f81c222181/VISA.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ba56d6a99cddcfe86db31ec372ca319ea2b1964c03cd0d97a2440afa8df0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1511615
cf-polished: origSize=1710, status=webp_bigger
content-length: 1616
cf-bgj: imgq:85,h2pri
last-modified: Fri Dec 01 2023 06:57:02 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "0c1f72ec540cd12611e46310d19aa8e5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476035378
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eb09fa2-AMS

GET
H2 200 Mastercard.png
images.thalia.media/Footer/-/da800919a9a340fba77e003a3c1ff5f2/ 1 KB
2 KB 133ms
42ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/da800919a9a340fba77e003a3c1ff5f2/Mastercard.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ae044b3ec3f36c75cc03143d2cafdb2dfa5ba5f93ce0092e28eb6346db2147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1511613
cf-polished: origFmt=png, origSize=1512
content-disposition: inline; filename="Mastercard.webp"
content-length: 1424
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 10:07:30 GMT
server: cloudflare
etag: "93f7db9a4116c103f6edea1fed29e297"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467266517
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eb19fa2-AMS

GET
H2 200 PayPal.png
images.thalia.media/Footer/-/eb62f0aa0d6e49208d6175e932933cfa/ 1 KB
2 KB 131ms
40ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/eb62f0aa0d6e49208d6175e932933cfa/PayPal.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f68de89ef36cf39dd6f8896cd1e4d0269f5eefcfc31e5bd8817a3dbbd508d84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 2193036
cf-polished: origFmt=png, origSize=1537
content-disposition: inline; filename="PayPal.webp"
content-length: 1446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Feb 2024 05:18:42 GMT
server: cloudflare
etag: "e78f86db22d8f88606c9dd89f4a60102"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=469042878
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eb39fa2-AMS

GET
H2 200 PickMup.png
images.thalia.media/Footer/-/3e5652cfe24b416993e78760dd1bf598/ 2 KB
2 KB 130ms
39ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3e5652cfe24b416993e78760dd1bf598/PickMup.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c7ffbae66efe0ea23398ca3e49f06e2cc5f87238a306e1502b7cbb7c073dbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1515432
cf-polished: origFmt=png, origSize=1791
content-disposition: inline; filename="PickMup.webp"
content-length: 1628
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Mar 2024 15:33:40 GMT
server: cloudflare
etag: "330a53fff7903dd1651d1c9c893001a8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467105179
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eae9fa2-AMS

GET
H2 200 Trusted%20Shop.png
images.thalia.media/Footer/-/5c7a7645d3c7439c96493c0f07cf368b/ 2 KB
3 KB 136ms
45ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/5c7a7645d3c7439c96493c0f07cf368b/Trusted%20Shop.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b716dff6ab71cfa1f58d6c8ce87e24aca839760335acb08f4a97289aafc3941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1511487
cf-polished: origFmt=png, origSize=2734
content-disposition: inline; filename="Trusted%20Shop.webp"
content-length: 2482
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Mar 2024 16:43:14 GMT
server: cloudflare
etag: "eb4cc3179881b7ac16918fa41025a3ed"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467101006
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eaf9fa2-AMS

GET
H2 200 style.445675e54f78b9ed4af4.orellfuessli.css
assets.thalia.media/red/cms/components/footer-benefits/ 3 KB
946 B 36ms
35ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/footer-benefits/style.445675e54f78b9ed4af4.orellfuessli.css
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e06a0f817d8fa4be7f2dd108b068000bee54a5f97f87825cc4c7debe7867ae

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 405
last-modified: Thu, 22 Feb 2024 09:27:10 GMT
server: cloudflare
etag: W/"ab5-611f50c44641d"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda356dd8c3610-FRA

GET
H2 200 Book%20Circle%20Community.png
images.thalia.media/Footer/-/c18c97e9238e4f67a8a5295ca491d288/ 1 KB
1 KB 134ms
43ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/c18c97e9238e4f67a8a5295ca491d288/Book%20Circle%20Community.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15f018f66d62ac7ab96d85dd4e253a0338a6143a9b68fddfbe881d245c2e7282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1506512
cf-polished: origFmt=png, origSize=1253
content-disposition: inline; filename="Book%20Circle%20Community.webp"
content-length: 1120
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 09:42:23 GMT
server: cloudflare
etag: "a73b7fcb807df9332835460ff01a3fa4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467257222
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eb59fa2-AMS

GET
H2 200 Facebook.png
images.thalia.media/Footer/-/f3ab2209619a458ab9f049e58fb45cbb/ 634 B
828 B 45ms
44ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/f3ab2209619a458ab9f049e58fb45cbb/Facebook.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbdb897a4ff7ebf898594e8056cab0a3d75ee9025c7718764831277023e6dba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1506763
cf-polished: origFmt=png, origSize=777
content-disposition: inline; filename="Facebook.webp"
content-length: 634
cf-bgj: imgq:85,h2pri
last-modified: Thu, 14 Sep 2023 12:34:00 GMT
server: cloudflare
etag: "f454122a6c93e09d78a74460c0975f23"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467096365
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eb69fa2-AMS

GET
H2 200 Instagramm.png
images.thalia.media/Footer/-/323c0decad694b80bb019605c85d10d5/ 2 KB
2 KB 43ms
43ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/323c0decad694b80bb019605c85d10d5/Instagramm.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dd42c60f23e4d38c1f1e048c5742691cf6fa1c278838d95555be545cc7005f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 628818
cf-polished: origFmt=png, origSize=2415
content-disposition: inline; filename="Instagramm.webp"
content-length: 1962
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Mar 2024 19:22:00 GMT
server: cloudflare
etag: "809c0863d4c638e7b2e8d6c524408ee2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=466400280
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3576eb79fa2-AMS

GET
H2 200 TikTok.png
images.thalia.media/Footer/-/17b9a0625daf4e40aacffb34e371f803/ 1 KB
1 KB 65ms
65ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/17b9a0625daf4e40aacffb34e371f803/TikTok.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16217342bf945260ef457e550015621ce812a152b98741083a95bbd22abe6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1515800
cf-polished: origFmt=png, origSize=1334
content-disposition: inline; filename="TikTok.webp"
content-length: 1170
cf-bgj: imgq:85,h2pri
last-modified: Wed Sep 27 2023 08:57:08 GMT+0000 (Coordinated Universal Time)
server: cloudflare
etag: "070adf4e853248fff4ecb977aa639c64"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=476225951
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3579ecf9fa2-AMS

GET
H2 200 YouTube.png
images.thalia.media/Footer/-/59250fff0d3848c0b62ed3de9aa84eeb/ 340 B
529 B 68ms
67ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/59250fff0d3848c0b62ed3de9aa84eeb/YouTube.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8e6e31935ffd9efb0a6d2131503cdf67b0d333b56b695cf64cc487ab187c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1501626
cf-polished: origFmt=png, origSize=483
content-disposition: inline; filename="YouTube.webp"
content-length: 340
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Sep 2023 12:00:32 GMT
server: cloudflare
etag: "6cdae66935ff30d3d990ae93a15d1856"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467267118
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3579ed09fa2-AMS

GET
H2 200 Pinterest.png
images.thalia.media/Footer/-/406f870d713e42ee871e174e7805f0d7/ 860 B
1 KB 66ms
66ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/406f870d713e42ee871e174e7805f0d7/Pinterest.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227d717a844fe9859ee8cec565c8a5bc23ff34d582d80e11c1aa897928b6bea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1037114
cf-polished: origFmt=png, origSize=960
content-disposition: inline; filename="Pinterest.webp"
content-length: 860
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Mar 2024 18:26:11 GMT
server: cloudflare
etag: "3182b317187cf87fd615cd34ea5a82ef"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467094829
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3579ed19fa2-AMS

GET
H2 200 App%20Store.png
images.thalia.media/Footer/-/3321bd1aaa1742f5959051b75c6603a0/ 1 KB
1 KB 68ms
68ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3321bd1aaa1742f5959051b75c6603a0/App%20Store.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe66844981bc11610d8cf60013586056e0183cf4f3359d8c5b0f889b03410af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1506764
cf-polished: origFmt=png, origSize=1389
content-disposition: inline; filename="App%20Store.webp"
content-length: 1214
cf-bgj: imgq:85,h2pri
last-modified: Thu, 14 Sep 2023 12:17:27 GMT
server: cloudflare
etag: "e764119031acf0488d16d0466310e9c5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467096365
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3579ed29fa2-AMS

GET
H2 200 Google%20Play%20Store%20(App)%20.png
images.thalia.media/Footer/-/3a73f620c2464c5eb7856e03e830a6ef/ 2 KB
2 KB 67ms
66ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/Footer/-/3a73f620c2464c5eb7856e03e830a6ef/Google%20Play%20Store%20(App)%20.png

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e870296f4af285313d56e855cbe52c52adf59094bb937c04ad087184cd8684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
age: 1501626
cf-polished: origFmt=png, origSize=2331
content-disposition: inline; filename="Google%20Play%20Store%20(App)%20.webp"
content-length: 2096
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 10:07:33 GMT
server: cloudflare
etag: "2c59b1db9a913a933d25b7dfa876fd1e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467091203
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3579ed39fa2-AMS

GET
H2 200 icon-star-inactive--orellfuessli.8f108163d32db74625c5.svg
assets.thalia.media/red/cms/components/artikel-fokus/assets/ 254 B
308 B 36ms
35ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/artikel-fokus/assets/icon-star-inactive--orellfuessli.8f108163d32db74625c5.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/artikel-fokus/style.f17c5553ea2998baa23e.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ae460c282c89877c4699d3b1d9d0c8d2984f51764e2263ec9a217c7a1af8e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/artikel-fokus/style.f17c5553ea2998baa23e.orellfuessli.css
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1083
last-modified: Wed, 23 Nov 2022 06:16:03 GMT
server: cloudflare
etag: W/"fe-5ee1d392016e2"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3570da63610-FRA

GET
H2 200 icon-star--orellfuessli.87619f13525723bbb105.svg
assets.thalia.media/red/cms/components/artikel-fokus/assets/ 254 B
275 B 37ms
36ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/artikel-fokus/assets/icon-star--orellfuessli.87619f13525723bbb105.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/artikel-fokus/style.f17c5553ea2998baa23e.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611072c233d29d326f0e0e7678d29ad1d42c1a994454a7b80a11183ba5102254

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/red/cms/components/artikel-fokus/style.f17c5553ea2998baa23e.orellfuessli.css
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1083
last-modified: Wed, 23 Nov 2022 06:16:03 GMT
server: cloudflare
etag: W/"fe-5ee1d391fbeb2"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3570da73610-FRA

GET
H2 200 icon-cart-add--orellfuessli.844ccbe3f804bc539eb1.svg
www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/assets/ 576 B
445 B 38ms
37ms Image
image/svg+xml 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/assets/icon-cart-add--orellfuessli.844ccbe3f804bc539eb1.svg

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/style.b7ee49559128a57c2f75.orellfuessli.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558b21cdbac5b1fd99f24cd1952711f0e140f6cd880ed0db010dd272f8dc2641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/warenkorb-resources/warenkorb-button-artikelfokus/style.b7ee49559128a57c2f75.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1514463
grace: none
x-cache: MISS
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 21:54:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: image/svg+xml
content-language: de
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda3570a693a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 cc68dbce60d345dc16f1f84ee23ab66d521b1837.jpg
assets.thalia.media/img/cms/ 93 KB
94 KB 131ms
131ms Image
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/img/cms/cc68dbce60d345dc16f1f84ee23ab66d521b1837.jpg
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20774f3b43c77909592716bdbe8cd9e52660d7e06ec8282bbfc22fbb9f137799

