www.naturkosmetik-hanstein.de Open in urlscan Pro
2001:8d8:100f:f000::200  Public Scan

URL: https://www.naturkosmetik-hanstein.de/
Submission: On November 29 via api from US — Scanned from DE

Summary

This website contacted 22 IPs in 2 countries across 9 domains to perform 72 HTTP transactions. The main IP is 2001:8d8:100f:f000::200, located in Germany and belongs to IONOS-AS IONOS SE, DE. The main domain is www.naturkosmetik-hanstein.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on August 22nd 2024. Valid for: a year.
This is the only time www.naturkosmetik-hanstein.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2001:8d8:100f... 8560 (IONOS-AS ...)
1 195.20.251.235 8560 (IONOS-AS ...)
6 18.158.228.169 16509 (AMAZON-02)
1 195.20.250.184 8560 (IONOS-AS ...)
3 13.33.216.54 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 18.245.62.188 16509 (AMAZON-02)
1 2600:9000:272... 16509 (AMAZON-02)
4 52.216.106.252 16509 (AMAZON-02)
1 2600:1f18:243... 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 18.245.62.118 16509 (AMAZON-02)
15 151.101.65.21 54113 (FASTLY)
2 157.240.253.1 32934 (FACEBOOK)
1 2600:9000:211... 16509 (AMAZON-02)
2 18.66.107.38 16509 (AMAZON-02)
1 151.101.1.21 54113 (FASTLY)
2 157.240.253.35 32934 (FACEBOOK)
4 2600:9000:223... 16509 (AMAZON-02)
4 151.101.67.1 54113 (FASTLY)
72 22
Domain Requested by
19 www.naturkosmetik-hanstein.de www.naturkosmetik-hanstein.de
16 www.paypal.com www.paypal.com
6 app.store.mywebsite-now.com www.naturkosmetik-hanstein.de
app.store.mywebsite-now.com
4 t.paypal.com www.naturkosmetik-hanstein.de
4 d1howb1wwyap5o.cloudfront.net ecwid-addons.s3.amazonaws.com
4 ecwid-addons.s3.amazonaws.com app.store.mywebsite-now.com
text
ecwid-addons.s3.amazonaws.com
3 d3cy3u1txmkqs3.cloudfront.net app.store.mywebsite-now.com
2 www.facebook.com www.naturkosmetik-hanstein.de
2 don16obqbay2c.cloudfront.net d1oxsl77a1kjht.cloudfront.net
2 connect.facebook.net connect.facebook.net
1 djqizrxa6f10j.cloudfront.net ecwid-addons.s3.amazonaws.com
1 d1dkdnyvras0l5.cloudfront.net www.naturkosmetik-hanstein.de
1 d1oxsl77a1kjht.cloudfront.net app.store.mywebsite-now.com
1 d20ubqycd8ynev.cloudfront.net app.store.mywebsite-now.com
1 analytics.sitewit.com app.store.mywebsite-now.com
1 d11s7fcxy18ubx.cloudfront.net app.store.mywebsite-now.com
1 d1tqsoh7s4xjz9.cloudfront.net app.store.mywebsite-now.com
1 d3dq8sxcny4hg.cloudfront.net app.store.mywebsite-now.com
1 t.webjavaskript.net www.naturkosmetik-hanstein.de
1 tif.webjavaskript.net www.naturkosmetik-hanstein.de
72 20

This site contains links to these domains. Also see Links.

Domain
itrk.legal
www.facebook.com
www.instagram.com
www.ecwid.com
policies.google.com
safety.google
Subject Issuer Validity Valid
*.naturkosmetik-hanstein.de
Encryption Everywhere DV TLS CA - G2
2024-08-22 -
2025-09-06
a year crt.sh
*.webjavaskript.net
GeoTrust TLS RSA CA G1
2024-03-13 -
2025-04-03
a year crt.sh
*.store.mywebsite-now.com
Amazon RSA 2048 M03
2024-01-05 -
2025-02-03
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-24 -
2025-08-24
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-02-08 -
2025-02-08
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-07 -
2024-12-06
3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-06-21 -
2025-06-20
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.naturkosmetik-hanstein.de/
Frame ID: 2286863EB9650E365974A628993158A2
Requests: 67 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-52120-gbdf620f309584e/ru.cdev.xnext.frontend.LegacyFrontend/514DB46D628129CBB912FE0B750CB44D.cache.js
Frame ID: 49634E18806E7A54566B902C3B398538
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_wennlvpbbvgsiwnbzrjxjbzjdxeorb&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jdXJyZW5jeT1FVVImbWVyY2hhbnQtaWQ9OUVDWU1BTkxTS0RWVSZjbGllbnQtaWQ9QVFlZ1p6aktzWnhOQ28zMnFldWF3bXJZU1dKTEpXR1NHMzZJMjc4Rk9kTEtYdnFIZkZCai1Cb3dBRFN0dUNHLXo3T0psWDAxV1ROVnhjMHcmY29tcG9uZW50cz1tZXNzYWdlcyZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXIsY2FyZCx2ZW5tbyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3dlbm5sdnBiYnZnc2l3bmJ6cmp4amJ6amR4ZW9yYiJ9fQ&env=production&scriptUID=uid_wennlvpbbvgsiwnbzrjxjbzjdxeorb&version=1.65.2&integrationType=SDK
Frame ID: 0B7EA9652DCF155CB89F34B6F3FDA0EF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Startseite - Naturkosmetik Hanstein

