www.weleda.com Open in urlscan Pro
2a06:98c1:58::9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.weleda.com//product//plumping/-facial/-oil/-g006765
Effective URL:
https://www.weleda.com//product//plumping/-facial/-oil/-g006765
Submission: On October 10 via api (October 10th 2024, 9:23:15 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 22 domains to perform 116 HTTP transactions. The main IP is 2a06:98c1:58::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.weleda.com.
TLS certificate: Issued by E5 on August 16th 2024. Valid for: 3 months.

This is the only time www.weleda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2a06:98c1:58::9 2a06:98c1:58::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
5	104.126.37.154 104.126.37.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	104.18.26.50 104.18.26.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::84	54113 (FASTLY) (FASTLY)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
7	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
116	27

23 2a06:98c1:58::9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.weleda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-154.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

metrics.weleda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States) 2 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

analytics.fatmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	weleda.com www.weleda.com metrics.weleda.com	893 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	15 KB
13	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401	3 KB
12	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 930	9 KB
7	google.de www.google.de — Cisco Umbrella Rank: 11271	447 B
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	147 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 445	200 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	521 KB
4	fatmedia.io analytics.fatmedia.io — Cisco Umbrella Rank: 43865	913 B
4	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
3	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 9877 consent.linksynergy.com — Cisco Umbrella Rank: 37388	988 B
2	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 11016	22 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 462	140 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 982	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	315 B
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 8659	14 KB
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7549	52 KB
1	gstatic.com www.gstatic.com	215 KB
116	22

	Domain	Requested by
23	www.weleda.com	www.weleda.com
12	ct.pinterest.com	s.pinimg.com
10	www.google.com	1 redirects www.weleda.com www.gstatic.com
7	www.google.de	www.weleda.com
7	td.doubleclick.net	www.googletagmanager.com
7	googleads.g.doubleclick.net	www.weleda.com www.googletagmanager.com
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
5	analytics.tiktok.com	www.weleda.com analytics.tiktok.com
5	maps.googleapis.com	www.weleda.com maps.googleapis.com
5	www.googletagmanager.com	www.weleda.com www.googletagmanager.com
4	analytics.fatmedia.io	tag.rmp.rakuten.com analytics.fatmedia.io
4	bat.bing.com	www.weleda.com bat.bing.com
3	region1.analytics.google.com	2 redirects www.googletagmanager.com
2	www.upsellit.com	tag.rmp.rakuten.com
2	idsync.rlcdn.com	www.weleda.com
2	ut.rd.linksynergy.com	tag.rmp.rakuten.com
2	www.facebook.com	www.weleda.com
2	region1.google-analytics.com	www.weleda.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	consent.linksynergy.com	www.weleda.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	metrics.weleda.com	www.googletagmanager.com
1	tag.rmp.rakuten.com	www.googletagmanager.com
1	cdn.mouseflow.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
116	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.tiktok.com
policies.google.com
boards.greenhouse.io

Subject Issuer	Validity	Valid
www.weleda.com E5	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-20` - `2024-10-18`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
cdn.mouseflow.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
tag.rmp.rakuten.com WR3	`2024-09-26` - `2024-12-25`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
metrics.weleda.com R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.de WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2024-01-23` - `2025-01-22`	a year	crt.sh
analytics.fatmedia.io WR3	`2024-10-10` - `2025-01-08`	3 months	crt.sh
consent.linksynergy.com WR3	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2024-09-10` - `2025-10-03`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.weleda.com//product//plumping/-facial/-oil/-g006765
Frame ID: BA907B460D5F94726B80D02D58B38227
Requests: 106 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/853599953?random=1728595389737&cv=11&fst=1728595389737&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: BF323B6350F873838A15C47F8DF6DC4F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/853599953?random=1728595389785&cv=11&fst=1728595389785&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B96201B7FFDD9159A9D78E804FAB95C7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/853599953?random=1728595389807&cv=11&fst=1728595389807&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 66D89FB1368B972482F956603D9C69D8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-J8G93VP3DQ&gacid=840947565.1728595390&gtm=45je4a90v871698871z8841763219za200zb841763219&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101533422~101671035~101686685&z=488729862
Frame ID: 2ACBEA4DEF5D2341DCA58221AA2113BB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfvD2wiAAAAAO4nRhfQPFrdkj3KtugkHsmgBKNH&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=17r80fh8olzl
Frame ID: F74F60F2D8D96831F4E6D5EF4B0DEDC8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfvD2wiAAAAAO4nRhfQPFrdkj3KtugkHsmgBKNH&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&sa=eforms&cb=4id33foooggo
Frame ID: 92DEEA3B013E2CDBFE22C29A37349BA8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 66E57CCB64F75DB3B7A31B2F1F0A2B0A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/853599953?random=1728595391898&cv=11&fst=1728595391898&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 484E969185641C8D56009227BA06C719
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/853599953?random=1728595391910&cv=11&fst=1728595391910&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 8E8423B8DEA99BA095502E1D6230CF07
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/853599953?random=1728595391918&cv=11&fst=1728595391918&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 357F15BE3A23C8433F5EF377E3D77F99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - Weleda

Page URL History Show full URLs

http://www.weleda.com//product//plumping/-facial/-oil/-g006765 HTTP 307
https://www.weleda.com//product//plumping/-facial/-oil/-g006765 Page URL

Detected technologies

Bloomreach (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+/binaries/(?:[^/]+/)*content/gallery/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

116
Requests

97 %
HTTPS

48 %
IPv6

22
Domains

27
Subdomains

27
IPs

4
Countries

2345 kB
Transfer

7178 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Weleda.NA/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/weleda_usa/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WeledaNorthAmerica
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@weleda_usa
Title: TikTok

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://boards.greenhouse.io/weleda
Title: Careers at Weleda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.weleda.com//product//plumping/-facial/-oil/-g006765 HTTP 307
https://www.weleda.com//product//plumping/-facial/-oil/-g006765 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101533422~101671035~101686685&rnd=258840277.1728595390&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dma_cps=syphamo&dma=1&npa=0&gtm=45He4a90n81N9S57CVv841763219za200&auid=1483409143.1728595390 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101533422~101671035~101686685&rnd=258840277.1728595390&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dma_cps=syphamo&dma=1&npa=0&gtm=45He4a90n81N9S57CVv841763219za200&auid=1483409143.1728595390

Request Chain 44

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8G93VP3DQ&gtm=45je4a90v871698871z8841763219za200zb841763219&_p=1728595389218&_gaz=1&gcs=G111&gcd=13t3tPt2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101529666~101533422~101671035~101686685&cid=840947565.1728595390&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728595389&sct=1&seg=0&dl=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dt=Page%20not%20found%20-%20Weleda&en=page_view&_fv=1&_ss=1&_c=1&ep.event_id=1728595389547.531151.496&ep.page_hostname=www.weleda.com&ep.user_login_status=not_logged_in&tfd=1038 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=1187254439122834748&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F

Request Chain 92

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8G93VP3DQ&gtm=45je4a90v871698871z8841763219za200zb841763219&_p=1728595389218&gcs=G111&gcd=13v3vPv2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101529666~101533422~101671035~101686685&cid=840947565.1728595390&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1728595389&sct=1&seg=1&dl=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dt=Page%20not%20found%20-%20Weleda&en=page_view&_c=1&ep.event_id=1728595389547.531151.1633&ep.page_hostname=www.weleda.com&ep.user_login_status=not_logged_in&_et=1477&tfd=3109 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=11393409314399810394&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request -g006765 Show response
www.weleda.com//product//plumping/-facial/-oil/
Redirect Chain

http://www.weleda.com//product//plumping/-facial/-oil/-g006765
https://www.weleda.com//product//plumping/-facial/-oil/-g006765

224 KB
31 KB

300ms
182ms

Document
text/html

2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe8ed8c4ced0618524b3139da584179b046f3180fe40a88d3b50d1179d34ba00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8d09ab7cda9d8ffa-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' weleda.sabio.de
content-type: text/html;charset=UTF-8
date: Thu, 10 Oct 2024 21:23:09 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-security-policy: frame-ancestors 'self' weleda.sabio.de
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-webkit-csp: frame-ancestors 'self' weleda.sabio.de
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.weleda.com//product//plumping/-facial/-oil/-g006765
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
www.weleda.com/webfiles/1727688424119/css/ 667 KB
79 KB 58ms
57ms Stylesheet
text/css 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/css/style.css