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:46 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda3570da83610-FRA

GET
H2 200 icon-link-forward--orellfuessli.9dcb56d5487525be61dd-9dcb56d5487525be61ddd8fe7b837968.svg
assets.thalia.media/ocsassets/suchocs/suche-ueberschrift/assets/ 238 B
645 B 34ms
34ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-ueberschrift/assets/icon-link-forward--orellfuessli.9dcb56d5487525be61dd-9dcb56d5487525be61ddd8fe7b837968.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/suchocs/suche-ueberschrift/style.599b54815c283eacee1f.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa05a2b89a05d8d53be7f6240feb63ac484900d03bcd46f48539f6cc7e02d793

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/ocsassets/suchocs/suche-ueberschrift/style.599b54815c283eacee1f.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1513209
x-originaluniqueid: ZfHKr8LtnfqeACVtB9Q6IgAAATE
x-envoy-upstream-service-time: 11
x-messageid: ZfHKr8LtnfqeACVtB9Q6IgAAATE
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda35708e88efb-FRA

GET
H2 200 icon-star-inactive--orellfuessli.8f108163d32db74625c5-8f108163d32db74625c535b0122a1986.svg
assets.thalia.media/ocsassets/suchocs/suche-produktslider/assets/ 254 B
459 B 37ms
37ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/assets/icon-star-inactive--orellfuessli.8f108163d32db74625c5-8f108163d32db74625c535b0122a1986.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ae460c282c89877c4699d3b1d9d0c8d2984f51764e2263ec9a217c7a1af8e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1506340
x-originaluniqueid: ZfHsInReELRFbfv5BlnGhwAAAvg
x-envoy-upstream-service-time: 2
x-messageid: ZfHsInReELRFbfv5BlnGhwAAAvg
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3570daa3610-FRA

GET
H2 200 icon-star--orellfuessli.87619f13525723bbb105-87619f13525723bbb105eedf5a5ee72f.svg
assets.thalia.media/ocsassets/suchocs/suche-produktslider/assets/ 254 B
322 B 36ms
36ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/assets/icon-star--orellfuessli.87619f13525723bbb105-87619f13525723bbb105eedf5a5ee72f.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611072c233d29d326f0e0e7678d29ad1d42c1a994454a7b80a11183ba5102254

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1513209
x-originaluniqueid: ZfHKr7bESNikPPxIez8xmwAAAKI
x-envoy-upstream-service-time: 2
x-messageid: ZfHKr7bESNikPPxIez8xmwAAAKI
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3570dab3610-FRA

GET
H2 200 finki-plueschtier.jpeg
images.thalia.media/03/-/4e01e118a0b04e168ecde4ca3325c421/ 5 KB
5 KB 89ms
89ms Image
image/webp 2606:4700::6812:17de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thalia.media/03/-/4e01e118a0b04e168ecde4ca3325c421/finki-plueschtier.jpeg

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ccbc31f1bac6cc28d1c4a48c3e1025e2cef5899303f5405817aebff48e742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
x-backend: image_ics
cf-polished: qual=85, origFmt=jpeg, origSize=6394
content-disposition: inline; filename="finki-plueschtier.webp"
content-length: 5196
cf-bgj: imgq:85,h2pri
last-modified: Tue, 25 Apr 2023 15:58:35 GMT
server: cloudflare
etag: "3f349715b985dfcd0166789b6decf35a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=259200,s-maxage=467102618
x-server: vds
accept-ranges: bytes
cf-ray: 86cda3579ed49fa2-AMS

GET
H2 200 shell-consent.62dbf419ddb4.js Show response
www.orellfuessli.ch/assets/static/ 126 KB
38 KB 41ms
41ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/static/shell-consent.62dbf419ddb4.js

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62dbf419ddb4acfe3604057a5509cbae98f13c82a361c4c4e6d13c6ae68780dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 332254
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 08:18:44 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: max-age=31536000, public
cf-ray: 86cda3572a7b3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-heimdall-nomodule.0c5f7f84cacdbf2c16cd.js Show response
assets.thalia.media/ocsassets/cookiemonster/cookiemonster-tracking-code/ 1 KB
918 B 33ms
33ms Script
application/javascript 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/ocsassets/cookiemonster/cookiemonster-tracking-code/main-heimdall-nomodule.0c5f7f84cacdbf2c16cd.js
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/script-consent/main-nomodule.288154f1b7fcdb737c75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3430ada06e93710c0d8c33de52206b350cca35415ac20c03a3346e07872d0b31

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1511613
x-originaluniqueid: ZWg8JaO4K1QzBzYdUsQqMAAAAmY
x-envoy-upstream-service-time: 0
x-messageid: ZWg8JaO4K1QzBzYdUsQqMAAAAmY
last-modified: Fri, 17 Nov 2023 16:06:44 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3572db53610-FRA

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 476 KB
130 KB 97ms
38ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a607eb8bc5afc4fc6deb45e61a35f095c77fa1653080e7b920cf3026f0ef687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132252
x-xss-protection: 0
last-modified: Sun, 31 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Mar 2024 04:36:22 GMT

GET
H2 200 header-overlay Show response
www.orellfuessli.ch/include/login/ 5 KB
2 KB 46ms
46ms Fetch
text/html 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/login/header-overlay

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923a59a977767105bb8898be649cde0ef6fc38fb2fc5c625b542e32a8f392c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 525
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: text/html;charset=UTF-8
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 86cda3574a853a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: 0

GET
H2 200 artikelnummern Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/ 22 B
177 B 81ms
80ms Fetch
application/json 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikeldetails/v2/artikelnummern

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/main-module.57010d197aa50e35e4bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding,Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3575a8d3a88-FRA
expires: 0

GET
H2 200 style.e1695595b8871cf7074d.orellfuessli.css
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/ 13 KB
2 KB 32ms
32ms Stylesheet
text/css 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/style.e1695595b8871cf7074d.orellfuessli.css

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/merkzettel-limit-hinweis/main-module.42d6263c759e6013a5ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946f422273409c3d264097c31e7b4cd2b27f2ead64ba86b9ee5f030316a092df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 606181
content-encoding: br
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-messageid: ZfHp67FyuPKeN0jOUjGYPQAABLQ
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3575dc53610-FRA

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
173 B 74ms
74ms Fetch
application/json 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: same-origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3575a903a88-FRA
expires: 0

GET
H2 200 abodaten Show response
www.orellfuessli.ch/abokaufen/api/rest/ 104 B
418 B 47ms
47ms Fetch
application/json 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/abokaufen/api/rest/abodaten

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/abokaufen/resources/abodaten-loader/main-module.be0c0c844e87cddce3d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e05496608e58c334abae70368801cfb1f07d3cbe4713bc8a8eef8fd74d0de5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 134
grace: none
x-cache: HIT
x-envoy-upstream-service-time: 8
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json
content-language: de
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3577a983a88-FRA

GET
H2 200 icon-dislike--orellfuessli.44adb20d1782c72db80e.svg
assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/assets/ 1 KB
1 KB 34ms
34ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/assets/icon-dislike--orellfuessli.44adb20d1782c72db80e.svg

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbf45aaa253b03ac76a20a1ef45c100799ce5d6a011db5e97c960c44f71d7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/artikel-merken-herz/style.ac3848cac72126ee5c20.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
x-content-type-options: nosniff
thaliainternalrequest: true
cf-cache-status: HIT
age: 215032
content-encoding: br
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-messageid: Zf733rQjGYc8brQmCJCZRQAAAmY
last-modified: Tue, 05 Mar 2024 08:24:38 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda35779188efb-FRA

GET
H2 200 ajax Show response
www.orellfuessli.ch/include/heimdall/v1/consent/ 0
49 B 76ms
76ms Fetch
text/html 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/heimdall/v1/consent/ajax

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/heimdall/consent-banner-bootstrap/main-nomodule.7159af68cbdcfe45f6ed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-language: de
content-type: text/html;charset=UTF-8
cf-ray: 86cda3577a9b3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 flyout.json Show response
www.orellfuessli.ch/cms/api/1/services/ 81 KB
14 KB 57ms
57ms Fetch
application/json 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/cms/api/1/services/flyout.json?tenantId=37&storeUrl=L3NpdGUvY29tcG9uZW50cy9waW5uZWQvb3JlbGxmdWVzc2xpX2NoL25hdmlnYXRpb24vMjkzZTVmNzktMjFlMC05MGI3LWFmN2MtYWFlY2ZmODIzYjNjLnhtbA==

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/header-prime-navigation/main-module.a0d63f1047cfcdc8f7c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b37c94393877cf23d26057bee07081be5f8cd331affab63eb5b93f2bdd94d8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 386
grace: none
x-crafter: true
x-cache: HIT
cross-origin-resource-policy: same-origin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json;charset=UTF-8
content-language: de
cache-control: max-age=600,must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3579aa53a88-FRA

GET
H2 200 merge Show response
mycliplister.com/ 450 KB
106 KB 151ms
59ms Script
text/javascript 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/red/cms/components/content-video/main-module.394870c66d6c83348e20.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

57559c54129b88bc4a17cfb96c730b15320fc032a505e095797d32c934ce5b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-server: he54
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icon-arrow--orellfuessli.c578fa429dc0334daf9f-c578fa429dc0334daf9fd7f539d8e4a9.svg
assets.thalia.media/ocsassets/suchocs/suche-produktslider/assets/ 168 B
504 B 35ms
35ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/assets/icon-arrow--orellfuessli.c578fa429dc0334daf9f-c578fa429dc0334daf9fd7f539d8e4a9.svg
Requested by: Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096298d370ff6854b7f4b3d5c3fe6c8d0c88a523c0f9e0181e2b005f89db5084

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.thalia.media/ocsassets/suchocs/suche-produktslider/style.55bd5ca7e72aa615ce29.orellfuessli.css
Origin: https://www.orellfuessli.ch
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
via: 1.1 apigw-fe.prod.ecom.thalia.de, 1.1 veer7po1shohqu-origin-prod.thalia.media
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 1511335
x-originaluniqueid: ZfHYnwQMTf9YovfLdH@HyAAAAvo
x-envoy-upstream-service-time: 1
x-messageid: ZfHYnwQMTf9YovfLdH@HyAAAAvo
last-modified: Wed, 13 Mar 2024 10:39:20 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=15780000, immutable
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda357e94b8efb-FRA

GET
H2 200 style.bfc9869a097b05647e12.orellfuessli.css
www.orellfuessli.ch/login/resources/login-form-kompakt/ 15 KB
3 KB 36ms
35ms Stylesheet
text/css 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/login-form-kompakt/style.bfc9869a097b05647e12.orellfuessli.css

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dddbfdba0ad735ff33337c689077dd72316cf997cedb60f2cb472235323ab854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1506970
grace: none
x-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 11:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: text/css
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda3580adc3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H2 200 main-nomodule.78fe5a9315503dc7544e.js Show response
www.orellfuessli.ch/login/resources/login-form-kompakt/ 15 KB
5 KB 34ms
34ms Script
application/javascript 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/login/resources/login-form-kompakt/main-nomodule.78fe5a9315503dc7544e.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/login/resources/global-header-login/main-nomodule.a29726ca4a88428c064e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56f1d9ae4b67b544517195747ab20865d7dc5e28aaafc80b165ded2889aeddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1515723
grace: none
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 11:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
vary: Origin, Accept-Encoding
content-type: application/javascript
content-language: de
cache-control: public, max-age=31560000, immutable
cf-ray: 86cda3580adf3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?render=explicit