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

100 %
HTTPS

38 %
IPv6

9
Domains

20
Subdomains

22
IPs

2
Countries

3516 kB
Transfer

9725 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.naturkosmetik-hanstein.de/
161 KB
29 KB
Document
General
Full URL
https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
95af46f7dacd747773579744dd7cac2bf59e67762932a82b1bfd983bc18cea31
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 29 Nov 2024 11:50:20 GMT
etag
W/"3e53135cd5ea5521f6e51c52f95f498a"
last-modified
Wed, 27 Nov 2024 10:54:03 GMT
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding
via
1.1 itproxy.1and1.org (squid/4.15)
x-cache
MISS from itproxy.1and1.org
x-cache-lookup
MISS from itproxy.1and1.org:3128
x-rgw-object-type
Normal
x-server
itproxy-live-de-rhr-bap01
style.737c9c3d9a5624b2.css
www.naturkosmetik-hanstein.de/-_-/common/styles/
152 KB
24 KB
Stylesheet
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/styles/style.737c9c3d9a5624b2.css
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
9db2864b3c9d056607e9dd41af723573bcc4b01ff20e7324e1d7dcb9a11922a0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"6749823e-26189"
pragma
public
expires
Sat, 29 Nov 2025 11:50:20 GMT
date
Fri, 29 Nov 2024 11:50:20 GMT
content-type
text/css
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
vary
Accept-Encoding
144ae3ef31551eb7f6ffe2e67c020f6340ad3d95
www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/89b700a3-069e-483b-9dd2-7e534c16559d/640-640/
163 KB
164 KB
Image
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/89b700a3-069e-483b-9dd2-7e534c16559d/640-640/144ae3ef31551eb7f6ffe2e67c020f6340ad3d95
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
1d6c0abe57836b7dc7d298fc7948550562eb620ef125ee245c21ce0d8fa41949
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"a329c5febb60428ce94b9efc7402e922"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
166888
date
Fri, 29 Nov 2024 11:50:20 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Wed, 27 Nov 2024 10:54:04 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap04
x-cache-lookup
MISS from itproxy.1and1.org:3128
58ce581d6fa6057b31bb2f06c76d02a9ef283fae
www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/assets/5c1ad6db-a669-4d8f-9bbb-ca3ea33aadbc/480-403/
22 KB
22 KB
Image
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/assets/5c1ad6db-a669-4d8f-9bbb-ca3ea33aadbc/480-403/58ce581d6fa6057b31bb2f06c76d02a9ef283fae
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
0e671676d1a7614f5e358d68731ad6c20911a016dd3b8a8c6600faffe846c079
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"fc1ce66ff74e0a28848c11d4e9a52a46"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
22305
date
Fri, 29 Nov 2024 11:50:20 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
last-modified
Wed, 27 Nov 2024 10:54:04 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap04
x-cache-lookup
MISS from itproxy.1and1.org:3128
6c0ea6cf7c449fd342f5fe915fb4da495510c192
www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/7c782035-2fc9-4847-80cd-5478e74344ab/480-468/
23 KB
24 KB
Image
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/7c782035-2fc9-4847-80cd-5478e74344ab/480-468/6c0ea6cf7c449fd342f5fe915fb4da495510c192
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
eb9a08c7b3dd1e61d9ab114b8440ffe0507a9cac70dde4af29efe376615e0119
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"c20105206a0424fcb099a2e063292163"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
24061
date
Fri, 29 Nov 2024 11:50:20 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
last-modified
Wed, 27 Nov 2024 10:54:04 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap03
x-cache-lookup
MISS from itproxy.1and1.org:3128
5c21c953971e5a8c07bf60547e39f5e69852a10a
www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/bede8756-050f-4545-a368-a94daab072dc/960-960/
104 KB
105 KB
Image
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/bede8756-050f-4545-a368-a94daab072dc/960-960/5c21c953971e5a8c07bf60547e39f5e69852a10a
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
6778ec41fb55c1222dad8962eedf98082f2f1f76035e80765574e56ad60410f9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"5b2a3386565f327903869995c73512b8"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
106762
date
Fri, 29 Nov 2024 11:50:20 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
last-modified
Wed, 27 Nov 2024 10:54:04 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap04
x-cache-lookup
MISS from itproxy.1and1.org:3128
22728.js
tif.webjavaskript.net/js/
4 KB
2 KB
Script
General
Full URL
https://tif.webjavaskript.net/js/22728.js
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.20.251.235 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
tif-bap.webjavaskript.net
Software
Apache /
Resource Hash
25dad91e0f17a0d9627c7bcbc0e49a9785115105601d3f55d66f6d454dadd031
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Cache-Control
max-age=86400, public
Content-Encoding
gzip
ETag
"f95-5d7fc17686000-gzip"
Connection
close
Accept-Ranges
bytes
Content-Length
1374
Date
Fri, 29 Nov 2024 11:50:21 GMT
Last-Modified
Mon, 14 Feb 2022 15:30:08 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
consent.js
www.naturkosmetik-hanstein.de/-_-/common/services/consent/
68 KB
19 KB
Script
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/services/consent/consent.js
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
49095855a1bbacefa1366180157a8a1a3696d329292c13726312b57a641dcfed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
no-cache
content-encoding
gzip
etag
W/"6749823e-110dd"
date
Fri, 29 Nov 2024 11:50:20 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
vary
Accept-Encoding
shop.js
www.naturkosmetik-hanstein.de/-_-/common/services/shop/
31 KB
11 KB
Script
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/services/shop/shop.js
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
049d693d86b2b130d068d4b0b0d80546009dc77ac75cf9f11dcad00ae70ce30e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
no-cache
content-encoding
gzip
etag
W/"6749823e-7b45"
date
Fri, 29 Nov 2024 11:50:20 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
vary
Accept-Encoding
61eafb13f397b4d83bfa26be31edc8abc96e18fc
www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/4c26dc89-574e-478d-9ec1-55de78e4ae07/1450-1450/
506 KB
507 KB
Image
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/4c26dc89-574e-478d-9ec1-55de78e4ae07/1450-1450/61eafb13f397b4d83bfa26be31edc8abc96e18fc
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
2ca34caab1e33980a2513a707fef8a91a4e32c5fd1ea823dbd605a89505c7d7b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"a694973bd9a7ad700bf4969dabf7941d"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
517927
date
Fri, 29 Nov 2024 11:50:20 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Wed, 27 Nov 2024 10:54:05 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap02
x-cache-lookup
MISS from itproxy.1and1.org:3128
SourceSerifPro-latin_latin-ext-regular.woff
www.naturkosmetik-hanstein.de/-_-/common/fonts/
27 KB
27 KB
Font
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/fonts/SourceSerifPro-latin_latin-ext-regular.woff
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
8af92216c09dcfc0cb18d94ebeabdc395ccc871c664c54cadb8645116b770b8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.naturkosmetik-hanstein.de
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
etag
"6749823e-6c90"
pragma
public
expires
Sat, 29 Nov 2025 11:50:21 GMT
accept-ranges
bytes
content-length
27792
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
font/woff
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
c44012b6e00401caab906e53efb69302cff4778b
www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/242ded66-c055-435d-b33b-3185b1be3137/2000-1499/
393 KB
394 KB
Image
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/res/1434db2e-dc6e-4baa-82ba-255b0a56cec6/images/files/1434db2e-dc6e-4baa-82ba-255b0a56cec6/242ded66-c055-435d-b33b-3185b1be3137/2000-1499/c44012b6e00401caab906e53efb69302cff4778b
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
06bf6dfa7cf89999a8b4b2f8472d5903759efe7185ed168975c3f738de99c4f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"4fa26d9d7e15ea568835ee22a67d77a0"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
402803
date
Fri, 29 Nov 2024 11:50:20 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
last-modified
Wed, 27 Nov 2024 10:54:05 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap03
x-cache-lookup
MISS from itproxy.1and1.org:3128
SourceSerifPro-latin_latin-ext-700.woff
www.naturkosmetik-hanstein.de/-_-/common/fonts/
26 KB
27 KB
Font
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/fonts/SourceSerifPro-latin_latin-ext-700.woff
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
a09ed29ad417606f9b83d39c2a21c8dd6a6c9a6171785ae01eb2b514f8a6c598
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.naturkosmetik-hanstein.de
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
etag
"6749823e-69d0"
pragma
public
expires
Sat, 29 Nov 2025 11:50:21 GMT
accept-ranges
bytes
content-length
27088
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
font/woff
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
Sacramento-latin_latin-ext-regular.woff
www.naturkosmetik-hanstein.de/-_-/common/fonts/
32 KB
33 KB
Font
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/fonts/Sacramento-latin_latin-ext-regular.woff
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
a6c262dad0cf3e9e21af5cbb4c42308b86cb103ed4805cfff0a50bad5f63da22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.naturkosmetik-hanstein.de
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
etag
"6749823e-8160"
pragma
public
expires
Sat, 29 Nov 2025 11:50:21 GMT
accept-ranges
bytes
content-length
33120
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
font/woff
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
BalooChettan-latin_latin-ext-regular.woff
www.naturkosmetik-hanstein.de/-_-/common/fonts/
53 KB
54 KB
Font
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/fonts/BalooChettan-latin_latin-ext-regular.woff
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
c646021be5a28b01efdb2a5cdc82d004a94d7ab44eb6fe46c874ebade2b7b380
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.naturkosmetik-hanstein.de
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
etag
"6749823e-d560"
pragma
public
expires
Sat, 29 Nov 2025 11:50:21 GMT
accept-ranges
bytes
content-length
54624
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
font/woff
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
script.js
app.store.mywebsite-now.com/
68 KB
20 KB
Script
General
Full URL
https://app.store.mywebsite-now.com/script.js?78885070
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/-_-/common/services/shop/shop.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.228.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-228-169.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0834033f88c885e5e066e1372c4efe66f15652b23285d1439b08ef65cdbc5d6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