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

289000b9d13660175f7602b5e7e546c28521b93f2d658489e349c0e4640e8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
cf-ray: 8d09ab7e0bc78ffa-FRA
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 weleda%3AheaderThreeToTwo
www.weleda.com/cdn-cgi/image/width=375,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/headers/weleda/weleda_404.jpeg/weleda_404.jpeg/ 71 KB
72 KB 243ms
242ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/width=375,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/headers/weleda/weleda_404.jpeg/weleda_404.jpeg/weleda%3AheaderThreeToTwo

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5313149694ea0ef13d8371a25def7ff06c85f0651e96eccc96ce469346cc0a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: MISS
etag: "cfFMRdrgP39z-J_-T57Z4HP07igtyg4LPzZbvx85CiDQ:1715661205013"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/d q=0 n=61+108 c=0+0 v=2024.10.0 l=73169 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Wed, 07 Feb 2024 10:06:41 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=21294987
cf-ray: 8d09ab7e0bce8ffa-FRA
accept-ranges: bytes
content-length: 73169
server: cloudflare

GET
H2 200 label.js Show response
www.weleda.com/resources/ 104 KB
23 KB 62ms
60ms Script
application/javascript 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/resources/label.js?cbh=1728546962636

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a94796c908c46cc46587afd5c148e00d7270f682d7a157b258e5114640548a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 48147
x-content-type-options: nosniff
cf-ray: 8d09ab7edc948ffa-FRA
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Thu, 10 Oct 2024 08:00:41 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 script.js Show response
www.weleda.com/webfiles/1727688424119/js/ 796 KB
197 KB 60ms
59ms Script
application/javascript 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/js/script.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfaf00bf2078c0ea949972fecb8cc2ef7bff709bd32b5ae8e428462a0d8ca485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
cf-ray: 8d09ab7edc938ffa-FRA
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 script.js Show response
www.weleda.com/webfiles/1727688424119/js/module-assets/headerfooter/ 18 KB
5 KB 57ms
55ms Script
application/javascript 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/js/module-assets/headerfooter/script.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2dd4be69482a76efc5a2b401ce0f0ca6980620c741085dabdbf97ba5931fc1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 829019
x-content-type-options: nosniff
cf-ray: 8d09ab7edc958ffa-FRA
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Tue, 01 Oct 2024 07:06:10 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 angular_en_US.js Show response
www.weleda.com/webfiles/1727688424119/js/ 176 KB
61 KB 63ms
62ms Script
application/javascript 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/js/angular_en_US.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1690efeb09bf01ae2072543ea56792feb218118218ef827947f41ca67fe6ac8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
cf-ray: 8d09ab7edc968ffa-FRA
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 weleda%3AheaderSevenByThree
www.weleda.com/cdn-cgi/image/width=1792,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/headers/weleda/weleda_404.jpeg/weleda_404.jpeg/ 157 KB
157 KB 363ms
362ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/width=1792,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/headers/weleda/weleda_404.jpeg/weleda_404.jpeg/weleda%3AheaderSevenByThree

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

132ca84a448d9a41c470048ff4554191f701081445664e63aa41381d9774ef2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: MISS
etag: "cf_mcqOHBPhH8_YFcWJLZRKRNsTgv1FfmGNsm_MYjRDQ:1668621718845"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/d q=0 n=70+211 c=0+0 v=2024.10.0 l=160768 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Tue, 15 Nov 2022 07:59:49 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=60096200
cf-ray: 8d09ab7e0bcb8ffa-FRA
accept-ranges: bytes
content-length: 160768
server: cloudflare

GET
H2 200 email-decode.min.js Show response
www.weleda.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
825 B 41ms
40ms Script
application/javascript 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67000b37-4d7"
x-content-type-options: nosniff
cf-ray: 8d09ab7e0bcd8ffa-FRA
expires: Sat, 12 Oct 2024 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 15:35:19 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
993 B 125ms
48ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfvD2wiAAAAAO4nRhfQPFrdkj3KtugkHsmgBKNH

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

ESF /

Resource Hash

9a81c531f4669224e93ad9fdb33aa35bbf509f5dc30dd870f7f3187029712224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 488 KB
141 KB 159ms
70ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e31e9e23bf18a6f46f183446cad24dd59ee43de42b62e2744a01a71adfe5a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 10 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 143705
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 NeoSansWeledaW04-Regular.woff2
www.weleda.com/webfiles/1727688424119/fonts/ 56 KB
56 KB 52ms
52ms Font
application/octet-stream 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/fonts/NeoSansWeledaW04-Regular.woff2

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/webfiles/1727688424119/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

281f48db053b02b6a36a256eea66d497f95da8ea64cb531950d0455855719118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.weleda.com
Referer: https://www.weleda.com/webfiles/1727688424119/css/style.css

Response headers

cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/octet-stream;charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d09ab7eec998ffa-FRA
accept-ranges: bytes
content-length: 57508
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 weleda_logo.svg
www.weleda.com/webfiles/1727688424119/img/ 9 KB
4 KB 51ms
51ms Image
image/svg+xml 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/webfiles/1727688424119/img/weleda_logo.svg

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e31d14b8c5505637012e8570bde2526e21e2c65520dc23783f685d309dc73749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 828236
x-content-type-options: nosniff
cf-ray: 8d09ab7fcd248ffa-FRA
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Mon, 30 Sep 2024 09:52:59 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 weledaicon.woff
www.weleda.com/webfiles/1727688424119/fonts/icons/ 56 KB
56 KB 55ms
54ms Font
application/x-font-woff 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/fonts/icons/weledaicon.woff

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/webfiles/1727688424119/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f85094ae75a81d1f0a15f0461d34db8e2a8c1f0611804edf806723c7b6c47924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.weleda.com
Referer: https://www.weleda.com/webfiles/1727688424119/css/style.css

Response headers

cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/x-font-woff;charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d09ab7fed418ffa-FRA
accept-ranges: bytes
content-length: 57132
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 NeoSansWeledaW04-Bold.woff2
www.weleda.com/webfiles/1727688424119/fonts/ 53 KB
53 KB 52ms
51ms Font
application/octet-stream 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/fonts/NeoSansWeledaW04-Bold.woff2

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/webfiles/1727688424119/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

115edd952baee279085bb6f896fba0bf4dab3ea3415b29b652d0600aa475ba24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.weleda.com
Referer: https://www.weleda.com/webfiles/1727688424119/css/style.css

Response headers

cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/octet-stream;charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d09ab7fed428ffa-FRA
accept-ranges: bytes
content-length: 54000
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 newweled-webfont.woff2
www.weleda.com/webfiles/1727688424119/fonts/ 20 KB
20 KB 60ms
60ms Font
application/octet-stream 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/fonts/newweled-webfont.woff2

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/webfiles/1727688424119/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456e9a584e317fbe95f0a8b87bfcdb6880f00cc9257b780da37719fc4c2fdc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.weleda.com
Referer: https://www.weleda.com/webfiles/1727688424119/css/style.css

Response headers

cf-cache-status: HIT
age: 905505
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/octet-stream;charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Mon, 30 Sep 2024 09:51:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d09ab7fed438ffa-FRA
accept-ranges: bytes
content-length: 20032
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 NeoSansWeledaW04-Medium.woff2
www.weleda.com/webfiles/1727688424119/fonts/ 51 KB
51 KB 80ms
80ms Font
application/octet-stream 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/fonts/NeoSansWeledaW04-Medium.woff2

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/webfiles/1727688424119/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

859c41a03d11e2652028ad818dccb86d1c4b4f6671af3b0586bd6ab536979fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.weleda.com
Referer: https://www.weleda.com/webfiles/1727688424119/css/style.css

Response headers

cf-cache-status: HIT
age: 828117
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 21:23:09 GMT
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/octet-stream;charset=UTF-8
vary: Origin, Accept-Encoding
last-modified: Tue, 01 Oct 2024 07:21:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d09ab801d5a8ffa-FRA
accept-ranges: bytes
content-length: 52124
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 shipping.png
www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/ 2 KB
2 KB 60ms
59ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/shipping.png

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e95d749f0c410b9bd6393e0504aaafeaf0ae483aa678cf8152ea4a80282f712