39 KB
13 KB

45ms
44ms

Script
application/javascript

104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?render=explicit
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H3
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 86cda358aa532c4d-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 31 Mar 2024 04:36:22 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /turnstile/v0/g/dc6b543c1346/api.js?render=explicit
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
cf-ray: 86cda3587a3f2c4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 kundenfiliale
www.orellfuessli.ch/api/rest/ 0
0 49ms
48ms Fetch 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/kundenfiliale

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/filialauswahl-resources/kundenfiliale-zuordnung/main-module.e90d8b0ebaadd92660be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3584aea3a88-FRA
expires: 0

GET
H2 200 kundezuordnen
www.orellfuessli.ch/include/warenkorb/ 0
0 50ms
50ms Fetch
text/html 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/include/warenkorb/kundezuordnen

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
content-language: de
accept-ranges: bytes
cf-ray: 86cda3584aeb3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
retry-after: 5

GET
H2 200 size Show response
www.orellfuessli.ch/api/warenkorb/ 19 B
97 B 50ms
50ms Fetch
application/json 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/warenkorb/size

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/warenkorb-resources/header-warenkorb/main-nomodule.80c8918f2f1ea9a449a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: same-origin
content-length: 19
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: application/json
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3589b143a88-FRA
expires: 0

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tmrlc/0x4AAAAAAAGScWG5hN6qjtSf/light/ Frame 95CC 0
0 56ms
32ms Document
text/html 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tmrlc/0x4AAAAAAAGScWG5hN6qjtSf/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-CH,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86cda35948711e50-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 31 Mar 2024 04:36:22 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 anzahl.html Show response
www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/ 1 B
92 B 48ms
48ms Fetch
text/plain 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/api/rest/public/merkzettel/admin/artikelanzahl/v2/anzahl.html

Requested by

Host: assets.thalia.media
URL: https://assets.thalia.media/ocsassets/merkzettel/merkzettel-assets/global-header-merkzettel/main-module.898aca118c638e9b52b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: same-origin
content-length: 1
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN, DENY
vary: Origin
content-type: text/plain; charset=utf-8
content-language: de
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda3592b493a88-FRA
expires: 0

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 464 B
925 B 274ms
207ms XHR
application/json 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2NldqdFBJVHUzNlJfMzF3Q19Lbm02WHhOXzF5YV8xRVEiLCJsYW5nIjoiIyMifV0=

Requested by

Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

d9024ef407cc8b01e7e3df75d28b1e7c61ef8a0cd186b3dcb2e5b10557196e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he54
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 464

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 464 B
925 B 309ms
245ms XHR
application/json 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2YWJnQmRLaFRGNHE3M19LbThmbTdia3ZtYmt5MldrQ3IiLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

17d61906404ab9b17d0b80a21eb9e90071f10096d1eca5d5e797d41e6c824a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he46
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 464

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 464 B
925 B 262ms
200ms XHR
application/json 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2M183XzdfNlNsTl9fTjlHb19Tc0hCXzNhMlB4WVR1YWIiLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

24e224458866b7a8945f6757a3bfcdea170933c63b9be89e49d55037db4541b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he52
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 464

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 464 B
925 B 270ms
209ms XHR
application/json 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2OGVkWVVRTVNpNk9xMzRuajhmcTRxNzc2WEJiaFVNUjciLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

e7393cbced8bfcacf337e607826a2714a4d78e08a41f13e7fb7dc4d18a0db86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he48
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 464

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 464 B
925 B 299ms
239ms XHR
application/json 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2ZFBfRjRubTRqaV9fTjFCOF9ZSl8wZm0wZmhPdFBEdmciLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

6ed263ed304e051efb5f3f5e1d92d9f9c0b67791b6b98ee4cef31c44524d346a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he56
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 464

GET
H2 200 / Show response
mycliplister.com/lc/187751/ 464 B
925 B 263ms
204ms XHR
application/json 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/lc/187751/?W3siU0VPIjpmYWxzZSwiZnNrIjoxOCwia2V5dHlwZSI6MzAwMDAsInJlcXVlc3RrZXkiOiJ2Y3pxY3U2U2ptXzRveWN2aTdhYV83OUhESEI5RVdvd0ciLCJsYW5nIjoiIyMifV0=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

4a6d142e2f7adaa543a9b7875d87338191eb8d202886ee0be44524b9be8945f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he50
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 464

GET
H2 200 send
ga.thalia.media/j/ 2 B
0 135ms
126ms Fetch
text/plain 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.thalia.media/j/send?v=1&ds=web&aip=1&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&sd=24-bits&dt=Kinderclub%20%7C%20Orell%20F%C3%BCssli&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&ul=en-us&de=UTF-8&sr=800x600&vp=1600x1113&_r=1&jid=960460117&z=238616464&t=pageview&cm11=741

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.62dbf419ddb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
cf-ray: 86cda35a5a338efb-FRA
content-length: 2
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
0 107ms
36ms Fetch
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=602221527

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.62dbf419ddb4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 31 Mar 2024 04:36:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.ch/ads/
Redirect Chain

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=280823454
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=280823454&slf_rd=1&random=2185679561

42 B
0

110ms
35ms

Fetch
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=280823454&slf_rd=1&random=2185679561

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Mar 2024 04:36:22 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j96&tid=UA-39319847-14&cid=408caf65-a0cb-49f6-962e-da22883efba3&jid=960460117&z=280823454&slf_rd=1&random=2185679561
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 114ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BE2W3ZY94G&_p=1146764629&sr=800x600&ul=en-us&cid=2694204447.1711859782759&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dr=undefined&dt=Kinderclub%20%7C%20Orell%20F%C3%BCssli&sid=1711859782759&_s=1&en=page_view&gtm=45je32m0&cu=CHF&uafvl=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&uap=Win32&_dbg=1&_gaz=1&sct=1&seg=0&_fv=1&_ss=1&mri=1711859782759&gcs=G111&gcd=11r1r1r1r5&dma=0&dma_cps=sypham&epn.perf_fcp=741&ep.debug_data=1711859782759%2C1711859782759
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.62dbf419ddb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 108ms
37ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BE2W3ZY94G&cid=2694204447.1711859782759&gtm=45je32m0&aip=1&gcs=G111&gcd=11r1r1r1r5&dma=0&dma_cps=sypham
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/assets/static/shell-consent.62dbf419ddb4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orellfuessli.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite03.png
www.orellfuessli.ch/cookiemonster/v1/ 95 B
259 B 52ms
52ms Image
image/png 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orellfuessli.ch/cookiemonster/v1/sprite03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: same-origin
content-length: 95
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
content-language: de
cache-control: no-cache, must-revalidate
cf-ray: 86cda35a5bbd3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=1907551650.1711859783&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He43r0n513...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=1907551650.1711859783&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm...

42 B
65 B

68ms
34ms

Ping
image/gif

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=1907551650.1711859783&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He43r0n513TL3v6104277za200&auid=954261961.1711859783

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&rnd=1907551650.1711859783&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&dma=0&npa=0&gtm=45He43r0n513TL3v6104277za200&auid=954261961.1711859783
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 251 KB
87 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-978673102&l=newDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56aeec6378c53aa91f07340ff7cc2e92965a94f6842f62161970dd92215d884c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89246
x-xss-protection: 0
last-modified: Sun, 31 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Mar 2024 04:36:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 117ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 31 Mar 2024 04:36:22 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0AE89B9C0D58476D8780695D3B78C329 Ref B: FRA31EDGE0617 Ref C: 2024-03-31T04:36:22Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 200 KB
73 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9327407&l=newDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f352c69388d8776806a28c8eb875b82519305001e604dc94d1eac5e9fa71ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74682
x-xss-protection: 0
last-modified: Sun, 31 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Mar 2024 04:36:22 GMT

GET
H2 200 13971.js Show response
www.dwin1.com/ 46 KB
13 KB 115ms
30ms Script
application/javascript 2600:9000:214f:8600:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/13971.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14f71ffa21b1bbb4d3b3696e15191afa75f8ffe16895d5a9ad79651c8aa85863

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xk3W_73RtFCthH5pACkFYnfBHICnbTfS
content-encoding: gzip
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
date: Sun, 31 Mar 2024 04:27:30 GMT
x-amz-cf-pop: FRA53-C1
age: 552
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Mar 2024 07:39:13 GMT
server: AmazonS3
etag: W/"c6298aa0858bc17c5e084ecbeb51632f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: yw-8evoqnR2tEk5e02PdYaIz-j8XUtp2JKszVUlmGURk0WVHlOMMPw==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 80ms
26ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
x-cdn: fastly
etag: "5f9456a62b94027f2e116bffedc2cde1"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1883

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 91ms
27ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2024 16:03:53 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=33155
accept-ranges: bytes
content-length: 17224

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 75ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 31 Mar 2024 04:36:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1320, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4+Hv11aSxgkI09+8tuyEl3SObGn6fNbYcRodLjGNNaLKbITujv4lLeXCVKRQZd48Hc9mUbeCB/bQ9BQho6qtCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 188ms
116ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LKHMN177STLBSB54OG&lib=ttq
Requested by: Host: www.orellfuessli.ch
URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5e73f8fe40a4a7ef2cb69bc908dfa03a9f26d2a24cd4815e8c5d3f6f40fcada3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1badfbcd.148d2843
date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403310436222EA2A0CFB9441C3B7382-42E99B716CF5E516-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time: 89,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=6, inner; dur=3
content-length: 2170
pragma: no-cache
server: nginx
x-tt-logid: 202403310436222EA2A0CFB9441C3B7382
x-cache-remote: TCP_MISS from a23-220-105-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.200
x-tt-trace-host: 0183f456550cab579e40e7958f1e1366483d43a6047403ec0b47b6bdd78f01ba6eaa77c4dcbceb0b8f7d66e2cdc07a25b861707eb2c9eac082c32970d87781210f96e45231a29da732401b426b4944144249e79bc76674022c91d982cf9a117eeb951fc87791f3f3c70249df9c47ee0cbe
expires: Sun, 31 Mar 2024 04:36:22 GMT

GET
H2 200 Controller.js Show response
chat.orellfuessli.ch/Chat/ 48 KB
48 KB 116ms
32ms Script
text/javascript 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3TL3&l=newDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 22bcfcb4f9f8a275e009ea9ca1c9bcb4cd8636a35539f6a20f4465522d8c74fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:22 GMT
cache-control: private
access-control-allow-credentials: true
server: Chat
content-length: 48735
content-type: text/javascript; charset=utf-8

GET
H2 200 icon64.png
www.orellfuessli.ch/assets/images/meta/oft/ 485 B
779 B 37ms
37ms Other
image/png 104.16.90.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orellfuessli.ch/assets/images/meta/oft/icon64.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.90.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17134b8027532c3b08cefde6c202c8d1405aee2edede1da9c1e661bfade905c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1506971
cross-origin-resource-policy: cross-origin
content-length: 485
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 07:37:05 GMT
server: cloudflare
cross-origin-opener-policy: cross-origin
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: image/png
content-language: de
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 86cda35a6bcf3a88-FRA
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/ 3 KB
1 KB 91ms
37ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978673102/?random=1711859782833&cv=11&fst=1711859782833&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9178896824z86104277za201&gcd=13r3r3r3r5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&hn=www.googleadservices.com&frm=0&tiba=Kinderclub%20%7C%20Orell%20F%C3%BCssli&npa=0&pscdl=noapi&auid=954261961.1711859783&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%3Bads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-978673102&l=newDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

51ef7cc53fc80a27305c384d97d37a188717b1604b56eaff53201c758b994efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNmuldLWnYUDFWUiBgAdZD4Aag;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefin...
9327407.fls.doubleclick.net/ Frame 24D6
Redirect Chain

https://9327407.fls.doubleclick.net/activityi;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undef...
https://9327407.fls.doubleclick.net/activityi;dc_pre=CNmuldLWnYUDFWUiBgAdZD4Aag;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;...