Transfer-Encoding
chunked
Access-Control-Max-Age
600
Cache-Control
private,must-revalidate,max-age:3
Content-Encoding
gzip
ETag
W/"-2081665760"
Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Fri, 29 Nov 2024 11:50:21 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding
Server
nginx
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
de-DE.html
www.naturkosmetik-hanstein.de/-_-/common/legal/shops/
2 KB
1 KB
XHR
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/legal/shops/de-DE.html
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/-_-/common/services/consent/consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
5344941615a017b6ba9dffd1501faa4ac2a7b26e292fef327f7f4dd13fbcd037
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"6749823e-854"
pragma
public
expires
Sat, 29 Nov 2025 11:50:21 GMT
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
text/html
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
vary
Accept-Encoding
de-DE.html
www.naturkosmetik-hanstein.de/-_-/common/legal/maps/
3 KB
1 KB
XHR
General
Full URL
https://www.naturkosmetik-hanstein.de/-_-/common/legal/maps/de-DE.html
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/-_-/common/services/consent/consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e493dea07353cd60a8fadc2f8084679ae97ef64b6866be189b0aba84a474d22e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"6749823e-ae2"
pragma
public
expires
Sat, 29 Nov 2025 11:50:21 GMT
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
text/html
last-modified
Fri, 29 Nov 2024 08:58:38 GMT
server
nginx
vary
Accept-Encoding
/
t.webjavaskript.net/webanalytics/
42 B
537 B
Image
General
Full URL
https://t.webjavaskript.net/webanalytics/?ta=%2F%2FLOr9s8ecZYLMOdd5JJigfPgASgbpcIEpLZ280SRuAisS2Wj2kP3c34pctRe%2B%2FWtifvxtjw5XhXlZLf9kg9ilQtm89IZC8jbVcyfNTy5hU%3D&r=&d=57626&host=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.20.250.184 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
t-bs.webjavaskript.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 20 Oct 2010 20:10:20 GMT
Content-Length
42
Keep-Alive
timeout=60
Date
Fri, 29 Nov 2024 11:50:21 GMT
Content-Type
image/gif
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
TS-UUID
830d3493-8e0f-458f-9b31-1d69120ae1e4
new-frontend.de.-53406014.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/
310 KB
88 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.de.-53406014.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ae2ee7f1ea3bb62b475b6925c65bf98a159ffbf9a117e0597dcfa18f57115bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
gzip
x-amz-version-id
_gHwpie1vfIj9C56NpBuEqnQCNK_xuKI
etag
W/"ea990bce8c7e9878bcdbb613ca4cf7db"
age
3636
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
7xFD6Dn170FHiD84BIST-1EG1SBy4C0D_8rC74mVaIsTsxiiJTP21A==
date
Fri, 29 Nov 2024 10:49:46 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Fri, 29 Nov 2024 10:45:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
ecwid-storefront.ec0e2404c0f54aadc12749abedc32539.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/
1 MB
263 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.ec0e2404c0f54aadc12749abedc32539.min.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-54.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
adcc2ae8ca6a6a520a823e382ce64b4191e897dddaf48b28e81f605fd67c2842
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
ec0e2404c0f54aadc12749abedc32539
age
688440
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
D_pN_aySTyI2Pqs3v2B9TRqhYaYTBZWfOzR9XDaX6XCC7vvpzMYPxQ==
date
Thu, 21 Nov 2024 12:36:21 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P10
states.js
d3dq8sxcny4hg.cloudfront.net/
72 KB
23 KB
Script
General
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2024-52120-gbdf620f309584e&callback=window.ecwid_states_data.loaded
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2800:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df9c4bf14fc31cf05887c4d94695481545bcdec594d33158e45eeb467aa07ca7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
age
5104
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
22964
x-amz-cf-id
pXt5pYa8OyJSA0hkyJvdCfwMKcfFM0tbPKEADy2SAbsZ3CNqtHhwIg==
date
Fri, 29 Nov 2024 10:25:17 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
FRA6-C1
data.js
app.store.mywebsite-now.com/
78 KB
12 KB
Script
General
Full URL
https://app.store.mywebsite-now.com/data.js?ownerid=78885070&lang=de&token=a4e58f6d35b1d9178c9c668d2506ceffeba9fa99&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.228.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-228-169.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
615912fa6cfaaea416ca9ef1c85b8da568e3b5cd9eed79525cf3613a9d7d334f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

Content-Length
11600
Content-Encoding
gzip
Date
Fri, 29 Nov 2024 11:50:21 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Server
nginx
Connection
keep-alive
i.min.js
d1tqsoh7s4xjz9.cloudfront.net/v2/
3 KB
2 KB
Script
General
Full URL
https://d1tqsoh7s4xjz9.cloudfront.net/v2/i.min.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-188.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
6b5cad12b0f544e985494205d2f664051f9cf6ac65056494cd594b1a9079e2d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
2de33f3a3390f0c750b5f98533b87d96
age
1568465
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
1331
x-amz-cf-id
r3-wb81zoMn9ehBOZ5WwpLwDR6cN3187VGFaOVeVua4K95gbQ8fzKg==
date
Mon, 11 Nov 2024 08:09:16 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P5
514DB46D628129CBB912FE0B750CB44D.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-52120-gbdf620f309584e/ru.cdev.xnext.frontend.LegacyFrontend/ Frame 4963
2 MB
690 KB
Script
General
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-52120-gbdf620f309584e/ru.cdev.xnext.frontend.LegacyFrontend/514DB46D628129CBB912FE0B750CB44D.cache.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fce419824804f0950b1902dfe5063fb404a04c602446c374282242d2887daa08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

content-encoding
br
x-amz-version-id
jDpDdOtR8_8jeAj6A8t4K52hhLvU90S9
etag
W/"47c669a0337a870fc9906cb32a0bb841"
age
5104
x-cache
Hit from cloudfront
x-amz-cf-id
EMFQp9EA-zKx3L51ORVL7KdsM35SMzKVjquf4wUmm7CEeQSrnvXSIg==
date
Fri, 29 Nov 2024 10:25:18 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Fri, 29 Nov 2024 10:22:00 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
47c669a0337a870fc9906cb32a0bb841
cache-control
public, max-age=31536000
via
1.1 4966f878e5166e8661305465727dd124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256
style.min.css
ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/3.8/
4 KB
5 KB
Stylesheet
General
Full URL
https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/3.8/style.min.css
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.106.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ecc42d6977de894e5f6e13bde82369477611b52c6fa8f2817aa77d614e89e63e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-amz-id-2
GpLoCt6yMzK0qm+CEOtE0ncZ+hDHYcV9NjnW/NceZWCDNbxxPd5i/CH/5buYDgM9zcaXnRxeCKc=
x-amz-replication-status
COMPLETED
ETag
"34cd9ca799861d3946f291b4cfc060da"
x-amz-version-id
soFTZuDEeCZWpD.N5FfmPefbrSBMxt6a
x-amz-request-id
EXAQNK63QNKQ41X7
Accept-Ranges
bytes
Content-Length
4559
Date
Fri, 29 Nov 2024 11:50:22 GMT
Last-Modified
Wed, 04 Sep 2024 13:53:11 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-server-side-encryption
AES256
script.min.js
ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/3.8/
16 KB
16 KB
Script
General
Full URL
https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/3.8/script.min.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.106.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0fcad5a59024dc1b124f16ee956125ae5610fcc83a87f20076a66ff34e2e946a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-amz-id-2
s1cQstR4klwUUiY78RLGU7y1drYujHWexKVWUtLP454LYDeTNiYBlneCqkXmlos2QSAtbTaTSSQ=
x-amz-replication-status
COMPLETED
ETag
"af0a1e864cce5c05020b84d34f5590a4"
x-amz-version-id
Z6WDfT5FGESfZA4AmYRGE5tzpXAgjT7y
x-amz-request-id
N45RW009RDDJ64MD
Accept-Ranges
bytes
Content-Length
16039
Date
Fri, 29 Nov 2024 11:50:23 GMT
Last-Modified
Wed, 04 Sep 2024 13:53:09 GMT
Content-Type
text/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
ecwid.plugin.js
analytics.sitewit.com/
6 KB
6 KB
Script
General
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d00:4f6f:5eff:fa45:c0f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3e0c1e0adf53ec377d8b821778bb967c63d25201e8b9c7c427c5a6e231ef5c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