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cfTePaK9Xp9PeMNzT61jd3BtbpJm-IJWn8Y-GnddnvDQ:1565961447834"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=46+11 c=0+11 v=2024.10.0 l=2073 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Thu, 12 Dec 2019 14:50:28 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=141931224
cf-ray: 8d09ab7fed3a8ffa-FRA
accept-ranges: bytes
content-length: 2073
server: cloudflare

GET
H2 200 parcel.png
www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/ 716 B
923 B 64ms
62ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/parcel.png

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971378b148c7158efc36300ed9e78b6fc5ab1b66a67f6da93c32ef7a10e27b58

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cfR3_T3HEjMu2dlW7_3ixi0LyUJm-IJWn8Y-GnddnvDQ:1467813414867"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=23+17 c=0+17 v=2024.10.0 l=716 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Wed, 22 Feb 2017 10:11:11 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=238926842
cf-ray: 8d09ab7fed3b8ffa-FRA
accept-ranges: bytes
content-length: 716
server: cloudflare

GET
H2 200 payment.png
www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/ 2 KB
2 KB 65ms
63ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/payment.png

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c4f0ea42c418e86ac747c74ef7fa1f463465ae4f9163f93a1fe9825be35dcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cfwkaOsE0s_r07YqoHOCE7ARunJm-IJWn8Y-GnddnvDQ:1552201873654"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=38+27 c=0+27 v=2024.9.1 l=1969 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Thu, 12 Dec 2019 14:50:24 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=149870342
cf-ray: 8d09ab7fed3d8ffa-FRA
accept-ranges: bytes
content-length: 1969
server: cloudflare

GET
H2 200 contact-us.png
www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/ 708 B
960 B 59ms
58ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/icons/contact-us.png

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6670f1b07b0c4c00458a6afb290d33d850a40f12c190613a645528d9d01fe7a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cfAnn1aalz46-MUGwxPyH-YZkVJm-IJWn8Y-GnddnvDQ:1558288109931"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=32+17 c=0+17 v=2024.10.0 l=708 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Thu, 12 Dec 2019 08:39:34 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=152397253
cf-ray: 8d09ab7fed3e8ffa-FRA
accept-ranges: bytes
content-length: 708
server: cloudflare

GET
H2 200 weleda_grid-logo_en.png
www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/logos/ 2 KB
2 KB 65ms
64ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/logos/weleda_grid-logo_en.png

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c37c4265c50c780026341fa91968783b71507ceb32c338346477f102c15a88e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cf5FuL6guCX0x2A7PD6A-VyKB3Jm-IJWn8Y-GnddnvDQ:1709075371145"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=13+45 c=0+45 v=2024.8.1 l=2138 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Mon, 11 Sep 2023 13:32:23 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=29835158
cf-ray: 8d09ab7fed3f8ffa-FRA
accept-ranges: bytes
content-length: 2138
server: cloudflare

GET
H2 200 weleda%3AcontentSquare
www.weleda.com/cdn-cgi/image/width=112,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/certifications/logo_natrue.png/logo_natrue.png/ 7 KB
7 KB 62ms
62ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/width=112,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/certifications/logo_natrue.png/logo_natrue.png/weleda%3AcontentSquare

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd033702b7128d8b5409903ed52bf870a229caee278c28c877582b8c5c546ad9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cfbf8Ut02hcybHN_IHM3bKo3LVH8LdyHOfQE-vFOcqDQ:1679753474223"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/d q=0 n=60+94 c=0+0 v=2024.9.4 l=6805 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Wed, 07 Jun 2023 13:02:22 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=41817613
cf-ray: 8d09ab7fed408ffa-FRA
accept-ranges: bytes
content-length: 6805
server: cloudflare

GET
H2 200 weleda%3AcontentSquare
www.weleda.com/cdn-cgi/image/width=112,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/certifications/logo_bcorp.png/logo_bcorp.png/ 8 KB
9 KB 91ms
90ms Image
image/avif 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.weleda.com/cdn-cgi/image/width=112,q=auto,f=auto,sharpen=0.7,dpr=2/binaries/content/gallery/global/assets/certifications/logo_bcorp.png/logo_bcorp.png/weleda%3AcontentSquare

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d6caf3da4d0741f68e78f71a8df92b233cb7cfd4bb160892088ee1268bc380

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

cf-cache-status: HIT
etag: "cf4VKu-D16OlfB3mkNekB-70h_H8LdyHOfQE-vFOcqDQ:1718801698708"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/d q=0 n=52+59 c=0+0 v=2024.9.4 l=8675 f=false
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: image/avif
last-modified: Mon, 26 Jun 2023 12:52:43 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=39979588
cf-ray: 8d09ab801d5b8ffa-FRA
accept-ranges: bytes
content-length: 8675
server: cloudflare

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 541 KB
215 KB 89ms
38ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfvD2wiAAAAAO4nRhfQPFrdkj3KtugkHsmgBKNH

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.weleda.com
Referer: https://www.weleda.com/

Response headers

content-encoding: gzip
age: 40451
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 10:08:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 10:08:58 GMT
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219745
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 233 KB
79 KB 150ms
62ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDycOpW9OljrKobvVqpT8uT4lb7GoENJAM&callback=initMap

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/webfiles/1727688424119/js/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

69d2e35a026e2d2d5f60964e9b8310e372b442c354adb43afd1cd39c1e00fddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: c567e819
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80608
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
86 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1234&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

580f529a0a8b93280eaeabb39b58ca54fa6d828c117d8963583e77aa367a4c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 10 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87324
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 91ms
43ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4429, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: OEwG/wGaOvVhWHJe6YuA0cPG2QNIHleApGJptsf8OPrxR39UoDMtV3aoi2lqhDl68rxicsNDF7c96ETc0aEDzw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 287ms
139ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG3KSMRC77UFFF1NEELG&lib=ttq
Requested by: Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8528a9dab765db6d9670c48568bb2992cb176de4974eb5efbddffae26ef08810

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: gzip
expires: Thu, 10 Oct 2024 21:23:09 GMT
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=92
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 3a5e8b81
x-tt-trace-host: 010d56f0463cd111f068471839aabcceeed45c1768ea6a028cead9247a88bba5b6fd1559ae0e01f69b42a8781b0a16eb8114742df560af125eaec10880bf3f95c0a27bce9c7aa9f6f036095e2d5453bbad90478edae70d3c0758543bd50f4052de
x-origin-response-time: 92,104.126.37.125
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241010212309A0CD5D7D8A9BE518B865-3743123354D69278-00
x-tt-logid: 20241010212309A0CD5D7D8A9BE518B865
server: nginx

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101533422~101671035~101686685&rnd=258840277.1728595390&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101533422~101671035~101686685&rnd=258840277.1728595390&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumpi...

42 B
65 B

182ms
56ms

Ping
image/gif

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101533422~101671035~101686685&rnd=258840277.1728595390&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dma_cps=syphamo&dma=1&npa=0&gtm=45He4a90n81N9S57CVv841763219za200&auid=1483409143.1728595390

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5l1&tag_exp=101533422~101671035~101686685&rnd=258840277.1728595390&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dma_cps=syphamo&dma=1&npa=0&gtm=45He4a90n81N9S57CVv841763219za200&auid=1483409143.1728595390
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
104 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J8G93VP3DQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a941c1f3c9cefaeb2951db4c9ae4f6245c423267b6be4a8b4604ad9a7f2a4526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 10 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106475
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 1bde951a-997a-4a7a-b470-66205f42e9d0.js Show response
cdn.mouseflow.com/projects/ 178 KB
52 KB 135ms
75ms Script
application/javascript 104.18.26.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.50 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a74aae0eeafab501746715412223d7865c9f9445b03e6a79bab9e53df3517db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1a1b439c447db1:0"
x-mf-country: DE
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 15 Sep 2024 07:55:19 GMT
x-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-mf-continent: EU
cache-control: public, max-age=86400
cf-ray: 8d09ab81480fca6c-HAM
access-control-allow-origin: *
x-mf-script-region: enforced-privacy
server: cloudflare

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 172ms
39ms Script
application/javascript 2a04:4e42:400::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1878
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 277 KB
95 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-853599953&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

358288241b47c551306550abd03f5414ba39647143c9c2f4432333959f2c15d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 10 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97340
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 120236.ct.js Show response
tag.rmp.rakuten.com/ 42 KB
14 KB 253ms
158ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/120236.ct.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

bc31ee93c6e6b553f928c2550652ae7bc8b49825a1b7f338068493f4774b4227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=86400
content-encoding: gzip
x-samesite: secure
via: 1.1 google
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: miss
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 21:23:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
95 KB 93ms
93ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-853599953