0
0

46ms
45ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9327407.fls.doubleclick.net/activityi;dc_pre=CNmuldLWnYUDFWUiBgAdZD4Aag;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9327407&l=newDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-CH,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Mar 2024 04:36:23 GMT
expires: Sun, 31 Mar 2024 04:36:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Mar 2024 04:36:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9327407.fls.doubleclick.net/activityi;dc_pre=CNmuldLWnYUDFWUiBgAdZD4Aag;src=9327407;type=pageview;cat=global00;ord=4700321938778;npa=0;auiddc=954261961.1711859783;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=undefined;u18=NaN;u19=NaN;u21=undefined;u22=undefined;u23=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub;u24=undefined;u25=alle%20Seiten;u30=desktop;u9=undefined;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe43r0z86104277za201;gcs=G111;gcd=13r3r3r3r5;dma=0;epver=2;~oref=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.d1ecc6ee.js Show response
s.pinimg.com/ct/lib/ 64 KB
18 KB 27ms
27ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
x-cdn: fastly
etag: "671fd3d6701d35a87b369bffd3965ff6"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18590

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkin...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkin...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3699170%26time%3D1711859782882%26li_adsId%3D536e9667-4ff7-4564-9ff1-68d2285972b9%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkin...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fki...

0
264 B

224ms
167ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=AQLtxD_m3-ygkgAAAY6Sy1erlyPOIh6WskteHgLSVJouHBLjWh2OJiHNxKIvvx4wP_ckDX-6fx7u
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.orellfuessli.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1159AB8638704E26B44B8D27E0FC51B4 Ref B: FRAEDGE1206 Ref C: 2024-03-31T04:36:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYU7WpR1ymb6WofpDbFfw==

Redirect headers

date: Sun, 31 Mar 2024 04:36:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B865DF20BAE04541B01172043A6A2860 Ref B: DUS30EDGE0315 Ref C: 2024-03-31T04:36:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3699170&time=1711859782882&li_adsId=536e9667-4ff7-4564-9ff1-68d2285972b9&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&cookiesTest=true&liSync=true&e_ipv6=AQLtxD_m3-ygkgAAAY6Sy1erlyPOIh6WskteHgLSVJouHBLjWh2OJiHNxKIvvx4wP_ckDX-6fx7u
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYU7WpOVKhXUJpuudilyA==

GET
H2 204 12000244.js Show response
bat.bing.com/p/action/ 0
118 B 48ms
48ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/12000244.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 31 Mar 2024 04:36:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 987764B0D7D14ED982D1C6B402BDBD77 Ref B: FRA31EDGE0617 Ref C: 2024-03-31T04:36:22Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 111ms
111ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=12000244&tm=gtm002&Ver=2&mid=c64f8dd2-e824-4b99-9091-a026d202bd5f&sid=3a26e720ef1811ee89289b14dc903944&vid=3a270340ef1811eebccc5b20dec1f9c4&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Kinderclub%20%7C%20Orell%20F%C3%BCssli&p=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&r=&lt=1458&evt=pageLoad&sv=1&rn=868566

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 31 Mar 2024 04:36:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5F2036633DF74402A9F1F2DA570C0562 Ref B: FRA31EDGE0617 Ref C: 2024-03-31T04:36:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 5 KB
2 KB 120ms
31ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: ecc657f1386078cbd2ea41bec09562c0f270d3e9dcf2cb074116bd9c050f86b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 31 Mar 2024 04:36:23 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=70
Content-Length: 1639
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 lantern_global_13971.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 97ms
27ms Script
application/octet-stream 2600:9000:20eb:c200:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_13971.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13971.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c200:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9aff8fcbf9e3e27085f01a8e7943e17703de8de0d5943245eaa1eb0f375e4ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8gvMpeqJyeQkoXN0oo9ZIr.JIIgkLUyc
date: Sat, 30 Mar 2024 23:53:37 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 14:39:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 17240
etag: "737e0adf687635be2fadd7f2ef253675"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1815
x-amz-cf-id: XBv9Y43ebISCkUcO4hQ1H9WjdiK9lbqX1gUfceRdyUx0FWyAr0qNYA==

GET
H2 200 1990369294524981 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1990369294524981?v=2.9.151&r=stable&domain=www.orellfuessli.ch&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66c1453cf23694574d1d18ba036231cb74758c66856650c347560c326cdd5d9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 31 Mar 2024 04:36:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=63, mss=1320, tbw=63201, tp=-1, tpl=-1, uplat=56, ullat=0
pragma: public
x-fb-debug: Bj7qqS2afcdf4st0iq7wMaJIggpRlqWhgOchqWFiK123dyd4RCyt6owSiLjj/aaXvwIoisqTz8A/zSZWLuC7WA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 playButton.png
assets.thalia.media/red/cms/components/content-video/assets/ 2 KB
2 KB 33ms
33ms Image
image/webp 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/playButton.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef9012ae967969da4cb43d4899d23ddb84a2eba79392a91836feff02dbe689e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
thaliainternalrequest: true
cf-cache-status: HIT
age: 303279
cf-polished: origFmt=png, origSize=4351
content-disposition: inline; filename="playButton.webp"
content-length: 1750
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: "10ff-5f64a6f44e1b2"
vary: Accept
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600, public
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
cf-ray: 86cda35b5f553610-FRA

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 70ms
70ms XHR
text/html 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35b5a9d8efb-FRA

GET
H2 200 1239fae45bfec423f41bd1cbfe6a7c286acc8e743be78292e9833160237cc648eb6a4c976bea73dcdb113158dc383f27064eb7daa11e7d43c0e3ec7b962ee4919790c5877143fa2df946ad4ef91c4cbf4_x4c002731b13c1f45b3e232a7d57a46cb76... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 133ms
132ms XHR
text/plain 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1239fae45bfec423f41bd1cbfe6a7c286acc8e743be78292e9833160237cc648eb6a4c976bea73dcdb113158dc383f27064eb7daa11e7d43c0e3ec7b962ee4919790c5877143fa2df946ad4ef91c4cbf4_x4c002731b13c1f45b3e232a7d57a46cb76308106e9fb07225b3b4cd1dbe53a502494a775efb4ace9febca341ce7e153642b7eb4d042467e680a7097b96c2f22b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

072158d44e545d93eaa72dfb4440e09aab2bca203d66c1be67baf7291d232c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he56
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 / Show response
ct.pinterest.com/user/ 302 B
716 B 122ms
52ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1711859782926&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.cbd5ce17.1711859783.2580c0cd
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=600
content-length: 175
x-pinterest-rid: 5469850854401683
pin-unauth: dWlkPU16RTNPR0V3WW1RdFpXUmhPUzAwTUdReUxXRXdNakF0TWpKalpqVTRaamRoTldKaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.orellfuessli.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: e55cd6245ba0a9b4bc845e73c8628057727dd4c8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 72ms
72ms XHR
text/html 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35b6aa58efb-FRA

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 116ms
53ms Fetch
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2612445259689&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A600%2C%22sw%22%3A800%2C%22mh%22%3A%22d1ecc6ee%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.86%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1711859782933

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.cbd5ce17.1711859783.2580c0ce
content-type: image/gif
access-control-allow-origin: https://www.orellfuessli.ch
pinterest-version: e55cd6245ba0a9b4bc845e73c8628057727dd4c8
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 2384933994067243
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1ebdae2ce1f662cec47ee45f762071bfcb8e20e0d73dd52dcf1c1c1e7585b13431d1ceff47912d18b23048fcd57b75a83613356406313647b820a605d86b2309ce28c93acd8d3a9c23137609369de258b_x4c002731b13c1f45b3e232a7d57a46cb76... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 122ms
122ms XHR
text/plain 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1ebdae2ce1f662cec47ee45f762071bfcb8e20e0d73dd52dcf1c1c1e7585b13431d1ceff47912d18b23048fcd57b75a83613356406313647b820a605d86b2309ce28c93acd8d3a9c23137609369de258b_x4c002731b13c1f45b3e232a7d57a46cb76308106e9fb07225b3b4cd1dbe53a502494a775efb4ace9febca341ce7e153642b7eb4d042467e680a7097b96c2f22b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

d9645ebb629dc7b0473b2dbc5815bfcc4460c9ca76a92ac52bff4681007f2fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he46
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 73ms
73ms XHR
text/html 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35b6aa78efb-FRA

GET
H2 200 13babbfe0bf94ba51cd2876d4923be97d95c5d520e643b57cfb3d5a886c2d9a494c58b15968fb49cac79974d6fe7da2fa3c8eb0fd840d61f904839dff4e2885908a7d23628e2da6bb046ed900cb93e7b1_x4c002731b13c1f45b3e232a7d57a46cb76... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 135ms
134ms XHR
text/plain 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/13babbfe0bf94ba51cd2876d4923be97d95c5d520e643b57cfb3d5a886c2d9a494c58b15968fb49cac79974d6fe7da2fa3c8eb0fd840d61f904839dff4e2885908a7d23628e2da6bb046ed900cb93e7b1_x4c002731b13c1f45b3e232a7d57a46cb76308106e9fb07225b3b4cd1dbe53a502494a775efb4ace9febca341ce7e153642b7eb4d042467e680a7097b96c2f22b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

581247fea5d04675f181ef519bc7904518377399edf3370bbd486c3e4fd98260

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he54
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 70ms
70ms XHR
text/html 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35b6aaa8efb-FRA

GET
H2 200 1239fae45bfec423f41bd1cbfe6a7c2869aeb3d239b43ed80f296d4c6e8eb919d4c3f3c373b538ff63660af904705b7329ad83d059d23ce1dff973da21c7295cd8d544cdc5aa3a54837bc87eae2ac5e5a_x4c002731b13c1f45b3e232a7d57a46cb76... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 127ms
127ms XHR
text/plain 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/1239fae45bfec423f41bd1cbfe6a7c2869aeb3d239b43ed80f296d4c6e8eb919d4c3f3c373b538ff63660af904705b7329ad83d059d23ce1dff973da21c7295cd8d544cdc5aa3a54837bc87eae2ac5e5a_x4c002731b13c1f45b3e232a7d57a46cb76308106e9fb07225b3b4cd1dbe53a502494a775efb4ace9febca341ce7e153642b7eb4d042467e680a7097b96c2f22b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