cache-control
private,no-cache
x-aspnet-version
4.0.30319
content-length
5978
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
date
Fri, 29 Nov 2024 11:50:22 GMT
content-type
text/javascript; charset=utf-8
server
Microsoft-IIS/10.0
storefront-app.js
d20ubqycd8ynev.cloudfront.net/
2 KB
1 KB
Script
General
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:da00:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15724800
cache-control
max-age=60, stale-while-revalidate=120
content-encoding
gzip
etag
-155848237
age
9
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
1007
x-amz-cf-id
uAHfWpCJqGXd2wXvHh7KBApPPCcnuXPmEPSEkoZx5JTWhyVpRr-YXw==
date
Fri, 29 Nov 2024 11:50:13 GMT
content-type
text/html;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C2
new
d1oxsl77a1kjht.cloudfront.net/css/
1 MB
109 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1956590206&ownerid=78885070&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&useExactGalleryColors=false
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7600:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
94f50d2c5858c45360c23e498ea7af878a9dc3f4b911fe4907acfb9f66021de1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15724800
cache-control
no-cache
content-encoding
gzip
etag
"-1956590206"
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
GVRcNaF6h8IXKLDLp2pdBfoFQlydKFndxFv-NIu-TB-OTJWpCEHaMQ==
date
Fri, 29 Nov 2024 11:50:21 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P7
App_Logo_1.gif
d1dkdnyvras0l5.cloudfront.net/1and1/
45 KB
46 KB
Image
General
Full URL
https://d1dkdnyvras0l5.cloudfront.net/1and1/App_Logo_1.gif
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-118.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
208f6c9250d572affcc2718849784dc1c28818c4da1e878026a6afa43775ae50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
etag
"0166c22bdd96905bb7f2565faf843232"
x-amz-version-id
PAT9C_MZISv2efjcYyyHfvYfZxK1vKdk
age
26566298
via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
46438
x-amz-cf-id
nodt-1IA5EV7aJGJMUmaJU8Mp_fqHpH_i0LrKFtqIEKQ5V642SLqgw==
date
Sat, 27 Jan 2024 00:18:45 GMT
content-type
image/gif
last-modified
Thu, 09 Jul 2020 07:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
rpc
app.store.mywebsite-now.com/ Frame
0
0
Preflight
General
Full URL
https://app.store.mywebsite-now.com/rpc?ownerid=78885070&version=2024-52120-gbdf620f309584e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.228.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-228-169.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://www.naturkosmetik-hanstein.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Fri, 29 Nov 2024 11:50:22 GMT
Server
nginx
rpc
app.store.mywebsite-now.com/
12 B
238 B
XHR
General
Full URL
https://app.store.mywebsite-now.com/rpc?ownerid=78885070&version=2024-52120-gbdf620f309584e
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.228.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-228-169.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Permutation
514DB46D628129CBB912FE0B750CB44D
X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-52120-gbdf620f309584e/ru.cdev.xnext.frontend.LegacyFrontend/
Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8
X-Ecwid-Device-Measurement
WEB;DESKTOP;1600;1200;96;1600;1200

Response headers

Access-Control-Allow-Origin
*
Content-Length
12
Date
Fri, 29 Nov 2024 11:50:22 GMT
Content-Type
application/json;charset=utf-8
Content-Disposition
attachment
Server
nginx
Connection
keep-alive
js
www.paypal.com/sdk/
305 KB
83 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=false&components=buttons&enable-funding=paylater&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,venmo
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a08211b58f122c184b86215248d4d51f1d98444369f24d2f76d4201cc815930
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4Y0fXUWlIST+k1Sz64ceYxyXU5gHam0DMxvAPl8uo+gzrIsY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4Y0fXUWlIST+k1Sz64ceYxyXU5gHam0DMxvAPl8uo+gzrIsY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f303288b5b728
content-encoding
gzip
etag
W/"148d1-P1/R8uNFOcsQd/Z1CNiR+NMh0po"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f303288b5b728-fcf9246a4875a9d5-01
server-timing
"traceparent;desc="00-0000000000000000000f303288b5b728-f33679c2d999e7d3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Fri, 29 Nov 2024 11:50:23 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4Y0fXUWlIST+k1Sz64ceYxyXU5gHam0DMxvAPl8uo+gzrIsY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4Y0fXUWlIST+k1Sz64ceYxyXU5gHam0DMxvAPl8uo+gzrIsY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881023.543350,VS0,VE632
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84177
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/
305 KB
83 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons&enable-funding=paylater&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,venmo
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8284b95f9064a5dc6657c801bdf76dc01ccf8bf840d2933571926fc97485d193
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-sYQ78lUMgrudyUo8W4aholnOO2z89xWQjCvAKB8jh9JWppIl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-sYQ78lUMgrudyUo8W4aholnOO2z89xWQjCvAKB8jh9JWppIl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f30328898417d
content-encoding
gzip
etag
W/"148d5-3ipRw8HW6NKSO6LsM29+WEyhPuQ"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f30328898417d-dfcb5349c7ecf283-01
server-timing
"traceparent;desc="00-0000000000000000000f30328898417d-de885ea547752c97-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Fri, 29 Nov 2024 11:50:23 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-sYQ78lUMgrudyUo8W4aholnOO2z89xWQjCvAKB8jh9JWppIl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-sYQ78lUMgrudyUo8W4aholnOO2z89xWQjCvAKB8jh9JWppIl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881023.542979,VS0,VE687
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84181
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/
305 KB
84 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo,giropay
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f261cff33f9b727bf76fb7261bd9fc2a595b47133848bdcd11c48d82f12fc22e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PJrMYJoQz//8hkB9LCveZ6qMAKa95AXeA8s7P22hzQ6GzElu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PJrMYJoQz//8hkB9LCveZ6qMAKa95AXeA8s7P22hzQ6GzElu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f303288651090
content-encoding
gzip
etag
W/"149c7-nghD8XI/PdEFrLT4UnkruSuWsiA"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f303288651090-16e3b693721d907b-01
server-timing
"traceparent;desc="00-0000000000000000000f303288651090-b12027416e66d122-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Fri, 29 Nov 2024 11:50:23 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PJrMYJoQz//8hkB9LCveZ6qMAKa95AXeA8s7P22hzQ6GzElu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PJrMYJoQz//8hkB9LCveZ6qMAKa95AXeA8s7P22hzQ6GzElu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881023.539613,VS0,VE561
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84423
x-xss-protection
1; mode=block
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-MAeBwcIj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 11:50:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-MAeBwcIj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4482, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
SmD5iqjOy3MD1CKGBT9Qwj2tAqzO1EEBc/T2l9jhs2DjEi7VEZhD4j/+XsFCla41ZPGMn/mMapMmZu4std8EhA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
jquery-3.6.0.min.js
djqizrxa6f10j.cloudfront.net/apps/customizations/libs/jquery/
87 KB
31 KB
Script
General
Full URL
https://djqizrxa6f10j.cloudfront.net/apps/customizations/libs/jquery/jquery-3.6.0.min.js
Requested by
Host: ecwid-addons.s3.amazonaws.com
URL: https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/3.8/script.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:fc00:3:22ec:38c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
1Bh5Dfss8nbAvlVbU6rVWUP66wcF8AhE
etag
W/"8fb8fee4fcc3cc86ff6c724154c49c42"
age
41258
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
JYXQcb5b_NMbSiOtXBhKGJ8ntuxJmtg7v7ioL9a8seT1N8RnE5pqRA==
date
Fri, 29 Nov 2024 00:23:06 GMT
content-type
text/javascript
last-modified
Mon, 24 Jan 2022 07:12:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
vary
accept-encoding
lightbox.css
ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/
4 KB
5 KB
Stylesheet
General
Full URL
https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.css
Requested by
Host: text
URL: data:text/css,@import%20url%28%27https%3A//ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.css%27%29%3B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.106.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8ec65091ace4bdc36e35437bceb3cfa93dc35b774edab3aab08a3e08e7f3ab44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-replication-status
COMPLETED
ETag
"53f4af862e1f6823339149b55daf731e"
x-amz-version-id
8f9yKl9SM0JvaMqX19TmQVgTpCnUPQ9T
x-amz-request-id
N45NBM04PCW93FVE
Accept-Ranges
bytes
Content-Length
4537
Date
Fri, 29 Nov 2024 11:50:23 GMT
Last-Modified
Fri, 28 Oct 2022 11:30:38 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-id-2
fEGzp+NYYCirQ5xoHD5MpWae/Gubn/C2eYLQP1gh0X7sZzc2IJD+g/PIvq0LM73Fvd3dj8V47nA=
truncated
/
115 B
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
161c4f371ed9038d4b419c0623ffd322e76841d2986aa350cc009fcf94716501

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/css
js
www.paypal.com/sdk/
277 KB
84 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&components=messages&disable-funding=paylater,card,venmo
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
42536067c42b61f6817f7f069b3afcfdc1c018685d9fca3d2aa081cb38f3ed6d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pW76D3NygA/R0nOM3bLZSCfw35gGp6ODmW4/VixNjFqsE7ey' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pW76D3NygA/R0nOM3bLZSCfw35gGp6ODmW4/VixNjFqsE7ey' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f3032884f4965
content-encoding
gzip
etag
W/"1498e-M/SssmH8V9U0N9Fc7hwu+aFVlb0"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f3032884f4965-5c79ef7fd20540c2-01
server-timing
"traceparent;desc="00-0000000000000000000f3032884f4965-544e05ed4f0524cc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Fri, 29 Nov 2024 11:50:23 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pW76D3NygA/R0nOM3bLZSCfw35gGp6ODmW4/VixNjFqsE7ey' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pW76D3NygA/R0nOM3bLZSCfw35gGp6ODmW4/VixNjFqsE7ey' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881023.634592,VS0,VE548
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84366
x-xss-protection
1; mode=block
rpc
app.store.mywebsite-now.com/
12 B
238 B
XHR
General
Full URL
https://app.store.mywebsite-now.com/rpc?ownerid=78885070&version=2024-52120-gbdf620f309584e
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.228.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-228-169.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Permutation
514DB46D628129CBB912FE0B750CB44D
X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-52120-gbdf620f309584e/ru.cdev.xnext.frontend.LegacyFrontend/
Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8
X-Ecwid-Device-Measurement
WEB;DESKTOP;1600;1200;96;1600;1200