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da770317afb4ead9eaabefd6c2acda79aea327028c1719085468baf896083ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 10 Oct 2024 21:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97449
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 240ms
62ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F600AB9123D1453DA814F03B55047F1D Ref B: FRA31EDGE0109 Ref C: 2024-10-10T21:23:09Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 collect Show response
metrics.weleda.com/g/ 65 B
592 B 398ms
286ms XHR
text/plain 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.weleda.com/g/collect?v=2&tid=G-1234&gtm=45je4a90z8841763219za200zb841763219&_p=1728595389218&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101529665~101671035~101686685&cid=840947565.1728595390&ecid=610860524&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=258840277.1728595390&sst.etld=google.de&sst.gcsub=region1&sst.tft=1728595389218&sst.ude=0&_s=1&sid=1728595389&sct=1&seg=0&dl=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dt=Page%20not%20found%20-%20Weleda&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1728595389547.531151.1&ep.page_hostname=www.weleda.com&ep.client_ip_address=&ep.client_user_agent=&tfd=853&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1234&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 21:23:09 GMT
access-control-allow-origin: https://www.weleda.com
content-length: 90
date: Thu, 10 Oct 2024 21:23:09 GMT
x-cloud-trace-context: b04941cfb3db07d6a42b444955a72583
content-type: text/plain
vary: Accept-Encoding
server: Google Frontend

GET
H3 200 567911746891458 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 42ms
41ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/567911746891458?v=2.9.170&r=stable&domain=www.weleda.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c2ed711ff4cdf404d7024474157f0c6dd48ffc2aa38c0e3d3d5d3b3e7ef9e76c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=74, mss=1232, tbw=67261, tp=62, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: Gsn8lklhm1oIJsQWnLyie6SPeUuTfOX4pXiTvuwVz4/yrB1LwwhjLKHUupZCUIad2asfMzJrUt6iq2hpFzqPZg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13093
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 5 KB
2 KB 61ms
60ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1728595389737&cv=11&fst=1728595389737&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-853599953&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

753bf282483cd7d12e58604641a22a2e7c6bb121fb43fbb252c331e437231681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2379
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 853599953
td.doubleclick.net/td/rul/ Frame BF32 0
0 152ms
65ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/853599953?random=1728595389737&cv=11&fst=1728595389737&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-853599953&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 5 KB
2 KB 63ms
63ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1728595389785&cv=11&fst=1728595389785&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0c27605567e848c4018c98d22500e6e8e7800931be7a5fd48a0d03bd43034b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2359
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 853599953
td.doubleclick.net/td/rul/ Frame B962 0
0 120ms
71ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/853599953?random=1728595389785&cv=11&fst=1728595389785&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 5 KB
2 KB 66ms
66ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1728595389807&cv=11&fst=1728595389807&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8d48693ab197f85c91d5c62564b4edbd39340e32c3bdd3c8675ee96439617807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2375
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 853599953
td.doubleclick.net/td/rul/ Frame 66D8 0
0 110ms
75ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/853599953?random=1728595389807&cv=11&fst=1728595389807&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8G93VP3DQ&gtm=45je4a90v871698871z8841763219za200zb841763219&_p=1728595389218&_gaz=1&gcs=G111&gcd=13t3tPt2t5l1&npa=0&dma_cps=syphamo&dma=1&t...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=1187254439122834748&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z884...

0
0

62ms
56ms

Fetch
text/plain

2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=1187254439122834748&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F
Requested by: Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765
Protocol: H2
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://region1.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=840947565.1728595390&dbk=1187254439122834748&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0xbdef2ac33538cb5a","source_keys":["1"]},{"key_piece":"0x21832149f32ac4f0","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"1187254439122834748","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["853599953"],"5":["10-10","10-09","10-08"]}}
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=1187254439122834748&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 155ms
47ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8G93VP3DQ&cid=840947565.1728595390&gtm=45je4a90v871698871z8841763219za200zb841763219&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&frm=0&tag_exp=101529666~101533422~101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8G93VP3DQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.weleda.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2ACB 0
0 64ms
63ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-J8G93VP3DQ&gacid=840947565.1728595390&gtm=45je4a90v871698871z8841763219za200zb841763219&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101533422~101671035~101686685&z=488729862

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8G93VP3DQ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 108ms
61ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J8G93VP3DQ&cid=840947565.1728595390&gtm=45je4a90v871698871z8841763219za200zb841763219&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5l1&npa=0&frm=0&tag_exp=101529666~101533422~101671035~101686685&tag_exp=101529666~101533422~101671035~101686685&z=326622552

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F74F 0
0 159ms
85ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfvD2wiAAAAAO4nRhfQPFrdkj3KtugkHsmgBKNH&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=17r80fh8olzl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7FZ-RLyghX4wfS1aDDfIKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7FZ-RLyghX4wfS1aDDfIKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 92DE 0
0 132ms
59ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfvD2wiAAAAAO4nRhfQPFrdkj3KtugkHsmgBKNH&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&sa=eforms&cb=4id33foooggo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2kFSMejySP1pIJGMowIBzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2kFSMejySP1pIJGMowIBzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 160ms
84ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDycOpW9OljrKobvVqpT8uT4lb7GoENJAM&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.weleda.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Thu, 10 Oct 2024 21:23:10 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 39ms
38ms Script
application/javascript 2a04:4e42:400::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23701
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/ 290 KB
63 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDycOpW9OljrKobvVqpT8uT4lb7GoENJAM&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2680ba043a35f0decbfbe2f0ea2b06d3bc9f441f648df6c7fbe92fc8485e2c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
age: 92252
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 19:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:45:37 GMT
last-modified: Mon, 07 Oct 2024 22:41:34 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 63779
x-xss-protection: 0
server: sffe

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/ 181 KB
55 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDycOpW9OljrKobvVqpT8uT4lb7GoENJAM&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a2180d83f10d8013074f6794898bb6b9d18a6a9feda649d90d2ca72199a5e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
age: 92252
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 19:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:45:37 GMT
last-modified: Mon, 07 Oct 2024 22:41:34 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56416
x-xss-protection: 0
server: sffe

GET
H2 200 geocoder.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/ 6 KB
3 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/geocoder.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDycOpW9OljrKobvVqpT8uT4lb7GoENJAM&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42fbdd461bc4d197298ff253a16ca8382b77bcaa2c71a7470c3765e698bb971a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: br
age: 92239
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 19:45:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:45:50 GMT
last-modified: Mon, 07 Oct 2024 22:41:34 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 2477
x-xss-protection: 0
server: sffe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 129ms
38ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=567911746891458&ev=PageView&dl=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&rl=&if=false&ts=1728595389929&sw=1600&sh=1200&v=2.9.170&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1728595389929.41727928796128259&ler=empty&cdl=API_unavailable&it=1728595389696&coo=false&eid=1728595389547.531151.1&tm=1&rqm=GET

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2916, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 297ms
206ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=567911746891458&ev=PageView&dl=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&rl=&if=false&ts=1728595389929&sw=1600&sh=1200&v=2.9.170&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1728595389929.41727928796128259&ler=empty&cdl=API_unavailable&it=1728595389696&coo=false&eid=1728595389547.531151.1&tm=1&rqm=FGET

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424260669129987810"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: H+WY0RpwfoS4lKvuL+1fhvf937JncqWVSQew1YV4yg/c0SRcmCxMKURdkUDUMdL1npyPChiUqQTOWI35bzYSow==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424260669129987810", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1297, tbw=3234, tp=-1, tpl=-1, uplat=165, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 56ms
56ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1728595389737&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf8Trqnjm_SQ7qG1qT-h8eRAouLFRP4Q&random=488479517&rmt_tld=0&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 57ms
57ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1728595389737&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf8Trqnjm_SQ7qG1qT-h8eRAouLFRP4Q&random=488479517&rmt_tld=1&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 97062934.js Show response
bat.bing.com/p/action/ 370 B
421 B 64ms
63ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97062934.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC5B57C8FB5943D997043BF53C463A2F Ref B: FRA31EDGE0109 Ref C: 2024-10-10T21:23:09Z
x-cache: CONFIG_NOCACHE
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 main.MTdkNGE4ZTU0MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 341 KB
95 KB 51ms
51ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG3KSMRC77UFFF1NEELG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4e9f6a80a2c5e548c6cdb6ab88151d457a77c8f33a626b3153aed2846b59a56a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-24101012580634788FF07707F903191A-58E74F705617A605-00
content-length: 97105
date: Thu, 10 Oct 2024 21:23:09 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024101012580634788FF07707F903191A
server: nginx
x-akamai-request-id: 3a5e8dba
x-tt-trace-host: 01abdfe81352be9520d5df341ab0f6c760c4719334afaaf53b574e901a7e562e52a369e97709668dfe5ac0133cadf0b5d3a5bec804b9f2a3ceaf0210d08d091e1b457446aac246575a3b0c28c1d8bce2c01071ff6b73f4ca5f0f4fece6087781cf