8c5ba4f756a0e37975691aa333647542fd86b0b5451f4293d25b8802e4bae859

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he50
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H3 200 /
www.google.com/pagead/1p-user-list/978673102/ 42 B
64 B 34ms
33ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978673102/?random=1711859782833&cv=11&fst=1711857600000&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9178896824z86104277za201&gcd=13r3r3r3r5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&frm=0&tiba=Kinderclub%20%7C%20Orell%20F%C3%BCssli&npa=0&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%3Bads_data_redaction%3Dtrue&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqpP8Oz1Ee-wRd_P2AjeYZsXQnv21JFQ&random=3242286046&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/978673102/ 42 B
455 B 95ms
37ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/978673102/?random=1711859782833&cv=11&fst=1711857600000&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9178896824z86104277za201&gcd=13r3r3r3r5&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&frm=0&tiba=Kinderclub%20%7C%20Orell%20F%C3%BCssli&npa=0&data=ecomm_pagetype%3Dsiteview%3Burl%3Dhttps%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub%3Bads_data_redaction%3Dtrue&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqpP8Oz1Ee-wRd_P2AjeYZsXQnv21JFQ&random=3242286046&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 31 Mar 2024 04:36:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 78ms
78ms XHR
text/html 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35b8ab98efb-FRA

GET
H2 200 11cd7ea7d1d906496e71898433b45abf97730862aaaf63b5b13679b8f4711da99cd04d012c113dcd541302eb504ae15d030d757a739dae64d7f20b20e66eec74b4766e6e61ea5b1efc352671cedd3914c_x4c002731b13c1f45b3e232a7d57a46cb76... Show response
mycliplister.com/jplist/187751/ 4 KB
2 KB 129ms
128ms XHR
text/plain 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/11cd7ea7d1d906496e71898433b45abf97730862aaaf63b5b13679b8f4711da99cd04d012c113dcd541302eb504ae15d030d757a739dae64d7f20b20e66eec74b4766e6e61ea5b1efc352671cedd3914c_x4c002731b13c1f45b3e232a7d57a46cb76308106e9fb07225b3b4cd1dbe53a502494a775efb4ace9febca341ce7e153642b7eb4d042467e680a7097b96c2f22b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

799b20ecd62ca7607e8b3188f9067a6db6ee4703ac66cdf668d9af0ad0de58ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he54
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 controls.html Show response
assets.thalia.media/red/cms/components/content-video/assets/skin/ 25 KB
4 KB 70ms
69ms XHR
text/html 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/controls.html
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: br
thaliainternalrequest: true
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"6444-5f64a6f453c68"
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35b9abb8efb-FRA

GET
H2 200 13babbfe0bf94ba51cd2876d4923be97d11a68d93661234e4d357710446c0cc795d2dbe26b076cd59dea524b29abf649409eb7fb3c02761217b18f461625cfb11a10cef947c811a4faec814f651a71a3a_x4c002731b13c1f45b3e232a7d57a46cb76... Show response
mycliplister.com/jplist/187751/ 5 KB
2 KB 261ms
261ms XHR
text/plain 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/jplist/187751/13babbfe0bf94ba51cd2876d4923be97d11a68d93661234e4d357710446c0cc795d2dbe26b076cd59dea524b29abf649409eb7fb3c02761217b18f461625cfb11a10cef947c811a4faec814f651a71a3a_x4c002731b13c1f45b3e232a7d57a46cb76308106e9fb07225b3b4cd1dbe53a502494a775efb4ace9febca341ce7e153642b7eb4d042467e680a7097b96c2f22b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

f9d5db2691e12953bf3dbcb07ce7d8b9a053784bf699b282a3190d6655f151e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: he48
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range

GET
H2 200 main.MWIzOGRhOGZjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 425 KB
112 KB 28ms
27ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LKHMN177STLBSB54OG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 148d28d2
date: Sun, 31 Mar 2024 04:36:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024031810101318CFB55811F82B7B041F
x-tt-trace-id: 00-24031810101318CFB55811F82B7B041F-4BE6D522C47E918A-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c8ceb0d0feeef31a416729b487ac61d2c54dfd49eada796ecbb7f540fdb7570682e5922af6438d127933d57360a002ee74e255d4d774c9975715d138d167379d56d3e09526217c2bc67d3bacbb913fa12eb29df140aa0afcc931392ebb8e0e45
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length: 114374

GET
H2 200 track.php
lantern.roeye.com/ 0
153 B 164ms
52ms Image
image/gif 34.249.78.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=8c7efc8e-d8a2-4e76-8e39-4f17f461227c&referrer=&landingpage=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&site=13971
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.78.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-78-6.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 74ms
24ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1990369294524981&ev=PageView&dl=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&rl=&if=false&ts=1711859783008&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711859783006.933946333&cs_est=true&ler=empty&cdl=API_unavailable&it=1711859782913&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1320, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 31 Mar 2024 04:36:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 controls-map.svg
assets.thalia.media/red/cms/components/content-video/assets/skin/img/ 24 KB
7 KB 36ms
35ms Image
image/svg+xml 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thalia.media/red/cms/components/content-video/assets/skin/img/controls-map.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 110b2b2e359aca1e1b080f935fc4c95dab0d61873b67be1b3c9935c980bba5c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: br
thaliainternalrequest: true
cf-cache-status: HIT
age: 4299
last-modified: Tue, 07 Mar 2023 07:33:58 GMT
server: cloudflare
etag: W/"6161-5f64a6f457ceb"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35bef863610-FRA

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
155 B 18ms
18ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
dataType: json
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:22 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 63ms
19ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Sun, 31 Mar 2024 04:36:22 GMT
server: Chat

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 25ms
24ms Script
application/javascript 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.cbd5ce17.1711859783.2580c1a9
etag: "00a3e23e5609ea9564eca6ae4e3949f4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-length: 2111

GET
H2 200 ct.html
ct.pinterest.com/ Frame 7F37 0
0 128ms
61ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-CH,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

akamai-grn: 0.cbd5ce17.1711859783.2580c257
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 31 Mar 2024 04:36:23 GMT
pinterest-version: e55cd6245ba0a9b4bc845e73c8628057727dd4c8
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1084635952304790

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 55 KB
9 KB 50ms
49ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1711859783&um_coupon=&pid=undefined&w=1600&h=1113&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?ext_domain=1&rt=1&campaign_id=40238
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 8aaee7f0d978fd3b0f526c3455400ad6d7eb26fd269a7330a1b00aea67536e35

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 31 Mar 2024 04:36:23 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=69
Content-Length: 8797
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 bbd65a02282a29a48b9bf3c776e8e5c6135028d5.jpg Show response
assets.thalia.media/img/cms/ 0
375 KB 126ms
126ms Fetch
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/bbd65a02282a29a48b9bf3c776e8e5c6135028d5.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35c4b098efb-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 33ms
33ms XHR
image/png 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.40603264763028335

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he50
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Tue, 30 Apr 2024 04:36:23 GMT

GET
H2 200 79f193c7b6b8865b9d5d8cc6537c443635b96314.jpg Show response
assets.thalia.media/img/cms/ 0
201 KB 100ms
100ms Fetch
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/79f193c7b6b8865b9d5d8cc6537c443635b96314.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35c4b0f8efb-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 132ms
132ms XHR
image/png 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.0023114213049029164

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he52
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Tue, 30 Apr 2024 04:36:23 GMT

GET
H2 200 ff9e50cc2530294569aa25a7dbcee8087448375e.jpg Show response
assets.thalia.media/img/cms/ 0
95 KB 108ms
108ms Fetch
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/ff9e50cc2530294569aa25a7dbcee8087448375e.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35c5b198efb-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 148ms
148ms XHR
image/png 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.6110726495846166

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he54
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Tue, 30 Apr 2024 04:36:23 GMT

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 28ms
28ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 148d296a
date: Sun, 31 Mar 2024 04:36:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202403141341523ED2893F305478093D71
x-tt-trace-id: 00-2403141341523ED2893F305478093D71-2AA964AE77C7B5FC-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01215efb9e0067f56dc388fd9e6f52d0c1a63f9d74f8863ef9bdab8c402a9b06c28a8538e12e526d8f5f074ce89dc9341609ddc9e8ce8ef6e9430c6ea75f3d78fb11eb4cb9d46290dea063a46841042b81eab4d03a45e8ca3697f6ffcf5232029d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 37172

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
973 B 435ms
154ms Ping
text/plain 104.120.210.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.210.137 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-120-210-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 40bd624a.4be1622d
date: Sun, 31 Mar 2024 04:36:23 GMT
x-bytefaas-request-id: 202403310436232708E48199AD520A73D2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403310436232708E48199AD520A73D2-7BFC3CD29ED4ED11-00
x-cache: TCP_MISS from a104-120-210-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54729273) (-)
x-parent-response-time: 22,104.120.210.133
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=19, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403310436232708E48199AD520A73D2
x-cache-remote: TCP_MISS from a184-29-143-164.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55336823) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 8.86
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0183f456550cab579e40e7958f1e136648f0bd364255e136deac2bc1557d268770a66208f22e7ca6338d681f691dab36672df2d1a37de1ad4b4e60fefaf0fe2b8a7365dc4086dd496d92402a617a3eb317f2d55c92cccd7b7fff8f5d57cadebbe3899505542b3f6bb333636ddbc35cfc14
x-origin-response-time: 19,184.29.143.164
access-control-allow-headers: *
expires: Sun, 31 Mar 2024 04:36:23 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
847 B 160ms
160ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 29ddbee9.148d299b
date: Sun, 31 Mar 2024 04:36:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403310436237F50E27B5425C60B2E55-4CCA63119D6A954D-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time: 127,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=38, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403310436237F50E27B5425C60B2E55
x-cache-remote: TCP_MISS from a184-28-17-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,184.28.17.143
x-tt-trace-host: 0183f456550cab579e40e7958f1e13664805748fd4ecde7ff6c6102da7581046d456b5a37a257f1f7038c619c646b54a6d815397d1fb80be30338c3ddf5accf6b7293992a26a842e10514f9e47f436e8eda8cd29fca247054dcc79aceeef6446282a53aebbf81155f0c870011b29fdc11d
access-control-allow-headers: Authorization,*
expires: Sun, 31 Mar 2024 04:36:23 GMT

GET
H2 200 cfe1470bd3b994acf265180f005dc34774dcee6e.jpg Show response
assets.thalia.media/img/cms/ 0
96 KB 108ms
107ms Fetch
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/cfe1470bd3b994acf265180f005dc34774dcee6e.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35cab3c8efb-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 121ms
121ms XHR
image/png 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.2560728870154798

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he48
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Tue, 30 Apr 2024 04:36:23 GMT

GET
H/1.1 200
OK ad9d353225366e564c6e60d6ffaea0a5d1c0e0d53d06eee176546124b653b557e2f5136779acb27aa22a1497d350d000 Show response
es30.mycliplister.com/cls/static/ 0
87 KB 105ms
32ms Fetch 94.130.223.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es30.mycliplister.com/cls/static/ad9d353225366e564c6e60d6ffaea0a5d1c0e0d53d06eee176546124b653b557e2f5136779acb27aa22a1497d350d000
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.223.213 Tübingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: es30.mycliplister.com
Software: Cliplister GmbH /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 31 Mar 2024 04:36:23 GMT
Server: Cliplister GmbH
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88581

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 119ms
119ms XHR
image/png 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.2557160898556585

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he56
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Tue, 30 Apr 2024 04:36:23 GMT

GET
H/1.1 200
OK rt.php
www.usemaxserver.de/ Frame 8D0B 0
0 101ms
33ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/rt.php?campaign_id=40238&iframe=1&ext_domain=1&place=1&product_id=&basket=&checkout_amount=&checkout_order_id=&referrer=leer&host=www.orellfuessli.ch&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&iframe=1&cbt=1711859783&k0=0&w=1600&h=1113&ci=IHVzbV91bV9ydD0zNzEzNjQxNzc1JnxlMWY0M2M=
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1711859783&um_coupon=&pid=undefined&w=1600&h=1113&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash

Request headers

Referer: https://www.orellfuessli.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-CH,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 581
Content-Type: text/html
Date: Sun, 31 Mar 2024 04:36:23 GMT
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Keep-Alive: timeout=3, max=70
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache/2.4
Vary: Accept-Encoding

GET
H/1.1 200
OK exint_close.png
www.usemaxserver.de/images/ 3 KB
3 KB 30ms
30ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/images/exint_close.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 31 Mar 2024 04:36:23 GMT
Last-Modified: Tue, 28 Jun 2016 13:42:27 GMT
Server: Apache/2.4
ETag: "a51-53656cebaf6c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=68
Content-Length: 2641

GET
H/1.1 200
OK newsletter_012020.png
www.usemaxserver.de/partner/orellfuessli/onsite/ 193 KB
194 KB 57ms
30ms Image
image/png 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usemaxserver.de/partner/orellfuessli/onsite/newsletter_012020.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 31 Mar 2024 04:36:23 GMT
Last-Modified: Wed, 08 Jan 2020 13:33:48 GMT
Server: Apache/2.4
ETag: "305b7-59ba0f13e0700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=67
Content-Length: 198071

GET
BLOB 200
OK 1317eb54-e70d-4c65-9fc5-c59e8c912771
https://www.orellfuessli.ch/ 94 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/1317eb54-e70d-4c65-9fc5-c59e8c912771
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df1044c62b4a8ef8a86a8bae284018b32ae49701be4587e34ad0bb8cd5234d04

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 96488
Content-Type: image/jpeg

GET
BLOB 200
OK 758ea0ec-c1cd-435c-a0db-89981103019b
https://www.orellfuessli.ch/ 200 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/758ea0ec-c1cd-435c-a0db-89981103019b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a053fe3f5541751d90ecf67cf316a7ab0a40a255cbc0e921325a4b3badf50f60

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 205142
Content-Type: image/jpeg

GET
H2 200 9965bdf63caf2453488e276e06a93fb4168a5e26.jpg Show response
assets.thalia.media/img/cms/ 0
249 KB 218ms
218ms Fetch
image/jpeg 104.16.5.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thalia.media/img/cms/9965bdf63caf2453488e276e06a93fb4168a5e26.jpg
Requested by: Host: mycliplister.com
URL: https://mycliplister.com/merge?cliplister=1.11&clviewer=1.41&videostage=1.27&hls=1.0&videostagehls=1.2&innercontrols=1.14&clickablevideo=1.5&playbutton=1.2&previewimage=1.6&bufferingspinner=1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.5.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
via: 1.1 veer7po1shohqu-origin-prod.thalia.media
cf-cache-status: EXPIRED
last-modified: Sat, 30 Mar 2024 22:46:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
link: <https://assets.thalia.media>; rel=preconnect; crossorigin, <https://media.buch.de>; rel=preconnect; crossorigin
access-control-allow-headers: Range, Authorization, t_auth_token, origin, content-type, accept, x-clientname, x-clientversion
cf-ray: 86cda35d3b938efb-FRA

GET
H2 200 meta2.png Show response
mycliplister.com/static/viewer/assets/chk/ 424 KB
425 KB 63ms
63ms XHR
image/png 2a01:4f8:231:46c9::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mycliplister.com/static/viewer/assets/chk/meta2.png?n=0.8909907335224896

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:231:46c9::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 12 Sep 2016 12:08:49 GMT
server: Cliplister GmbH
x-backend: server_app_ssl
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, max-age=3600
access-control-allow-credentials: true
x-server: he48
accept-ranges: bytes
access-control-allow-headers: Content-Type, accept, headers, X-CSRF-Token, user-token, land-page-password, authorization, Request-Context, Request-Id, traceparent, content-range
content-length: 434322
expires: Tue, 30 Apr 2024 04:36:23 GMT

GET
BLOB 200
OK 862be511-a02c-4185-8632-7ae640416de6
https://www.orellfuessli.ch/ 375 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/862be511-a02c-4185-8632-7ae640416de6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4e3d6caee8202fbd92de55ee0d1a9952165e85d6f3bc446b44522eba0af971e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 383641
Content-Type: image/jpeg

GET
BLOB 200
OK 0b0753c6-cc85-41cf-8e6c-19e665e4d5cf
https://www.orellfuessli.ch/ 96 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/0b0753c6-cc85-41cf-8e6c-19e665e4d5cf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e975030f33dc42e1fd4ca8a49cc5eb7330a1f49ac5374ceb840b7448de501af4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 97841
Content-Type: image/jpeg

GET
BLOB 200
OK 789f3f99-1e8c-4689-b52e-2123f23434fc
https://www.orellfuessli.ch/ 87 KB
0 Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/789f3f99-1e8c-4689-b52e-2123f23434fc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3653a7268b62cce306c88d5fb523719c5bacbe068728f9256ebd97184d864eb7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 88581
Content-Type

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 143ms
143ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a5dc0e2e.148d2abf
date: Sun, 31 Mar 2024 04:36:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24033104362365C9CDD4901AA4F0FC1A-5BBFE6ABC0342D04-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time: 108,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=25, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024033104362365C9CDD4901AA4F0FC1A
x-cache-remote: TCP_MISS from a184-28-17-152.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,184.28.17.152
x-tt-trace-host: 0183f456550cab579e40e7958f1e13664805748fd4ecde7ff6c6102da7581046d4ab1ee0a0d52b6f7d61e8aeb8115910ef55e1b4a5822f7e439af50af45c96e40a56c0feca9633a679d7594f87a7ea7743854fcf0200445ee77f6fdfa3251cacb144f7177616390e613c2250eef7547a11
access-control-allow-headers: Authorization,*
expires: Sun, 31 Mar 2024 04:36:23 GMT

GET
H/1.1 200
OK load_module.php Show response
www.usemaxserver.de/ 8 KB
3 KB 35ms
35ms Script
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/load_module.php?kid=40238&project_id=7441&ci=IHVzbV91bV9ydD0zNzEzNjQxNzc1JnxlMWY0M2M=&pid=744111
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1711859783&um_coupon=&pid=undefined&w=1600&h=1113&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: 9dc5ab349127b2e261ba74074d841187769eb86f69ad60572e3f9e4877181e92

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 31 Mar 2024 04:36:23 GMT
Content-Encoding: gzip
Server: Apache/2.4
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: text/html
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Connection: Keep-Alive
Keep-Alive: timeout=3, max=66
Content-Length: 2261
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ 0
362 B 36ms
36ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?action=view&pid=7441&device=0&ci=IHVzbV91bV9ydD0zNzEzNjQxNzc1JnxlMWY0M2M=&campaign_id=40238&laa=&u=1&exint=1
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=40238&place=1&product_id=&u=1&dv=&cbt=1711859783&um_coupon=&pid=undefined&w=1600&h=1113&referrer=leer&ext_ident=&rt=1&ext_par1=&ext_vars=&loc=https%3A%2F%2Fwww.orellfuessli.ch%2Fbonusprogramme%2Fuebersicht%2Fkinderclub&k0=0&host=www.orellfuessli.ch&ci=fGUxZjQzYw==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.48.120.130 Simonsberg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.orellfuessli.ch/
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 31 Mar 2024 04:36:23 GMT
Server: Apache/2.4
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=3, max=70
Content-Length: 0
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
BLOB 200
OK fa2237fc-96e9-4865-89db-7e3947e1c213
https://www.orellfuessli.ch/ 248 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.orellfuessli.ch/fa2237fc-96e9-4865-89db-7e3947e1c213
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b4f5e94966bb6125955f0c870e951870831e57bec1fca7e11447e7f01184ade

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 254233
Content-Type: image/jpeg

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 174ms
174ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 04:36:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1DC9AA154CCA4214A8BB1E5117734593 Ref B: DUS30EDGE0315 Ref C: 2024-03-31T04:36:23Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.orellfuessli.ch
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYU7WpUeyziAV19uNSuUQ==

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 19ms
18ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
dataType: json
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:28 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 18ms
18ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Sun, 31 Mar 2024 04:36:28 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
138 B 18ms
18ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
dataType: json
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:32 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 18ms
18ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Sun, 31 Mar 2024 04:36:32 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
139 B 19ms
19ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
dataType: json
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:37 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 20ms
20ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Sun, 31 Mar 2024 04:36:37 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
139 B 20ms
19ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
dataType: json
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:43 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 19ms
18ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Sun, 31 Mar 2024 04:36:43 GMT
server: Chat

POST
H2 200 GetBadgeStatus Show response
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ 80 B
139 B 18ms
18ms XHR
application/json 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Requested by: Host: chat.orellfuessli.ch
URL: https://chat.orellfuessli.ch/Chat/Controller.js?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E&language=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash: 72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
dataType: json
accept-language: de-CH,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://www.orellfuessli.ch/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.orellfuessli.ch
date: Sun, 31 Mar 2024 04:36:48 GMT
cache-control: private, max-age=0
access-control-allow-credentials: true
server: Chat
content-length: 80
content-type: application/json; charset=utf-8

OPTIONS
H2 200 GetBadgeStatus
chat.orellfuessli.ch/Chat/ControllerWS.asmx/ Frame 0
0 18ms
18ms Preflight 80.89.210.220
IWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.orellfuessli.ch/Chat/ControllerWS.asmx/GetBadgeStatus?token=ABD97D0C-BB76-4F37-A3FB-5763B1FD9939&service=F52569C0-654B-4955-8C86-1A1F14B2B23E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.89.210.220 Zurich, Switzerland, ASN8758 (IWAY, CH),
Reverse DNS
Software: Chat /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,datatype
Access-Control-Request-Method: POST
Origin: https://www.orellfuessli.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Pragma, Cache-Control, Authorization, dataType
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.orellfuessli.ch
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
date: Sun, 31 Mar 2024 04:36:48 GMT
server: Chat