Response headers

Access-Control-Allow-Origin
*
Content-Length
12
Date
Fri, 29 Nov 2024 11:50:22 GMT
Content-Type
application/json;charset=utf-8
Content-Disposition
attachment
Server
nginx
Connection
keep-alive
rpc
app.store.mywebsite-now.com/
12 B
238 B
XHR
General
Full URL
https://app.store.mywebsite-now.com/rpc?ownerid=78885070&version=2024-52120-gbdf620f309584e
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.228.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-228-169.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Permutation
514DB46D628129CBB912FE0B750CB44D
X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-52120-gbdf620f309584e/ru.cdev.xnext.frontend.LegacyFrontend/
Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8
X-Ecwid-Device-Measurement
WEB;DESKTOP;1600;1200;96;1600;1200

Response headers

Access-Control-Allow-Origin
*
Content-Length
12
Date
Fri, 29 Nov 2024 11:50:22 GMT
Content-Type
application/json;charset=utf-8
Content-Disposition
attachment
Server
nginx
Connection
keep-alive
ecwid-checkout.8a1a8d433278ddae267828fc1ae7ff12.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/
809 KB
178 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.8a1a8d433278ddae267828fc1ae7ff12.min.js
Requested by
Host: app.store.mywebsite-now.com
URL: https://app.store.mywebsite-now.com/script.js?78885070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-54.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
febb44b2cab54e95a7d4879a461763b264a005263cf8339fd5e94b35eb31434a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
8a1a8d433278ddae267828fc1ae7ff12
age
688438
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
HIkTL9WVhu17iH3CfvBLTSP7tNB213gBvEuDkFm7QXrHQGwNvjfjZA==
date
Thu, 21 Nov 2024 12:36:24 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P10
PT-Root-UI_Regular.woff2
don16obqbay2c.cloudfront.net/fonts/root-ui/
54 KB
55 KB
Font
General
Full URL
https://don16obqbay2c.cloudfront.net/fonts/root-ui/PT-Root-UI_Regular.woff2
Requested by
Host: d1oxsl77a1kjht.cloudfront.net
URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1956590206&ownerid=78885070&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&useExactGalleryColors=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a690dcc6904c45753c7bb3cb40155d13423b02bcd1d7feb6271232efda63e55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.naturkosmetik-hanstein.de
Referer
https://d1oxsl77a1kjht.cloudfront.net/

Response headers

access-control-max-age
3000
x-amz-version-id
ZoJZEI4LSZb9DRvhxR5efpX5b0_Tmi6e
etag
"515dfc28b84d7920c6d428f94c68c617"
age
42475
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
4OlJjBK5uxeblZw229A60261qaJqj4I9Upjmg-GiYh_8VGZww72Wuw==
date
Fri, 29 Nov 2024 00:02:29 GMT
content-type
binary/octet-stream
last-modified
Wed, 28 Sep 2022 05:33:32 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
x-amz-replication-status
COMPLETED
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
55316
x-amz-cf-pop
FRA56-P5
server
AmazonS3
PT-Root-UI_Medium.woff2
don16obqbay2c.cloudfront.net/fonts/root-ui/
54 KB
55 KB
Font
General
Full URL
https://don16obqbay2c.cloudfront.net/fonts/root-ui/PT-Root-UI_Medium.woff2
Requested by
Host: d1oxsl77a1kjht.cloudfront.net
URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1956590206&ownerid=78885070&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&useExactGalleryColors=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
098d21d84e3a84222f1ab58d32ba8d3255f86d8223ba529b0ed93a0ec670558e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.naturkosmetik-hanstein.de
Referer
https://d1oxsl77a1kjht.cloudfront.net/

Response headers

access-control-max-age
3000
x-amz-version-id
HRzkdhaOQUhmI4MUjxJqzfLbm.Kt6MGp
etag
"02b33df684dfe81d7dc3d655b3f15212"
age
42475
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
SeNpAHDW5Go57yYusl8NFtJbBXYQGsZ1kiucc8pkpkIBuBKr25NY7g==
date
Fri, 29 Nov 2024 00:02:29 GMT
content-type
binary/octet-stream
last-modified
Wed, 28 Sep 2022 05:33:30 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
x-amz-replication-status
COMPLETED
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
55396
x-amz-cf-pop
FRA56-P5
server
AmazonS3
4877991155633833
connect.facebook.net/signals/config/
68 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/4877991155633833?v=2.9.176&r=stable&domain=www.naturkosmetik-hanstein.de&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
70e3e5a8f44d2b9523a63985c98712db970e083e2c16c43c2be212d31d1482da
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sIc24OyS' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 11:50:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sIc24OyS' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=43, mss=1232, tbw=70338, tp=66, tpl=0, uplat=197, ullat=1
pragma
public
x-fb-debug
KvLWUNh/UWZNCRDOE40mdkMMb+dSquQgFhUUmzoqa/8nmlXvZJKdZ6JKNWUM0hvz3VHOmo1sShfBnpewewfetA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
lightbox.js
ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/
22 KB
22 KB
Script
General
Full URL
https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.js
Requested by
Host: ecwid-addons.s3.amazonaws.com
URL: https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/3.8/script.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.106.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
41f2ec8cd8911d521b0622ad4e290ad0f1464f797065e33590a4f12806870899

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-amz-id-2
eoJJ44I2dY7PchYunaeExvAjYy1eol6mtUQkADREEh7m6syu429s36Ve01B7Tz/AA2XGhIoXC5g=
x-amz-replication-status
COMPLETED
ETag
"7442959b02d646a3ecd1abfc6db382e1"
x-amz-version-id
KjmqOz9KEIsk.7GPUUzNaVbeV0koLUHD
x-amz-request-id
QDHM57MTQTAP5GFH
Accept-Ranges
bytes
Content-Length
22409
Date
Fri, 29 Nov 2024 11:50:24 GMT
Last-Modified
Wed, 26 Oct 2022 13:53:11 GMT
Content-Type
text/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
pptm.js
www.paypal.com/tagmanager/
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.naturkosmetik-hanstein.de&t=xo&v=5.0.465&source=payments_sdk&mrid=9ECYMANLSKDVU&client_id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&comp=buttons,funding-eligibility,payment-fields&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo,giropay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HLNpT+pCo/U4y3s/nVZko68/cqoat3L+oGzMs8IB1pSqyppu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

paypal-debug-id
f804406cc9080
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f804406cc9080-d88b064392103630-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Fri, 29 Nov 2024 11:50:23 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HLNpT+pCo/U4y3s/nVZko68/cqoat3L+oGzMs8IB1pSqyppu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881024.580142,VS0,VE313
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/
12 KB
5 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.naturkosmetik-hanstein.de&t=xo&v=5.0.465&source=payments_sdk&mrid=9ECYMANLSKDVU&client_id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&comp=buttons&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=false&components=buttons&enable-funding=paylater&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-jGB+n99pbT4fZs+DNVnGU0HZUUzwfjbcLU8FdhTgUY4vfEv9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