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
404 B 151ms
55ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

ff3bd717a4cef08ce8e0d5436935a01915771a46c02a6785562d3139dba13ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
date: Thu, 10 Oct 2024 21:23:10 GMT
x-samesite: secure
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
analytics.fatmedia.io/ 417 B
621 B 175ms
65ms Script
text/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.fatmedia.io/
Requested by: Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: b887b06df45c7e1938ed12f8c0f556967b476547904a38d408b07bfc040230ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

etag: W/"1a1-wAwcBzZMJXvsN76qfNANjjfQa2U"
access-control-allow-origin: *
content-length: 417
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
server: Google Frontend
x-cloud-trace-context: 607c770f80fe208995ba4a9c7faf2069
vary: Accept-Encoding

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
282 B 156ms
51ms Image
image/gif 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.weleda.com&sought=false&tp=gdpr&purposes=&vendors=&ext_id=5a020ebc-dba4-4e0c-909e-d4f10bd4867b

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Thu, 10 Oct 2024 21:23:10 GMT
x-samesite: secure
content-type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 56ms
55ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1728595389785&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfUg7wya-TOtNrFNxwnAE1WTFdP_AvVA&random=1406302368&rmt_tld=0&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 58ms
58ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1728595389785&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfUg7wya-TOtNrFNxwnAE1WTFdP_AvVA&random=1406302368&rmt_tld=1&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 62ms
62ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1728595389807&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfwsVgZ4Or3_fJRVprfr552MZY7_aSbjIxaD_knTDflRsOGN3Q&random=1541267352&rmt_tld=0&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 61ms
61ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1728595389807&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfwsVgZ4Or3_fJRVprfr552MZY7_aSbjIxaD_knTDflRsOGN3Q&random=1541267352&rmt_tld=1&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
672 B 163ms
63ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2617094870100&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1728595389969&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: a817557c2395669a25ec8d960f888d8c
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
content-length: 186
x-pinterest-rid: 2732714749552266

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
326 B 165ms
66ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=search&ed=%7B%22np%22%3A%22gtm%22%2C%22search_query%22%3A%22none%22%2C%22event_id%22%3A%22819dc9a7-9a40-47b4-959b-e2e3d121d616%22%7D&tid=2617094870100&cb=1728595389970&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: cd74867a5551891c4639df530adc7152
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVkyUXlaakZrT1dFdFpUZGlOUzAwWVRrNExUbGpOVFF0TldOaU1ESTJObUU0WlRkaA
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
content-length: 186
x-pinterest-rid: 5060321204084961

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
326 B 167ms
68ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%2230fd1220-adc2-4cba-8d3a-7f1637ee315b%22%7D&tid=2617094870100&cb=1728595389970&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 48c26e5093b3d79f14972e38717900ae
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU9HVTROR0U1WkRJdE5EQTNNUzAwTXpBMkxUa3pPV010TVdJeE1tTm1NMlkzT0RVMg
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
content-length: 186
x-pinterest-rid: 1483705422198669

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
209 B 165ms
67ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2617094870100&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1728595389971
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: b44bf8bbd0e30bea747f2a2b9e297a3f
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 10 Oct 2024 21:23:10 GMT
x-pinterest-rid: 8394474597267372
content-type: image/gif

GET
H2 204 0
bat.bing.com/action/ 0
178 B 63ms
62ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97062934&Ver=2&mid=ea287352-fb28-452b-aa3f-0bdc780a9a96&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Page%20not%20found%20-%20Weleda&p=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&r=&lt=615&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=308915

Requested by

Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19F199DAF827457AABC58882E0944B04 Ref B: FRA31EDGE0109 Ref C: 2024-10-10T21:23:10Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 10 Oct 2024 21:23:09 GMT

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 43ms
43ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-240830022527CBF5A6BDAC95BF85457C-5FCCE23284D5383A-00
content-length: 39498
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20240830022527CBF5A6BDAC95BF85457C
server: nginx
x-akamai-request-id: 3a5e8ef6
x-tt-trace-host: 019cd81d430e382d22765268805daf2a1ed00bbf855ae9ed467d1da7885edad72cb00cb70985005c1de089a0a7fbb52c36fd8d02a4d9f7ae6ff597e3efb941b9bf875b60c3d790a2a84eec0c13cb20e8bea64ceb5ee2071c300573373bbc3698de

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 192ms
190ms Ping
text/plain 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.weleda.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 10 Oct 2024 21:23:10 GMT
server-timing: inner; dur=42, cdn-cache; desc=MISS, edge; dur=21, origin; dur=130
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 10 Oct 2024 21:23:10 GMT
x-akamai-request-id: 3a5e8f07
access-control-allow-headers: Authorization,*
x-tt-trace-host: 010d56f0463cd111f068471839aabcceeed45c1768ea6a028cead9247a88bba5b605b9c4776cec156e996c31877044deebaf1b7b7de2503b3e0cd386bc2eb50cbebf99f46d906bf3e2b551ca85b388dae79f018ddb14e134310d80f4dffa16f6a4
x-origin-response-time: 130,104.126.37.125
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241010212310EA3D1A6EFF9D631710F2-3D46DD875261F38F-00
content-length: 0
x-tt-logid: 20241010212310EA3D1A6EFF9D631710F2
server: nginx

GET
H2 200 / Show response
analytics.fatmedia.io/ 27 B
144 B 161ms
161ms Script
text/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.fatmedia.io/?rptds=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765
Requested by: Host: analytics.fatmedia.io
URL: https://analytics.fatmedia.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ae884abec751589e0c9ad72a164c4f5155d38cbe06d6ff4bdc6dc14de263951a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

etag: W/"1b-Lbpv4U7UfCEEt/JxM4QJihy4Noc"
access-control-allow-origin: *
content-length: 27
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
server: Google Frontend
x-cloud-trace-context: 02524cecebf75021aaba042f792f7acc
vary: Accept-Encoding

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
683 B 65ms
65ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=search&ed=%7B%22np%22%3A%22gtm%22%2C%22search_query%22%3A%22none%22%2C%22event_id%22%3A%22819dc9a7-9a40-47b4-959b-e2e3d121d616%22%7D&tid=2617094870100&cb=1728595390140&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: a848b00462075d35a71fc751400cc215
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 10 Oct 2024 21:23:10 GMT
x-pinterest-rid: 1204256308039285
content-type: image/gif

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
685 B 67ms
67ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%2230fd1220-adc2-4cba-8d3a-7f1637ee315b%22%7D&tid=2617094870100&cb=1728595390143&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: e11b55d73fed9a764f64aedf4777f2b1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 10 Oct 2024 21:23:10 GMT
x-pinterest-rid: 5720889700667355
content-type: image/gif

GET
H2 451 458359.gif
idsync.rlcdn.com/ 0
98 B 137ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458359.gif?partner_uid=b718d2be-e1d5-422a-87c0-a77338b8a92c
Requested by: Host: www.weleda.com
URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 10 Oct 2024 21:23:10 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
717 B 164ms
162ms Ping
text/plain 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdkNGE4ZTU0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.weleda.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 10 Oct 2024 21:23:10 GMT
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=14, origin; dur=110
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Thu, 10 Oct 2024 21:23:10 GMT
x-akamai-request-id: 3a5e9157
access-control-allow-headers: Authorization,*
x-tt-trace-host: 010d56f0463cd111f068471839aabcceeed45c1768ea6a028cead9247a88bba5b666bf7b5437e0f52b08bbf03e4b6b1c2242b90e7d6e81912fa279799f14aa5e9d3472e05206c61babef8c6870bf30add31b3ef351220a3b92ac1aa68278b3fe55
x-origin-response-time: 111,104.126.37.125
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410102123106806EB9875830713AE31-2FDF676D4DC56C74-00
content-length: 0
x-tt-logid: 202410102123106806EB9875830713AE31
server: nginx