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orellfuessli.ch/	1970-01-21 05:06:59	Name: gcor Value: "SIDZgjoRZ00@fkFGhu@augS2QAAAME"
www.orellfuessli.ch/	1970-01-21 04:26:40	Name: ab_bucket Value: 6
www.orellfuessli.ch/	1970-01-21 04:26:40	Name: ab_container Value: 5
.thalia.media/	1970-01-20 19:31:01	Name: __cf_bm Value: ducQS17ZENz7jMsNLbgVOob7V8bD.zMV9uwG.vE_nso-1711859782-1.0.1.1-ES23fKHfoue6H0.r6nQwae5e87tFV0XihJoBFAIOGJ8l9TCeAPgx13WnEMajipZ_td1mkfJlgSXokYGxBxnmCQ
www.orellfuessli.ch/	1970-01-20 19:31:10	Name: club Value: KEIN_MITGLIED
www.orellfuessli.ch/	1970-01-20 19:31:03	Name: hatAbo Value: false
www.orellfuessli.ch/	1970-01-20 19:31:03	Name: anzahlGuthaben Value: 0
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: WARENKORB-XSRF-TOKEN Value: 21997749-30b6-4afa-97b8-2dd7681bdea5
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: MERKZETTEL-XSRF-TOKEN Value: 439b2b86-1e05-4d79-8096-29256e941407
www.orellfuessli.ch/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: e4318e0a-4428-44d0-8605-f30a9596a455
.www.orellfuessli.ch/	1970-01-21 04:16:35	Name: _ga_hitcounter Value: 1
.www.orellfuessli.ch/	1970-01-21 04:16:35	Name: _ga Value: GA1.1.2694204447.1711859782759
.www.orellfuessli.ch/	1970-01-21 04:16:35	Name: _ga_BE2W3ZY94G Value: GS1.1.1711859782759.1.0.1711859782759.0
.orellfuessli.ch/	1970-01-20 21:40:35	Name: _gcl_au Value: 1.1.954261961.1711859783
.orellfuessli.ch/	1969-12-31 23:59:59	Name: dmChatSessionId Value: htwq3xvqdpxsawqprvmaknn5
.orellfuessli.ch/	1970-01-20 19:32:26	Name: _uetsid Value: 3a26e720ef1811ee89289b14dc903944
.orellfuessli.ch/	1970-01-21 04:52:35	Name: _uetvid Value: 3a270340ef1811eebccc5b20dec1f9c4
.tiktok.com/	1970-01-21 04:52:35	Name: _ttp Value: 2eRG454SQnaoTdQSCs0WaX90PYk
.orellfuessli.ch/	1970-01-20 20:14:11	Name: lantern Value: 8c7efc8e-d8a2-4e76-8e39-4f17f461227c
.orellfuessli.ch/	1970-01-20 21:40:35	Name: _fbp Value: fb.1.1711859783006.933946333
.bing.com/	1970-01-21 04:52:35	Name: MUID Value: 147FEB729C59692A334DFF219DD268EF
.pinterest.com/	1970-01-21 04:16:35	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 05:06:59	Name: IDE Value: AHWqTUkgdMaomDYd5XrxJ0r3pac2nVAhPK0u3AfO5cZyNQPxT6KyYrYRjMsACFvJEbU
.doubleclick.net/	1970-01-20 23:50:11	Name: receive-cookie-deprecation Value: 1
.orellfuessli.ch/	1970-01-21 04:16:35	Name: _pin_unauth Value: dWlkPU16RTNPR0V3WW1RdFpXUmhPUzAwTUdReUxXRXdNakF0TWpKalpqVTRaamRoTldKaQ
.orellfuessli.ch/	1970-01-21 04:52:35	Name: _tt_enable_cookie Value: 1
.orellfuessli.ch/	1970-01-21 04:52:35	Name: _ttp Value: q8BC3B0q3d6259KvWrpDqTg-0R_
.linkedin.com/	1970-01-20 21:40:35	Name: li_sugr Value: 5932815c-0d15-4601-94b8-552338bc6507
.linkedin.com/	1970-01-21 04:16:35	Name: bcookie Value: "v=2&ac8c619b-08ad-40e8-8b00-badaf960c57b"
.linkedin.com/	1970-01-20 19:32:26	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2783:u=1:x=1:i=1711859783:t=1711946183:v=2:sig=AQEUUiN8EU9PhcVkUQfgpXx_wbVuKsgf"
www.orellfuessli.ch/	1970-01-21 04:16:35	Name: usm_um_rt Value: 3713641775
.linkedin.com/	1970-01-20 20:14:11	Name: UserMatchHistory Value: AQKpYTb3iTk5iQAAAY6Sy1YzX6wXDjoFZpNfXkLoSkZxhbCkFlnQoCHfhJV-KH0AWSaLRRMG-3Ys3A
.linkedin.com/	1970-01-20 20:14:11	Name: AnalyticsSyncHistory Value: AQJfar1qhzoV9wAAAY6Sy1YzBgOewRBiZgpHQv_CqG4UmomCYpTVv18NpEcTSjrmq1CiYAa43BBvHg9EnjU-VQ
.usemax.de/	1970-01-21 04:16:35	Name: um_rt Value: 3713641775
.usemax.de/	1970-01-21 04:16:35	Name: ident_v Value: 1
.adform.net/	1970-01-20 20:14:11	Name: C Value: 1
.adform.net/	1970-01-20 20:57:23	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 20:57:23	Name: uid Value: 7224910535451531970
.www.linkedin.com/	1970-01-21 04:16:35	Name: bscookie Value: "v=1&20240331043623d82683a2-22f8-4824-85d4-8a992927bc5bAQFeqJWJk0U-ICAfMxCeC3KIRkdGDXYX"
.linkedin.com/	1970-01-20 23:50:11	Name: li_gc Value: MTswOzE3MTE4NTk3ODM7MjswMjFWSWdO+42H1w9TwlQSOZRdbksLGJjeJn4PsTI9AYJ4tg==
.doubleclick.net/	1970-01-20 20:14:11	Name: ar_debug Value: 1
.orellfuessli.ch/	1970-01-20 19:31:01	Name: __cf_bm Value: 0V7v8p14HXH9sIJoFBseqKIXLzAsJM7HE6QwBKbAt9E-1711859783-1.0.1.1-xdLkbRcaoNAFAv8gBHQQyNZv7h3m2YC1_0Cqo6Z6.E9GUByuj4Lc0LJD1yVNvUmixPg1kDLwgQ9bFKpUm_1yuw