paypal-debug-id
f804406f82f9d
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f804406f82f9d-04f2d591612ab5b6-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-jGB+n99pbT4fZs+DNVnGU0HZUUzwfjbcLU8FdhTgUY4vfEv9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881024.608767,VS0,VE561
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
local
www.paypal.com/credit-presentment/experiments/ Frame 0B7E
0
0
Document
General
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_wennlvpbbvgsiwnbzrjxjbzjdxeorb&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jdXJyZW5jeT1FVVImbWVyY2hhbnQtaWQ9OUVDWU1BTkxTS0RWVSZjbGllbnQtaWQ9QVFlZ1p6aktzWnhOQ28zMnFldWF3bXJZU1dKTEpXR1NHMzZJMjc4Rk9kTEtYdnFIZkZCai1Cb3dBRFN0dUNHLXo3T0psWDAxV1ROVnhjMHcmY29tcG9uZW50cz1tZXNzYWdlcyZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXIsY2FyZCx2ZW5tbyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3dlbm5sdnBiYnZnc2l3bmJ6cmp4amJ6amR4ZW9yYiJ9fQ&env=production&scriptUID=uid_wennlvpbbvgsiwnbzrjxjbzjdxeorb&version=1.65.2&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&components=messages&disable-funding=paylater,card,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naturkosmetik-hanstein.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
29711
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1526
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
f607252c77aa0
date
Fri, 29 Nov 2024 11:50:23 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-hZrJEn1/I7nZxrYtD5biQSscHCo"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f607252c77aa0
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f607252c77aa0-2fa11ee9c7030420-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f607252c77aa0-079ec90c3ebe338d-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
11125, 0
x-served-by
cache-fra-etou8220097-FRA, cache-fra-etou8220097-FRA
x-timer
S1732881024.733498,VS0,VE92
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/
12 KB
5 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.naturkosmetik-hanstein.de&t=xo&v=5.0.465&source=payments_sdk&mrid=9ECYMANLSKDVU&client_id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&comp=messages&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&components=messages&disable-funding=paylater,card,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1UD21jhMzHNXdMEv2pxij5NjKABhdCzctq9Ci5Ngf0MJrYUg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

paypal-debug-id
f804406c57c25
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
0
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f804406c57c25-301f8c517a76a95c-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220129-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1UD21jhMzHNXdMEv2pxij5NjKABhdCzctq9Ci5Ngf0MJrYUg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881024.700286,VS0,VE548
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=4877991155633833&ev=PageView&dl=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F&rl=&if=false&ts=1732881024013&sw=1600&sh=1200&v=2.9.176&r=stable&a=plecwid&ec=0&o=12318&fbp=fb.1.1732881024011.163808908183516956&ler=empty&cdl=API_unavailable&it=1732881023298&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4607, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
200 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=4877991155633833&ev=PageView&dl=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F&rl=&if=false&ts=1732881024013&sw=1600&sh=1200&v=2.9.176&r=stable&a=plecwid&ec=0&o=12318&fbp=fb.1.1732881024011.163808908183516956&ler=empty&cdl=API_unavailable&it=1732881023298&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442667327101368409"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
rEz/oS79Hos+6KX1lHv87MZjNVUvjqmn1wSGm+uzU3Zk75hbB8pSrypGmuB9W6f8zjJwW+C9j7Ju8Zewz9aPrw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442667327101368409", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4975, tp=15, tpl=0, uplat=150, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
prev.png
d1howb1wwyap5o.cloudfront.net/el/dist/images/
1 KB
2 KB
Image
General
Full URL
https://d1howb1wwyap5o.cloudfront.net/el/dist/images/prev.png
Requested by
Host: ecwid-addons.s3.amazonaws.com
URL: https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c200:1d:a3af:f700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ecwid-addons.s3.amazonaws.com/

Response headers

x-amz-version-id
7jfjOc305jW9Nz88wDt1EmDZcnZCHLDe
etag
"84b76dee6b27b795e89e3649078a11c2"
age
38288
x-cache
Hit from cloudfront
x-amz-cf-id
DMVQcRZA6ZUZt_4anFqQxpaNZC6faXmGBdrYfhS03ZL4O-LnX9Y3xA==
date
Fri, 29 Nov 2024 01:12:17 GMT
content-type
image/png
last-modified
Thu, 02 Mar 2017 11:30:39 GMT
vary
accept-encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=86400
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1360
x-amz-cf-pop
FRA56-P3
server
AmazonS3
next.png
d1howb1wwyap5o.cloudfront.net/el/dist/images/
1 KB
2 KB
Image
General
Full URL
https://d1howb1wwyap5o.cloudfront.net/el/dist/images/next.png
Requested by
Host: ecwid-addons.s3.amazonaws.com
URL: https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c200:1d:a3af:f700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ecwid-addons.s3.amazonaws.com/

Response headers

x-amz-version-id
6xe6YfEhO9YYdqiMaAtJu2v6bgCaahLu
etag
"31f15875975aab69085470aabbfec802"
age
25317
x-cache
Hit from cloudfront
x-amz-cf-id
d8G3P3keRhNR8rlZ3bF7QvvjimORULUwQ5SEbUAM7x0iPJxVFghOng==
date
Fri, 29 Nov 2024 04:48:28 GMT
content-type
image/png
last-modified
Thu, 02 Mar 2017 11:30:12 GMT
vary
accept-encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=86400
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1350
x-amz-cf-pop
FRA56-P3
server
AmazonS3
loading.gif
d1howb1wwyap5o.cloudfront.net/el/dist/images/
8 KB
9 KB
Image
General
Full URL
https://d1howb1wwyap5o.cloudfront.net/el/dist/images/loading.gif
Requested by
Host: ecwid-addons.s3.amazonaws.com
URL: https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c200:1d:a3af:f700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ecwid-addons.s3.amazonaws.com/

Response headers

x-amz-version-id
zB5pyRmlPXQIn4DkNjNwkzvk_xm_1ByW
etag
"2299ad0b3f63413f026dfec20c205b8f"
age
13896
x-cache
Hit from cloudfront
x-amz-cf-id
6P9LpCgkiLPAn0Vqm5ABismgt5nymojhEmsvgKCQ6y8idpwjHjcePw==
date
Fri, 29 Nov 2024 07:58:49 GMT
content-type
image/gif
last-modified
Thu, 02 Mar 2017 11:29:49 GMT
vary
accept-encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=86400
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8476
x-amz-cf-pop
FRA56-P3
server
AmazonS3
close.png
d1howb1wwyap5o.cloudfront.net/el/dist/images/
280 B
705 B
Image
General
Full URL
https://d1howb1wwyap5o.cloudfront.net/el/dist/images/close.png
Requested by
Host: ecwid-addons.s3.amazonaws.com
URL: https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/energy-labels-wl/forked/lightbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c200:1d:a3af:f700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ecwid-addons.s3.amazonaws.com/