GET
H2 200 weleda.jsp Show response
www.upsellit.com/active/ 34 KB
11 KB 129ms
39ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/weleda.jsp

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c3b642994150c614ff57fade5f164494888f3ef8aae9eadf6b692f3de5d3b27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
content-encoding: gzip
age: 111128
via: 1.1 google
expires: Thu, 10 Oct 2024 14:31:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10898
date: Wed, 09 Oct 2024 14:31:02 GMT
content-type: application/x-javascript;charset=ISO-8859-1
vary: Accept-Encoding
server: nginx

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 40ms
40ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "16d5d552603d86726ae439fc61299d42"
age: 4309
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 4103
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 66E5 0
0 137ms
64ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 10 Oct 2024 21:23:10 GMT
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1746295796761855
x-pinterest-rid-128bit: 6246cc7e3f58cc27f258e3bfb37b3971

GET
H2 200 favicon.ico
www.weleda.com/webfiles/1727688424119/img/ 5 KB
1 KB 60ms
59ms Other
image/vnd.microsoft.icon 2a06:98c1:58::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/webfiles/1727688424119/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af28b5f3aaf4d44aaa7a8b389a1b14776452bca7300afe6314a0ffcb278020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com//product//plumping/-facial/-oil/-g006765

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 905408
cf-ray: 8d09ab870a568ffa-FRA
expires: Fri, 10 Oct 2025 21:23:10 GMT
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: image/vnd.microsoft.icon;charset=UTF-8
vary: Origin, Accept-Encoding
server: cloudflare
last-modified: Mon, 30 Sep 2024 09:53:02 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 139ms
53ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9S57CV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCE9024C2D6B19
x-ms-lease-status: unlocked
age: 28045
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 13:35:46 GMT
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 08:05:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 736d036c-901e-00a3-1a19-1b5feb000000
cf-ray: 8d09ab8c0da62bf1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 2bcbe424-d272-4c63-b1d9-d903ebc91d52.json Show response
cdn.cookielaw.org/consent/2bcbe424-d272-4c63-b1d9-d903ebc91d52/ 6 KB
3 KB 131ms
55ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2bcbe424-d272-4c63-b1d9-d903ebc91d52/2bcbe424-d272-4c63-b1d9-d903ebc91d52.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

650c7089b3f35cc940ea624f30672fc0e99d510214244addf813785da48f63ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-md5: lIdPZd/4Pwi8Ttg1NGlgzQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCE154363D7CA4
age: 76044
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 11 Oct 2024 21:23:11 GMT
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: application/json
last-modified: Mon, 30 Sep 2024 13:31:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 004e1b34-e01e-00ca-55bc-130047000000
cf-ray: 8d09ab8cdd61dcad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2085
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 147ms
66ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d09ab8dbddf8c3e-FRA
access-control-allow-origin: *
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/ 452 KB
110 KB 50ms
49ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-md5: btqcTGGxKzfJ1KoWzOA9vQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B7AC59A0
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 68048
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 19:37:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: dc35e002-d01e-00eb-12a2-ef6d76000000
cf-ray: 8d09ab8e2f782bf1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112185
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/2bcbe424-d272-4c63-b1d9-d903ebc91d52/54b36e0a-6867-4156-afb4-4d6af0ecf3bd/ 87 KB
20 KB 78ms
73ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2bcbe424-d272-4c63-b1d9-d903ebc91d52/54b36e0a-6867-4156-afb4-4d6af0ecf3bd/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17e39515a3d14997e5245192fb3e26eba83fcb5b2c0df0baaeb55c7f88e680bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-md5: rzUbe1izX4AKZxT036dUqQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCE15437CB85C6
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 21:23:11 GMT
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: application/json
last-modified: Mon, 30 Sep 2024 13:31:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 1ebee052-b01e-003c-043d-132751000000
cf-ray: 8d09ab8eda5adcad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19935
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 5 KB
2 KB 65ms
65ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1728595391898&cv=11&fst=1728595391898&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-853599953&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4c6f0c3d77fb03eb067db500bf9e7bc637ce57e8565d57ac7fb654a7c48ac3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2396
date: Thu, 10 Oct 2024 21:23:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 853599953
td.doubleclick.net/td/rul/ Frame 484E 0
0 67ms
66ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/853599953?random=1728595391898&cv=11&fst=1728595391898&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-853599953&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 48ms
47ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J8G93VP3DQ&gtm=45je4a90v871698871z8841763219za200zb841763219&_p=1728595389218&gcs=G111&gcd=13t3tPt2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101529666~101533422~101671035~101686685&cid=840947565.1728595390&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&sid=1728595389&sct=1&seg=0&dl=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&dt=Page%20not%20found%20-%20Weleda&en=scroll_depth_25%25&ep.event_id=1728595389547.531151.496&ep.page_hostname=www.weleda.com&ep.user_login_status=not_logged_in&ep.payment_type=na&ep.shipping_tier=na&ep.page_url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&ep.placement=no_navigation_click_class&ep.global_product_id=&ep.transaction_id=&_et=590&tfd=3109
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8G93VP3DQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.weleda.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8G93VP3DQ&gtm=45je4a90v871698871z8841763219za200zb841763219&_p=1728595389218&gcs=G111&gcd=13v3vPv2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=11393409314399810394&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z88...

0
0

49ms
48ms

Fetch
text/plain

2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=11393409314399810394&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F
Protocol: H2
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://region1.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=840947565.1728595390&dbk=11393409314399810394&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0xbdef2ac33538cb5a","source_keys":["1"]},{"key_piece":"0x21832149f32ac4f0","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"11393409314399810394","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["853599953"],"5":["10-10","10-09","10-08"]}}
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=840947565.1728595390&dbk=11393409314399810394&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je4a90v871698871z8841763219za200zb841763219&npa=0&tid=G-J8G93VP3DQ&dl=https%3A%2F%2Fwww.weleda.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 13 KB
3 KB 48ms
47ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-md5: HFRQn1JrLTlh4Ku3smscgQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B424DE74
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 47010
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6be4f3aa-401e-00aa-233d-134565000000
cf-ray: 8d09ab8f8c2cdcad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 24 KB
4 KB 49ms
49ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 47010
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:37:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: a54ba908-501e-0050-1f3d-138c82000000
cf-ray: 8d09ab8f8c2ddcad-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
302 B 55ms
54ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

67f099c821673307cfbe03f9519bd6c9770237fab43ab9175c5851a28dbd754e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
date: Thu, 10 Oct 2024 21:23:11 GMT
x-samesite: secure
content-type: text/plain; charset=utf-8

GET
H2 200 weleda.jsp Show response
www.upsellit.com/active/ 34 KB
11 KB 39ms
38ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/weleda.jsp

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c3b642994150c614ff57fade5f164494888f3ef8aae9eadf6b692f3de5d3b27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
content-encoding: gzip
age: 1
via: 1.1 google
expires: Fri, 11 Oct 2024 21:23:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10898
date: Thu, 10 Oct 2024 21:23:10 GMT
content-type: application/x-javascript;charset=ISO-8859-1
vary: Accept-Encoding
server: nginx

GET
H2 304 / Show response
analytics.fatmedia.io/ 417 B
74 B 79ms
79ms Script
text/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.fatmedia.io/
Requested by: Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: b887b06df45c7e1938ed12f8c0f556967b476547904a38d408b07bfc040230ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
If-None-Match: W/"1a1-wAwcBzZMJXvsN76qfNANjjfQa2U"
Referer: https://www.weleda.com/

Response headers

access-control-allow-origin: *
etag: W/"1a1-wAwcBzZMJXvsN76qfNANjjfQa2U"
date: Thu, 10 Oct 2024 21:23:11 GMT
x-cloud-trace-context: 0d75c2505c517f1414fb910c4890d96c
x-powered-by: Express
server: Google Frontend