125 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 28) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 648) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 672) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 685) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 685) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 685) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 774) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub(Line 1977) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1990369294524981?v=2.9.151&r=stable&domain=www.orellfuessli.ch&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.orellfuessli.ch/bonusprogramme/uebersicht/kinderclub Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9327407.fls.doubleclick.net
analytics.pangle-ads.com
analytics.tiktok.com
assets.thalia.media
bat.bing.com
challenges.cloudflare.com
chat.orellfuessli.ch
connect.facebook.net
ct.pinterest.com
es30.mycliplister.com
finki.ch
ga.thalia.media
googleads.g.doubleclick.net
images.thalia.media
lantern.roeye.com
lantern.roeyecdn.com
mycliplister.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.pinimg.com
snap.licdn.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google.ch
www.google.com
www.googletagmanager.com
www.linkedin.com
www.orellfuessli.ch
www.usemaxserver.de
104.120.210.137
104.126.37.178
104.16.5.2
104.16.90.18
104.17.3.184
13.107.42.14
142.250.184.198
142.250.185.162
142.250.185.196
176.10.114.133
2001:4860:4802:34::36
212.48.120.130
23.206.208.183
2600:9000:20eb:c200:1f:af3f:8a40:93a1
2600:9000:214f:8600:f:8ce2:fb80:93a1
2606:4700::6812:17de
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:81d::2008
2a00:1450:400c:c00::9b
2a01:4f8:231:46c9::2
2a02:26f0:3500:16::215:1484
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8e::84
34.249.78.6
80.89.210.220
94.130.223.213
00ae044b3ec3f36c75cc03143d2cafdb2dfa5ba5f93ce0092e28eb6346db2147
00cd7ef1b2c2288020489e6cf158c5c923e8b1b14b0df955c2865a1942b3cb93
017507d60a6fe84bec3520bf94e6182d4c80120c489b6cb2185ee1fd5236c117
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
072158d44e545d93eaa72dfb4440e09aab2bca203d66c1be67baf7291d232c8c
096298d370ff6854b7f4b3d5c3fe6c8d0c88a523c0f9e0181e2b005f89db5084
0b78c93f967d7d7cdac04c8540749f47c15b902e8ed93f683b04192e4511bf82
0f69cc7aaa401b5e88b4e6cd7b595307bf32f3b971f9c054e56e58029ddff779
110b2b2e359aca1e1b080f935fc4c95dab0d61873b67be1b3c9935c980bba5c0
13f2ae2696ab61313c0b1646f79f17acfe9c80c1a0379f3c41be1922edb27b06
14f71ffa21b1bbb4d3b3696e15191afa75f8ffe16895d5a9ad79651c8aa85863
15f018f66d62ac7ab96d85dd4e253a0338a6143a9b68fddfbe881d245c2e7282
170545c89c8d0895ac96182d133fdd3a262c5f3776ddc8444678c6a8166ee2ec
17134b8027532c3b08cefde6c202c8d1405aee2edede1da9c1e661bfade905c6
17d61906404ab9b17d0b80a21eb9e90071f10096d1eca5d5e797d41e6c824a48
197ee6f261c3f2b9b963e42f42eda148786afe60dd99328d165b9a545ad64812
1cf922dfd5ce8d0846e5347f1287b14e356a15b9cd535d804f16f22326a55fc9
20774f3b43c77909592716bdbe8cd9e52660d7e06ec8282bbfc22fbb9f137799
20a2a0d42c7d26076bc1e2dec3d440d2600540757bf6d3ec186e73da83c38294
227d717a844fe9859ee8cec565c8a5bc23ff34d582d80e11c1aa897928b6bea3
22bcfcb4f9f8a275e009ea9ca1c9bcb4cd8636a35539f6a20f4465522d8c74fd
24e224458866b7a8945f6757a3bfcdea170933c63b9be89e49d55037db4541b6
25fd20923c13ee0a6142d7c392e7cc1cfac15821033738f615b63bc465a21b5a
273719d6c07b987e9906b9bf60ea9502301b05f5272c6419ec81c1b729768966
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
28293a3d90ecf78abb79a7f14ffffc380ccdece92b136a0948a2896c8a16adfe
2950d2260bcd95444f687efd4368d98ec9c359d5a6a2416e81730d4ba0c966ed
29b92e0ae90202ed99ba28875caa8d7bf7359434b76c0e53c52f7bb19186b0c3
2a80023096c5c4ef05584d8bcef41cef0b4b6c4ad0a9f90817872eb288360cc7
2ba54e2810a7a9fbbb9b186b5435e334b0ff88dad85db1c1fc73c09be764d40c
2cbf45aaa253b03ac76a20a1ef45c100799ce5d6a011db5e97c960c44f71d7a1
312dc456b9380d06788ab121df550b43a1f239fe896b29741275c59181c2750f
328795e6658d61dff37f8f99257d4fd3d0cdd91f839ed85dc97840044ac4eb6d
3430ada06e93710c0d8c33de52206b350cca35415ac20c03a3346e07872d0b31
352a6f3693673e51f1e53c561b455454a5d9ff3a0ff3caec2bf69ce14d42ae53
3653a7268b62cce306c88d5fb523719c5bacbe068728f9256ebd97184d864eb7
372fe35b8719da99e5698b606693fdf643640fd3de6a8fb2667220c002e7fd0e
3ad688c5ce80ca90b61e8af537bf2d220072ad10b953644f44d97f2fcea7a392
3b4f5e94966bb6125955f0c870e951870831e57bec1fca7e11447e7f01184ade
3b716dff6ab71cfa1f58d6c8ce87e24aca839760335acb08f4a97289aafc3941
3d4732d36c67c702da4037ec0d02df6975ce7b6298aca74d2a69683a32c7cdab
3d925317e6ef6116f1facc3a28598b10bd5a89da0491982a8f293adc551ef4a7
41dd42c60f23e4d38c1f1e048c5742691cf6fa1c278838d95555be545cc7005f
4689f7f2e76d95358b65a9521511d5460634a206e1382663d236c26c98fb9395
49feee554240f639c7c41be1729c336be4bbaf05d18c4fa9d369e0c563e6c2dc
4a6d142e2f7adaa543a9b7875d87338191eb8d202886ee0be44524b9be8945f6
4b668228dcbfa360735dafc49caddd3a054a4fdd01dce9ea4b7bf0a379cbaa45
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
4ea5ca6545d808e0c23b8a7d08df6ece065d2e88758b5b8984a3153297345cce
4f6367d85c99d7856f2a114060b51ad928c44c81a778c8e6a09997608c5ad866
50ac4f7a5286fbd013b76df2a03b56845a8bac1688085bbc2f59d5ab19090b7b
51ef7cc53fc80a27305c384d97d37a188717b1604b56eaff53201c758b994efa
52900a78c2cada7f3bf92acdd03a4f71de5cbb2ed0473c959705075036d2439f
54006cd4fa18a2131ae3f340356fc5bc88918fc703fdf3c8b489cd7d4d536829
558b21cdbac5b1fd99f24cd1952711f0e140f6cd880ed0db010dd272f8dc2641
56127e85c1038ad70c134feadcc61572b5fbafecf6210463fec360d86655338f
56aeec6378c53aa91f07340ff7cc2e92965a94f6842f62161970dd92215d884c
57559c54129b88bc4a17cfb96c730b15320fc032a505e095797d32c934ce5b93
581247fea5d04675f181ef519bc7904518377399edf3370bbd486c3e4fd98260
5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a
5e73f8fe40a4a7ef2cb69bc908dfa03a9f26d2a24cd4815e8c5d3f6f40fcada3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
611072c233d29d326f0e0e7678d29ad1d42c1a994454a7b80a11183ba5102254
62dbf419ddb4acfe3604057a5509cbae98f13c82a361c4c4e6d13c6ae68780dd
66c1453cf23694574d1d18ba036231cb74758c66856650c347560c326cdd5d9b
6c3f6cc19a53a259391e281b4265f28c92c9291f9f8e3eda0323c07d07213d93
6d7383ba3638c475b400bbbb8c70f3ad520cc2d177ec2bdf88555fdab5eeab45
6e9c7a84d5d586c9945e1ca3b379a766c93cf191f121c6bb8c3f319fd2f7bac5
6ed263ed304e051efb5f3f5e1d92d9f9c0b67791b6b98ee4cef31c44524d346a
6f352c69388d8776806a28c8eb875b82519305001e604dc94d1eac5e9fa71ebe
721dbe613cba5aaa9ab39799acd16f1beb9614d522015828ab533fcd3b450d4c
72b1fe0587222d84db7048f4d13817d33a5432c9801c88a4740a6b09217faeac
72dcc293744c421a39fddaa5adde41eacecbaa4fa93ff1b8ba0baeaf8f02c7e2
73d82f27960d149375a168731867e287949180473a932a463ef10378fa8a356b
76ccbc31f1bac6cc28d1c4a48c3e1025e2cef5899303f5405817aebff48e742f
78ca7d41db73658983ffa90ef29e7e119a304fc14dc98f8a19667c2fc0507e09
799b20ecd62ca7607e8b3188f9067a6db6ee4703ac66cdf668d9af0ad0de58ee
7c56a10a3cf1bab1fbee8905b21b6efa1805b756c0378595566cb961479b0e23
7c7ffbae66efe0ea23398ca3e49f06e2cc5f87238a306e1502b7cbb7c073dbba
7c969d28c1b536b1b989ca6233b0721ac58f97f2d6f9efd64afe8c803cd5d1f1
7d3263c5c71bbd58de05ede382f98866a1bd2ae3490952f0489f91fefbf556b5
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
874747d524c2f35155a46db383236e8d9f56a98126051fe4355782286526ae45
89537e777efa2b1a26fee74b40f73f53ec881c1e0c74c387e2ce09a0c3e285d8
89e8fbe1de8235d37c94b2cc58b34ca13ce7bd814ff8e883390a39ef8cefcbaa
89f7ccb47a0cb56622048dfcd7cad913595b76eac517307515eb18b10b752954
8aaee7f0d978fd3b0f526c3455400ad6d7eb26fd269a7330a1b00aea67536e35
8aef3286cef56e8d99cc6eb7c31aadf6f64a3d72a488f635155cac1931d36c53
8bf3b82857bf409edd43b6a8a1bfbaa3231eb4b907ec23625b72a2195feb674b
8c5ba4f756a0e37975691aa333647542fd86b0b5451f4293d25b8802e4bae859
8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91
91ae460c282c89877c4699d3b1d9d0c8d2984f51764e2263ec9a217c7a1af8e7
923a59a977767105bb8898be649cde0ef6fc38fb2fc5c625b542e32a8f392c42
939df079b2c41a9e69370f1b3e98660e7b84072b36544acd32478499d78cafae
946f422273409c3d264097c31e7b4cd2b27f2ead64ba86b9ee5f030316a092df
96d7403d0e8af93961a03ff7d398933205a76199afc26ba980066b0e4801c72e
9861f953a05fb5f60be03b86c05f6a657fe6f7495b330d0f5433210b046e0708
995f84a41f725c516cb87975b8de1b05c10a316bbda2887ee5e6d8ccb799de45
9ad8de3e4a335ca2feb50b9dc7b8029fef89f084097a59306d4cd593747c9df8
9dc5ab349127b2e261ba74074d841187769eb86f69ad60572e3f9e4877181e92
a053fe3f5541751d90ecf67cf316a7ab0a40a255cbc0e921325a4b3badf50f60
a12ba56d6a99cddcfe86db31ec372ca319ea2b1964c03cd0d97a2440afa8df0c
a1b13642881704e22f0efe3b9f6052c1bc3baf8780ee07aed84a2ea7149cb94e
a354624dca9abdfc95710800d950ece30b4a66f43363b2ee846d50d22d43920d
a4e3d6caee8202fbd92de55ee0d1a9952165e85d6f3bc446b44522eba0af971e
a5ee7571106f9eb81a06e17031bfc240da8fc1ca4ff253146daebd05226b9882
a607eb8bc5afc4fc6deb45e61a35f095c77fa1653080e7b920cf3026f0ef687b
aa2a7a85ef1ef5fb19548cd1ef1d49b9be19a39a65d68decd30346443473430d
aa88cd0de4712a70ebda6044d31905ddec427255fa58ceeb53785e5700785290
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16217342bf945260ef457e550015621ce812a152b98741083a95bbd22abe6b8
b16fbc0805e269461252d6aa054fca96cdfb61c5a9b4edcfa7a9a7387a3e6211
b37c94393877cf23d26057bee07081be5f8cd331affab63eb5b93f2bdd94d8cc
b69a90fafbd8d9dfc1ef62719d3508b3ed2d645643266e8a5bde1a7197109ba7
b927b95aa61814389841d31ca9eafa0e3f1c8fd6d7184005551dc7d5ad1c079e
ba74bb5389bd06cf0ba8b893de9f885eabc602edc99720da90314a6116fd64da
bc297b072e626c720b67bbbfb6ee3d59fe10cdd954260e534c1b87dbc0bf5b8d
bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb
bef9012ae967969da4cb43d4899d23ddb84a2eba79392a91836feff02dbe689e
bf23c48bd6233118b9daf7d369d1ea218076f0e930eeb75405581b22248e3fe0
c0f803dd591fb4e35d55eaf557347593f7169e362a79e80f3cc155bf960415a0
c29c7a027de269cd511d5a2c5c8cc0ac98473b2b8dc0bdadf95e5f3770415362
c2ba886faae44035ccf1a94ebf94ed6994841826c94ca15ba8f7f8e7269d2d77
c770c4d465e153f8c9cfa69f9c548a9d67d0212c0e6095326f499a25b6da0cab
ca830f3388ed000d8d9c2456894a716b67558a45ca67590aaec5e304a43d0377
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cbdb897a4ff7ebf898594e8056cab0a3d75ee9025c7718764831277023e6dba7
cfe66844981bc11610d8cf60013586056e0183cf4f3359d8c5b0f889b03410af
d11d411cb0c4fda19efcbd59c27337c603c694cda02a3a884c965ca85f28002b
d1e06a0f817d8fa4be7f2dd108b068000bee54a5f97f87825cc4c7debe7867ae
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97
d4e870296f4af285313d56e855cbe52c52adf59094bb937c04ad087184cd8684
d5e292809c2b9568134100abd26e945e5fa68e8c5e8fb2bb899aacd191b45542
d765337f0bd0aa25f29dcec8e9e750d56ab339bb0ac112da6ea96bf7bc54e816
d9024ef407cc8b01e7e3df75d28b1e7c61ef8a0cd186b3dcb2e5b10557196e84
d9645ebb629dc7b0473b2dbc5815bfcc4460c9ca76a92ac52bff4681007f2fa0
d9aff8fcbf9e3e27085f01a8e7943e17703de8de0d5943245eaa1eb0f375e4ef
dc654571f28fd25e4d2d4c12457dc015e203ad67d7bd6bc0c57ccdb5871b6908
dd67e7b23d0fa209538c2c3f459f8391da49b93084827573a12d52e31924be9c
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
dddbfdba0ad735ff33337c689077dd72316cf997cedb60f2cb472235323ab854
df1044c62b4a8ef8a86a8bae284018b32ae49701be4587e34ad0bb8cd5234d04
e05496608e58c334abae70368801cfb1f07d3cbe4713bc8a8eef8fd74d0de5a8
e201db105f746b344722f7df9ee1efe6d6e2341bececa0a3ca64ed2cd29c362b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7393cbced8bfcacf337e607826a2714a4d78e08a41f13e7fb7dc4d18a0db86e
e80f3437104722d25b2a6f77a6391902738f5f491ad5c23730c131a69e25b538
e975030f33dc42e1fd4ca8a49cc5eb7330a1f49ac5374ceb840b7448de501af4
ebf9bd421e44685fe7af1cb9ae694c9ff2d717404e48a8e695884bcaf9f50e3e
ec2214189306ff7d35d45e5f7031ec11611ab48ed0c5704a2e3712db96c5b316
ecc657f1386078cbd2ea41bec09562c0f270d3e9dcf2cb074116bd9c050f86b2
ed6f4339c6d36961c0fab4d627e4f10b922e9253a6d832de4751f9ad07c03309
ee18f1aa99e891d96d37fb9123542ea6e40aa6d3daa0b27fa59b80cc0b29b471
eefb7435c521f71a773ad466654a0d91d448491cf67d9fd65fcb2d0d8d55f125
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f200274cb4b7840c7de1494582a797a0f85bcda19e6b25062e2e626882885
f56f1d9ae4b67b544517195747ab20865d7dc5e28aaafc80b165ded2889aeddf
f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1
f68de89ef36cf39dd6f8896cd1e4d0269f5eefcfc31e5bd8817a3dbbd508d84d
f8d56b02386e690dfe02496e01198ed62608a7a0cb72a0cb11d6ac9d095f0b1a
f9d5db2691e12953bf3dbcb07ce7d8b9a053784bf699b282a3190d6655f151e8
fa05a2b89a05d8d53be7f6240feb63ac484900d03bcd46f48539f6cc7e02d793
fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019
fa7f127c5e334ff314f189d9e146f560d7148d8ba984bd9b23086fba8022e07f
fc36bbad1b334ed6d3a4661937c16df39ddb65c279c0c3f486363fecb4c174bb
fd8e6e31935ffd9efb0a6d2131503cdf67b0d333b56b695cf64cc487ab187c6f
fe51bd9771317274642c174e0d159b76c57b88adc5b36cefb3060444930dfb2a

www.orellfuessli.ch Open in urlscan Pro 104.16.90.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

96 %HTTPS

48 %IPv6

23 Domains

31 Subdomains

29 IPs

6 Countries

5853 kBTransfer

9316 kBSize

42 Cookies

11 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.orellfuessli.ch Open in urlscan Pro
104.16.90.18 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

96 %
HTTPS

48 %
IPv6

23
Domains

31
Subdomains

29
IPs

6
Countries

5853 kB
Transfer

9316 kB
Size

42
Cookies

223 HTTP transactions
5 data transactions