Response headers

x-amz-version-id
s2SjfyPjYgPVWjCTyJztg7u2UQXWN2Yw
etag
"d9d2d0b1308cb694aa8116915592e2a9"
age
21253
x-cache
Hit from cloudfront
x-amz-cf-id
bHn4jab6NDRHFm01fnTOgYRestg1QruDBj0qYHDKRP0CenZ2K-1J1g==
date
Fri, 29 Nov 2024 05:56:12 GMT
content-type
image/png
last-modified
Thu, 02 Mar 2017 11:29:24 GMT
vary
accept-encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=86400
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
280
x-amz-cf-pop
FRA56-P3
server
AmazonS3
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
ts
t.paypal.com/
42 B
258 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Startseite%20-%20Naturkosmetik%20Hanstein&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732881024087&g=-60&completeurl=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
67ff782310c32
correlation-id
67ff782310c32
expires
Fri, 29 Nov 2024 11:50:24 GMT
traceparent
00-000000000000000000067ff782310c32-b02f3f6b57730267-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-000000000000000000067ff782310c32-d520641c094aae2c-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220068-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732881024.272439,VS0,VE180
via
1.1 varnish
accept-ranges
bytes
ts
t.paypal.com/
42 B
256 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Startseite%20-%20Naturkosmetik%20Hanstein&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732881024188&g=-60&completeurl=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
a0b5c5e183722
correlation-id
a0b5c5e183722
expires
Fri, 29 Nov 2024 11:50:24 GMT
traceparent
00-0000000000000000000a0b5c5e183722-e4e8376fe95aafb7-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000a0b5c5e183722-795d511e7243a68a-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220068-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732881024.273083,VS0,VE162
via
1.1 varnish
accept-ranges
bytes
ts
t.paypal.com/
42 B
599 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Startseite%20-%20Naturkosmetik%20Hanstein&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732881024202&g=-60&completeurl=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
e3e18344f8e27
correlation-id
e3e18344f8e27
expires
Fri, 29 Nov 2024 11:50:24 GMT
traceparent
00-0000000000000000000e3e18344f8e27-5f749bfaee0c39e8-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000e3e18344f8e27-cd50bc974da4290d-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220068-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732881024.273005,VS0,VE159
via
1.1 varnish
accept-ranges
bytes
ts
t.paypal.com/
42 B
258 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Startseite%20-%20Naturkosmetik%20Hanstein&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1732881024280&g=-60&completeurl=https%3A%2F%2Fwww.naturkosmetik-hanstein.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.naturkosmetik-hanstein.de
URL: https://www.naturkosmetik-hanstein.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
c85e12d7bf14b
correlation-id
c85e12d7bf14b
expires
Fri, 29 Nov 2024 11:50:24 GMT
traceparent
00-0000000000000000000c85e12d7bf14b-f3fcaa8aede50749-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000c85e12d7bf14b-f486c7846a4361bb-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Fri, 29 Nov 2024 11:50:24 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220068-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732881024.301278,VS0,VE147
via
1.1 varnish
accept-ranges
bytes
favicon.ico
www.naturkosmetik-hanstein.de/
754 B
1 KB
Other
General
Full URL
https://www.naturkosmetik-hanstein.de/favicon.ico?v=1732704833650
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e9dcb6883db0d07f6b162a52e03b1480fd51a8dc20923fcc2f2174110667b105
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-server
itproxy-live-de-rhr-bap03
strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"5a8c4081673936aebef304da595f4bca"
via
1.1 itproxy.1and1.org (squid/4.15)
x-cache
MISS from itproxy.1and1.org
date
Fri, 29 Nov 2024 11:50:24 GMT
x-rgw-object-type
Normal
content-type
image/x-icon
vary
Accept-Encoding
server
nginx
last-modified
Thu, 28 Nov 2024 15:57:16 GMT
x-cache-lookup
MISS from itproxy.1and1.org:3128
logger
www.paypal.com/xoplatform/logger/api/
966 B
751 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo,giropay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e13a34ab8efcc71e4a13809feceb583e7eb698c050b183566e01d323cdba5dea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f73117697e5b4
content-encoding
br
etag
W/"3c6-4ccPeRPnoLEhfvStfof3TRrXTj4"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f73117697e5b4-6d952521a9c6fd9e-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Fri, 29 Nov 2024 11:50:25 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881025.206329,VS0,VE184
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
logger
www.paypal.com/xoplatform/logger/api/
977 B
2 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=false&components=buttons&enable-funding=paylater&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94ff11190a69e6fe03221e678799900179280b9cc94071a9f4ac4c1dec6b3830
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f731176f4d52c
content-encoding
br
etag
W/"3d1-y7JcegNOzzkhHxJ+q6FsAeDSujs"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f731176f4d52c-94c3f84978d038b3-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Fri, 29 Nov 2024 11:50:25 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881025.206686,VS0,VE167
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
logger
www.paypal.com/xoplatform/logger/api/
983 B
848 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&components=messages&disable-funding=paylater,card,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac492bebf923e8b08729ddc2194b031e87a246c6f053470b130f8413db54d78b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f731176441a34
content-encoding
br
etag
W/"3d7-QsOBVIwqyT8igzP4qftkSlg/4gk"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f731176441a34-761abcbe1e7d70e4-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Fri, 29 Nov 2024 11:50:25 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881025.206344,VS0,VE167
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
logger
www.paypal.com/xoplatform/logger/api/
981 B
763 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&merchant-id=9ECYMANLSKDVU&client-id=AQegZzjKsZxNCo32qeuawmrYSWJLJWGSG36I278FOdLKXvqHfFBj-BowADStuCG-z7OJlX01WTNVxc0w&commit=true&components=buttons&enable-funding=paylater&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01193e16985f74c6b9140b8e6a8430dec895e5bbfa3615cef1840320287560a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naturkosmetik-hanstein.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f73117686673b
content-encoding
br
etag
W/"3d5-Wm56i8N0xlXkReuko03zTMkqrOU"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f73117686673b-27898a1937c2400c-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Fri, 29 Nov 2024 11:50:25 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1732881025.206329,VS0,VE202
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.naturkosmetik-hanstein.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 29 Nov 2024 11:50:25 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f73117632f5ea
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f73117632f5ea-05613d15e4239929-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-timer
S1732881025.880791,VS0,VE172
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.naturkosmetik-hanstein.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 29 Nov 2024 11:50:25 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f731176444961
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f731176444961-63fdc098342168a6-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-timer
S1732881025.881354,VS0,VE173
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.naturkosmetik-hanstein.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 29 Nov 2024 11:50:25 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f73117674f33d
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f73117674f33d-37e05bedf3477967-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-timer
S1732881025.880760,VS0,VE184
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.naturkosmetik-hanstein.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.naturkosmetik-hanstein.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 29 Nov 2024 11:50:25 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f731176266b33
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f731176266b33-20ccbfbd4ff124a1-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
x-timer
S1732881025.880778,VS0,VE187
favicon.ico
www.naturkosmetik-hanstein.de/
754 B
0
Other
General
Full URL
https://www.naturkosmetik-hanstein.de/favicon.ico?v=1732704833650
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
e9dcb6883db0d07f6b162a52e03b1480fd51a8dc20923fcc2f2174110667b105

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

x-server
itproxy-live-de-rhr-bap03
cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"5a8c4081673936aebef304da595f4bca"
via
1.1 itproxy.1and1.org (squid/4.15)
x-cache
MISS from itproxy.1and1.org
date
Fri, 29 Nov 2024 11:50:24 GMT
x-rgw-object-type
Normal
content-type
image/x-icon
vary
Accept-Encoding
server
nginx
last-modified
Thu, 28 Nov 2024 15:57:16 GMT
x-cache-lookup
MISS from itproxy.1and1.org:3128
favicon-32x32.png
www.naturkosmetik-hanstein.de/
1 KB
2 KB
Other
General
Full URL
https://www.naturkosmetik-hanstein.de/favicon-32x32.png?v=1732704833650
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS IONOS SE, DE),
Reverse DNS
Software
nginx /
Resource Hash
d03cee4e07c909eaa56b68540ac7c1502c24f6b0a17768cbaf049f6a7a0fc57a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.naturkosmetik-hanstein.de/

Response headers

strict-transport-security
max-age=15768000
cache-control
public, max-age=31536000
etag
"188014e16698900cbc3699bfb7204ec2"
via
1.1 itproxy.1and1.org (squid/4.15)
accept-ranges
bytes
x-cache
MISS from itproxy.1and1.org
content-length
1483
date
Fri, 29 Nov 2024 11:50:25 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Thu, 28 Nov 2024 15:57:17 GMT
server
nginx
x-server
itproxy-live-de-rhr-bap04
x-cache-lookup
MISS from itproxy.1and1.org:3128

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| detectIOS string| ua number| trident number| msie function| selectStoreSubpage function| selectStorePage function| changeSelectedPage function| changeSelectedPageInsideShopNavigation function| stylePopupBrowser object| CONSENT_REGISTRY object| moreItems object| moreItemsButton object| anchors object| menuToggler object| headerSectionInner object| sectionRoot object| stickySection boolean| ecwid_script_defer boolean| ecwid_dynamic_widgets object| goxEcwidIntegration object| NSfTIF function| getCurrentScriptUrl function| isStorefrontV2LoadedFromV3 string| ecwidV2ObjectName object| EcwidObj function| addExtension function| ep function| proxyChain object| chameleon string| colorPrefix object| EcwidUtils object| EcwidLogger string| html_id object| html_tag string| body_id object| body_tag function| xInjectJs function| isOnIframe function| getHeadTag boolean| isEcwidV2StorefrontLoaded function| getEcwidV2Object function| getEcwidV2ObjectName function| getEcwidV3Object object| Ecwid object| ec object| lazySizes object| ecwidEvents function| ecwid_init_elm_config object| ecwid_elm_config boolean| ecwid_bodyDone function| ecwid_onBodyDone object| pathGroups boolean| needLoadEcwidAsync string| css_selectors_prefix string| ecwid_script_base string| ecwid_static_base string| ecwid_url number| ecwid_wait_for_interactive_seconds string| ecwid_loader_logo_url string| amazon_image_domain number| xnext_ownerId object| ecwid_initial_data object| ecwid_states_data string| EcHeap function| eca boolean| __heap_inits__ function| parseId function| parseStyle function| xAddWidget function| xProductBrowser function| ecwid_loader function| xAddToBag function| xProductThumbnail function| xLoginForm function| xMinicart function| xCategories function| xVCategories function| xCategoriesV2 function| xSearchPanel function| xSearch function| xGadget function| xSingleProduct function| xProduct function| xAffiliate function| ru_cdev_xnext_frontend_LegacyFrontend object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| __gwt_stylesLoaded object| ChameleonIntegration string| ec_legacyCssUrl string| rosettaLanguageCode object| rosettaMessages object| Venera object| EnergyLabelsWlApp function| __awaiter function| __generator object| goog object| com object| java object| ru function| GwtPotentialElementShim function| StackFrame object| ErrorStackParser number| _swStorePlugin string| _swStorePluginVersion boolean| _swFirstLoad boolean| _swFBQEvents function| _swECWProcessOrder function| _swECWProcessCartChange function| _swECWProductView function| _swECWPageView function| _swECWRecordHit object| EcwidCart object| frame function| ecwid_incompatible_version function| fbq function| _fbq object| ProductBrowser object| testElm function| $ function| jQuery object| __post_robot_11_0_0___uid_fsifvycjrbhrdlfiuoyhzblxhvffvq object| paypalApm object| __zoid_10_3_3___uid_fsifvycjrbhrdlfiuoyhzblxhvffvq object| __post_robot_11_0_0___uid_umbzcybzhfvhfzmyacvvfzlpwcuuxr object| paypalCart object| __zoid_10_3_3___uid_umbzcybzhfvhfzmyacvvfzlpwcuuxr object| __post_robot_11_0_0___uid_wennlvpbbvgsiwnbzrjxjbzjdxeorb object| paypalMessages object| __zoid_10_3_3___uid_wennlvpbbvgsiwnbzrjxjbzjdxeorb object| __post_robot_11_0_0___uid_utnuykkblwecshtnjgawqiarznfvly object| paypalPaymentDetails object| __zoid_10_3_3___uid_utnuykkblwecshtnjgawqiarznfvly object| lightbox object| paypalDDL