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 5 KB
2 KB 67ms
67ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1728595391910&cv=11&fst=1728595391910&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

aa0382dda52dd26e032e8e6fab8597f4dc2727841399df0cc8335ba8c0e880cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2375
date: Thu, 10 Oct 2024 21:23:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 853599953
td.doubleclick.net/td/rul/ Frame 8E84 0
0 57ms
57ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/853599953?random=1728595391910&cv=11&fst=1728595391910&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 5 KB
2 KB 58ms
58ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1728595391918&cv=11&fst=1728595391918&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4d6c009c3a84ab8ee2ef0eb2fc8727ad47915cd4ae3858d3cbf531393199acf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2375
date: Thu, 10 Oct 2024 21:23:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 853599953
td.doubleclick.net/td/rul/ Frame 357F 0
0 57ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/853599953?random=1728595391918&cv=11&fst=1728595391918&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-853599953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:23:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 0
bat.bing.com/actionp/ 0
121 B 62ms
61ms Ping
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=97062934&Ver=2&mid=ea287352-fb28-452b-aa3f-0bdc780a9a96&evt=dedup&asc=D

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 629851418D3B42F089B455EDCF5102CA Ref B: FRA31EDGE0109 Ref C: 2024-10-10T21:23:11Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 10 Oct 2024 21:23:11 GMT

GET
H3 200 / Show response
ct.pinterest.com/user/ 35 B
438 B 66ms
66ms XHR
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=search&ed=%7B%22np%22%3A%22gtm%22%2C%22search_query%22%3A%22none%22%2C%22event_id%22%3A%22309517ff-363d-44c3-a0f1-961bfbc2077d%22%7D&tid=2617094870100&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA%22%7D&cb=1728595391922&dep=4%2CTAGS_RECEIVED&stc=true
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
x-pinterest-rid-128bit: e2bc1ab5860b1c745b3899bb64154389
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: image/gif
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
content-length: 35
x-pinterest-rid: 6573172686264288

GET
H3 200 / Show response
ct.pinterest.com/user/ 35 B
438 B 67ms
67ms XHR
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%224f6ee7e2-e85d-4f80-9dd0-7ea2898a7b1c%22%7D&tid=2617094870100&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA%22%7D&cb=1728595391923&dep=4%2CTAGS_RECEIVED&stc=true
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
x-pinterest-rid-128bit: b35e417a2b873bd8df39b59b1fca190f
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 10 Oct 2024 21:23:11 GMT
content-type: image/gif
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
content-length: 35
x-pinterest-rid: 1608508722198833

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
684 B 63ms
63ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=search&ed=%7B%22np%22%3A%22gtm%22%2C%22search_query%22%3A%22none%22%2C%22event_id%22%3A%22309517ff-363d-44c3-a0f1-961bfbc2077d%22%7D&tid=2617094870100&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA%22%7D&cb=1728595391923&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 993452814098124f812cfe661fbd1686
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 10 Oct 2024 21:23:11 GMT
x-pinterest-rid: 9308094244440577
content-type: image/gif

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
681 B 67ms
67ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%224f6ee7e2-e85d-4f80-9dd0-7ea2898a7b1c%22%7D&tid=2617094870100&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA%22%7D&cb=1728595391924&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: b2aed3fcf60f07f201cbec863e0105e2
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 4122d0a0078fd5189b02a6a90108b65336ce16c4
access-control-allow-origin: https://www.weleda.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 10 Oct 2024 21:23:11 GMT
x-pinterest-rid: 1294570756202183
content-type: image/gif

GET
H2 451 458359.gif
idsync.rlcdn.com/ 0
42 B 48ms
47ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458359.gif?partner_uid=fdbde801-ffcd-4036-b3d0-4b0d84b76582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 10 Oct 2024 21:23:11 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 55ms
55ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1728595391898&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf6uYs8blRFuTaLlJoj9w4hM7xPjHnUIgSB49l8EhLpqaVlgPw&random=3733803242&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 58ms
57ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1728595391898&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650z8841763219za201zb841763219&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf6uYs8blRFuTaLlJoj9w4hM7xPjHnUIgSB49l8EhLpqaVlgPw&random=3733803242&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 56ms
56ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1728595391918&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfW1O1ZMuB0-HCjxnsLpQo6dZEHxHy4-p4oHTaO6t0WnHwXsDe&random=2885596591&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 58ms
57ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1728595391918&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfW1O1ZMuB0-HCjxnsLpQo6dZEHxHy4-p4oHTaO6t0WnHwXsDe&random=2885596591&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 58ms
57ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1728595391910&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfgRcPnVQG0pA_ThzGHeiSqfsxB1yuZfYw4PvO4-O3RPQt3tiW&random=3554768057&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 56ms
56ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1728595391910&cv=11&fst=1728594000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v890026650za200&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20Weleda&npa=0&pscdl=noapi&auid=1483409143.1728595390&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfgRcPnVQG0pA_ThzGHeiSqfsxB1yuZfYw4PvO4-O3RPQt3tiW&random=3554768057&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 10 Oct 2024 21:23:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 304 / Show response
analytics.fatmedia.io/ 27 B
74 B 91ms
91ms Script
text/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.fatmedia.io/?rptds=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765
Requested by: Host: analytics.fatmedia.io
URL: https://analytics.fatmedia.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: ae884abec751589e0c9ad72a164c4f5155d38cbe06d6ff4bdc6dc14de263951a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
If-None-Match: W/"1b-Lbpv4U7UfCEEt/JxM4QJihy4Noc"
Referer: https://www.weleda.com/

Response headers

access-control-allow-origin: *
etag: W/"1b-Lbpv4U7UfCEEt/JxM4QJihy4Noc"
date: Thu, 10 Oct 2024 21:23:12 GMT
x-cloud-trace-context: 38de993443f696ff121bbd39622513d6
x-powered-by: Express
server: Google Frontend

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.weleda.com/	1970-01-21 00:09:57	Name: SERVERID Value: 844a539dc0657b0ebd09dfa4c33ff630\|b0fb2f40b9f9ed2a9935743ec69c9e2a
.www.weleda.com/	1969-12-31 23:59:59	Name: _cfuvid Value: tvtTRh.pjPafm9k6xyFW6kTViRW_a9.L7IWk41vZDK0-1728595389075-0.0.1.1-604800000
.weleda.com/	1969-12-31 23:59:59	Name: CUSTOMER_UUID Value: fdd6e8a0-f1ae-4fc8-80f7-9bd1d0da6d54
.weleda.com/	1970-01-21 02:19:31	Name: _gcl_au Value: 1.1.1483409143.1728595390
.weleda.com/	1970-01-21 09:45:55	Name: _ga_1234 Value: GS1.1.1728595389.1.0.1728595389.0.0.610860524
.weleda.com/	1970-01-21 09:45:55	Name: _ga Value: GA1.1.840947565.1728595390
.tiktok.com/	1970-01-21 09:31:31	Name: _ttp Value: 2nGNKcSaKRY3rBGbIGmpVkGnvpg
.doubleclick.net/	1970-01-21 09:31:31	Name: IDE Value: AHWqTUlXLmSHXiGbDsx7rLLA2FHedn2gQn9IjS-7UCFkZOTMTHodzJnqZ8_QHkL8
.weleda.com/	1970-01-21 02:19:31	Name: _fbp Value: fb.1.1728595389929.41727928796128259
.region1.google-analytics.com/	1970-01-21 02:19:31	Name: ar_debug Value: 1
.weleda.com/	1970-01-21 09:45:55	Name: FPID Value: FPID2.2.4kWBokjIbdujBjm8AOih3xQqePbBBQXzMyPWoUnghMg%3D.1728595390
.weleda.com/	1970-01-21 00:11:07	Name: FPLC Value: fjicpG%2B0Y6OodyzBL3801br4rFQdno2qxObIuq5o03gdgII6OjHc32ks1evxSv1gdAdVbPEOBOMWDgevPNWwkSeWW9ubvCN2ANVXTqkHSVRilKKwZwPFYhF6KCldtw%3D%3D
.weleda.com/	1970-01-21 09:31:31	Name: _tt_enable_cookie Value: 1
.weleda.com/	1970-01-21 09:31:31	Name: _ttp Value: OwcHmjjxoEh5AMfC2rICSfhJHQ7
.linksynergy.com/	1970-01-21 08:55:31	Name: rmuid Value: fdbde801-ffcd-4036-b3d0-4b0d84b76582
.weleda.com/	1970-01-21 08:55:31	Name: _pin_unauth Value: dWlkPU16QmpOV0V3TlRFdE1ERXhNQzAwWm1WakxXSTNNakF0T1dVek56aGlZelprWVRCbA
.pinterest.com/	1970-01-21 08:55:31	Name: ar_debug Value: 1
.weleda.com/	1970-01-21 09:45:55	Name: _ga_J8G93VP3DQ Value: GS1.1.1728595389.1.1.1728595391.58.0.0
.weleda.com/	1970-01-21 08:55:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Oct+10+2024+23%3A23%3A11+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202407.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=01bc222c-b3ba-48f0-8bbc-3ad3a5429ece&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.weleda.com%2F%2Fproduct%2F%2Fplumping%2F-facial%2F-oil%2F-g006765&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0007%3A0
.ct.pinterest.com/	1970-01-21 08:55:31	Name: _pinterest_ct_ua Value: "TWc9PSZ5cnpUaVlBN0RCcjk3bk9UK0lFcnFjbTM1a1FUMG9FeXpWR0lmbnV0T1ZLQnZtT0tmQmtXQXBQbk5YYi9ib3B3ZDNXZ0thenJUTUlIeXBTc2NmUmtReG8xbFVNTlR6UVlOMUZBUGVGRGY2Zz0mR2wzV2hpRmEyNnRpSnh1TndraURjeW9XakNJPQ=="

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.weleda.com//product//plumping/-facial/-oil/-g006765 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/458359.gif?partner_uid=b718d2be-e1d5-422a-87c0-a77338b8a92c Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/458359.gif?partner_uid=fdbde801-ffcd-4036-b3d0-4b0d84b76582 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.fatmedia.io
analytics.tiktok.com
bat.bing.com
cdn.cookielaw.org
cdn.mouseflow.com
connect.facebook.net
consent.linksynergy.com
ct.pinterest.com
geolocation.onetrust.com
googleads.g.doubleclick.net
idsync.rlcdn.com
maps.googleapis.com
metrics.weleda.com
region1.analytics.google.com
region1.google-analytics.com
s.pinimg.com
stats.g.doubleclick.net
tag.rmp.rakuten.com
td.doubleclick.net
ut.rd.linksynergy.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.upsellit.com
www.weleda.com
104.126.37.154
104.18.26.50
142.250.181.227
142.250.185.130
142.250.186.132
142.250.186.163
151.101.0.84
151.101.128.84
157.240.0.6
172.217.18.10
2001:4860:4802:32::36
2001:4860:4802:36::15
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2620:1ec:33:1::10
2a00:1450:4001:802::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2013
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9b
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::84
2a06:98c1:58::9
34.102.147.248
34.117.39.58
34.98.67.3
35.244.174.68
0c27605567e848c4018c98d22500e6e8e7800931be7a5fd48a0d03bd43034b1b
0c37c4265c50c780026341fa91968783b71507ceb32c338346477f102c15a88e
115edd952baee279085bb6f896fba0bf4dab3ea3415b29b652d0600aa475ba24
132ca84a448d9a41c470048ff4554191f701081445664e63aa41381d9774ef2f
1690efeb09bf01ae2072543ea56792feb218118218ef827947f41ca67fe6ac8d
17e39515a3d14997e5245192fb3e26eba83fcb5b2c0df0baaeb55c7f88e680bd
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2680ba043a35f0decbfbe2f0ea2b06d3bc9f441f648df6c7fbe92fc8485e2c23
281f48db053b02b6a36a256eea66d497f95da8ea64cb531950d0455855719118
289000b9d13660175f7602b5e7e546c28521b93f2d658489e349c0e4640e8c62
2a2180d83f10d8013074f6794898bb6b9d18a6a9feda649d90d2ca72199a5e1b
358288241b47c551306550abd03f5414ba39647143c9c2f4432333959f2c15d2
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37c4f0ea42c418e86ac747c74ef7fa1f463465ae4f9163f93a1fe9825be35dcf
42fbdd461bc4d197298ff253a16ca8382b77bcaa2c71a7470c3765e698bb971a
456e9a584e317fbe95f0a8b87bfcdb6880f00cc9257b780da37719fc4c2fdc54
46a94796c908c46cc46587afd5c148e00d7270f682d7a157b258e5114640548a
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4a74aae0eeafab501746715412223d7865c9f9445b03e6a79bab9e53df3517db
4c6f0c3d77fb03eb067db500bf9e7bc637ce57e8565d57ac7fb654a7c48ac3b0
4d6c009c3a84ab8ee2ef0eb2fc8727ad47915cd4ae3858d3cbf531393199acf1
4e9f6a80a2c5e548c6cdb6ab88151d457a77c8f33a626b3153aed2846b59a56a
51d6caf3da4d0741f68e78f71a8df92b233cb7cfd4bb160892088ee1268bc380
580f529a0a8b93280eaeabb39b58ca54fa6d828c117d8963583e77aa367a4c6c
650c7089b3f35cc940ea624f30672fc0e99d510214244addf813785da48f63ee
6670f1b07b0c4c00458a6afb290d33d850a40f12c190613a645528d9d01fe7a5
67f099c821673307cfbe03f9519bd6c9770237fab43ab9175c5851a28dbd754e
69d2e35a026e2d2d5f60964e9b8310e372b442c354adb43afd1cd39c1e00fddf
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
753bf282483cd7d12e58604641a22a2e7c6bb121fb43fbb252c331e437231681
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
8528a9dab765db6d9670c48568bb2992cb176de4974eb5efbddffae26ef08810
859c41a03d11e2652028ad818dccb86d1c4b4f6671af3b0586bd6ab536979fa9
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
8af28b5f3aaf4d44aaa7a8b389a1b14776452bca7300afe6314a0ffcb278020e
8d48693ab197f85c91d5c62564b4edbd39340e32c3bdd3c8675ee96439617807
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
971378b148c7158efc36300ed9e78b6fc5ab1b66a67f6da93c32ef7a10e27b58
9a81c531f4669224e93ad9fdb33aa35bbf509f5dc30dd870f7f3187029712224
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9e31e9e23bf18a6f46f183446cad24dd59ee43de42b62e2744a01a71adfe5a0a
9e95d749f0c410b9bd6393e0504aaafeaf0ae483aa678cf8152ea4a80282f712
a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c
a941c1f3c9cefaeb2951db4c9ae4f6245c423267b6be4a8b4604ad9a7f2a4526
aa0382dda52dd26e032e8e6fab8597f4dc2727841399df0cc8335ba8c0e880cf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae884abec751589e0c9ad72a164c4f5155d38cbe06d6ff4bdc6dc14de263951a
b887b06df45c7e1938ed12f8c0f556967b476547904a38d408b07bfc040230ae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590
bc31ee93c6e6b553f928c2550652ae7bc8b49825a1b7f338068493f4774b4227
bfaf00bf2078c0ea949972fecb8cc2ef7bff709bd32b5ae8e428462a0d8ca485
c2ed711ff4cdf404d7024474157f0c6dd48ffc2aa38c0e3d3d5d3b3e7ef9e76c
c3b642994150c614ff57fade5f164494888f3ef8aae9eadf6b692f3de5d3b27b
c5313149694ea0ef13d8371a25def7ff06c85f0651e96eccc96ce469346cc0a9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
da770317afb4ead9eaabefd6c2acda79aea327028c1719085468baf896083ba0
dd033702b7128d8b5409903ed52bf870a229caee278c28c877582b8c5c546ad9
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e31d14b8c5505637012e8570bde2526e21e2c65520dc23783f685d309dc73749
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f2dd4be69482a76efc5a2b401ce0f0ca6980620c741085dabdbf97ba5931fc1d
f85094ae75a81d1f0a15f0461d34db8e2a8c1f0611804edf806723c7b6c47924
fe8ed8c4ced0618524b3139da584179b046f3180fe40a88d3b50d1179d34ba00
ff3bd717a4cef08ce8e0d5436935a01915771a46c02a6785562d3139dba13ee3

www.weleda.com Open in urlscan Pro 2a06:98c1:58::9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

97 %HTTPS

48 %IPv6

22 Domains

27 Subdomains

27 IPs

4 Countries

2345 kBTransfer

7178 kBSize

20 Cookies

7 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.weleda.com Open in urlscan Pro
2a06:98c1:58::9 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

97 %
HTTPS

48 %
IPv6

22
Domains

27
Subdomains

27
IPs

4
Countries

2345 kB
Transfer

7178 kB
Size

20
Cookies

116 HTTP transactions
0 data transactions