3 Cookies

Domain/Path Name / Value
analytics.sitewit.com/ Name: AWSALBCORS
Value: nWai42rEPETufenvPNsfovTGh8Bp78dIFj/aikStdlChvICo1d4RAM7arD92qeNMFHGpfTcWZ+Ld4wTbySNe1TaOUR5WykHsu6ts7/bP1OVBDYvswLnLByxRb/H7
analytics.sitewit.com/ Name: ASP.NET_SessionId
Value: pwohuptp5v23iicdejctxhvm
.naturkosmetik-hanstein.de/ Name: _fbp
Value: fb.1.1732881024011.163808908183516956

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sitewit.com
app.store.mywebsite-now.com
connect.facebook.net
d11s7fcxy18ubx.cloudfront.net
d1dkdnyvras0l5.cloudfront.net
d1howb1wwyap5o.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d1tqsoh7s4xjz9.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
djqizrxa6f10j.cloudfront.net
don16obqbay2c.cloudfront.net
ecwid-addons.s3.amazonaws.com
t.paypal.com
t.webjavaskript.net
tif.webjavaskript.net
www.facebook.com
www.naturkosmetik-hanstein.de
www.paypal.com
13.33.216.54
151.101.1.21
151.101.65.21
151.101.67.1
157.240.253.1
157.240.253.35
18.158.228.169
18.245.62.118
18.245.62.188
18.66.107.38
195.20.250.184
195.20.251.235
2001:8d8:100f:f000::200
2600:1f18:243f:2d00:4f6f:5eff:fa45:c0f9
2600:9000:2057:2800:1f:f560:8d00:21
2600:9000:211e:da00:19:4fd1:c1c0:21
2600:9000:211e:fc00:3:22ec:38c0:21
2600:9000:223d:c200:1d:a3af:f700:21
2600:9000:2491:7600:1c:b536:2c40:21
2600:9000:2724:6000:13:2031:2340:21
52.216.106.252
01193e16985f74c6b9140b8e6a8430dec895e5bbfa3615cef1840320287560a6
049d693d86b2b130d068d4b0b0d80546009dc77ac75cf9f11dcad00ae70ce30e
06bf6dfa7cf89999a8b4b2f8472d5903759efe7185ed168975c3f738de99c4f0
0834033f88c885e5e066e1372c4efe66f15652b23285d1439b08ef65cdbc5d6d
098d21d84e3a84222f1ab58d32ba8d3255f86d8223ba529b0ed93a0ec670558e
0a08211b58f122c184b86215248d4d51f1d98444369f24d2f76d4201cc815930
0e671676d1a7614f5e358d68731ad6c20911a016dd3b8a8c6600faffe846c079
0fcad5a59024dc1b124f16ee956125ae5610fcc83a87f20076a66ff34e2e946a
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
161c4f371ed9038d4b419c0623ffd322e76841d2986aa350cc009fcf94716501
1d6c0abe57836b7dc7d298fc7948550562eb620ef125ee245c21ce0d8fa41949
208f6c9250d572affcc2718849784dc1c28818c4da1e878026a6afa43775ae50
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
25dad91e0f17a0d9627c7bcbc0e49a9785115105601d3f55d66f6d454dadd031
2ca34caab1e33980a2513a707fef8a91a4e32c5fd1ea823dbd605a89505c7d7b
3ae2ee7f1ea3bb62b475b6925c65bf98a159ffbf9a117e0597dcfa18f57115bf
3e0c1e0adf53ec377d8b821778bb967c63d25201e8b9c7c427c5a6e231ef5c54
41f2ec8cd8911d521b0622ad4e290ad0f1464f797065e33590a4f12806870899
42536067c42b61f6817f7f069b3afcfdc1c018685d9fca3d2aa081cb38f3ed6d
49095855a1bbacefa1366180157a8a1a3696d329292c13726312b57a641dcfed
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5344941615a017b6ba9dffd1501faa4ac2a7b26e292fef327f7f4dd13fbcd037
5a690dcc6904c45753c7bb3cb40155d13423b02bcd1d7feb6271232efda63e55
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
615912fa6cfaaea416ca9ef1c85b8da568e3b5cd9eed79525cf3613a9d7d334f
6778ec41fb55c1222dad8962eedf98082f2f1f76035e80765574e56ad60410f9
6b5cad12b0f544e985494205d2f664051f9cf6ac65056494cd594b1a9079e2d4
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70e3e5a8f44d2b9523a63985c98712db970e083e2c16c43c2be212d31d1482da
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8284b95f9064a5dc6657c801bdf76dc01ccf8bf840d2933571926fc97485d193
8af92216c09dcfc0cb18d94ebeabdc395ccc871c664c54cadb8645116b770b8f
8ec65091ace4bdc36e35437bceb3cfa93dc35b774edab3aab08a3e08e7f3ab44
94f50d2c5858c45360c23e498ea7af878a9dc3f4b911fe4907acfb9f66021de1
94ff11190a69e6fe03221e678799900179280b9cc94071a9f4ac4c1dec6b3830
95af46f7dacd747773579744dd7cac2bf59e67762932a82b1bfd983bc18cea31
9db2864b3c9d056607e9dd41af723573bcc4b01ff20e7324e1d7dcb9a11922a0
a09ed29ad417606f9b83d39c2a21c8dd6a6c9a6171785ae01eb2b514f8a6c598
a6c262dad0cf3e9e21af5cbb4c42308b86cb103ed4805cfff0a50bad5f63da22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac492bebf923e8b08729ddc2194b031e87a246c6f053470b130f8413db54d78b
adcc2ae8ca6a6a520a823e382ce64b4191e897dddaf48b28e81f605fd67c2842
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c646021be5a28b01efdb2a5cdc82d004a94d7ab44eb6fe46c874ebade2b7b380
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
d03cee4e07c909eaa56b68540ac7c1502c24f6b0a17768cbaf049f6a7a0fc57a
df9c4bf14fc31cf05887c4d94695481545bcdec594d33158e45eeb467aa07ca7
e13a34ab8efcc71e4a13809feceb583e7eb698c050b183566e01d323cdba5dea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e493dea07353cd60a8fadc2f8084679ae97ef64b6866be189b0aba84a474d22e
e9dcb6883db0d07f6b162a52e03b1480fd51a8dc20923fcc2f2174110667b105
eb9a08c7b3dd1e61d9ab114b8440ffe0507a9cac70dde4af29efe376615e0119
ecc42d6977de894e5f6e13bde82369477611b52c6fa8f2817aa77d614e89e63e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f261cff33f9b727bf76fb7261bd9fc2a595b47133848bdcd11c48d82f12fc22e
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
fce419824804f0950b1902dfe5063fb404a04c602446c374282242d2887daa08
febb44b2cab54e95a7d4879a461763b264a005263cf8339fd5e94b35eb31434a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e