urlscan.io logo urlscan.io
SecurityTrails logo

www.nivea.co.th Open in urlscan Pro
2620:1ec:4a::43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.n.nivea.co.th/?qs=beda4afe02c55e7fa18fa28bde0755bbb2092d14b3fbe35162c15d06332c07b0e3cd84fa12389209ab68a248c5a9...
Effective URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Submission: On December 25 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 88 HTTP transactions. The main IP is 2620:1ec:4a::43, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.nivea.co.th.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 1st 2022. Valid for: a year.
This is the only time www.nivea.co.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.210.166 22606 (EXACT-7)
1 25 2620:1ec:4a::43 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
13 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 87.230.98.74 61157 (PLUSSERVE...)
2 7 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:21f... 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
24 52.84.106.125 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.224.189.97 16509 (AMAZON-02)
1 13.224.189.110 16509 (AMAZON-02)
2 143.204.215.41 16509 (AMAZON-02)
88 16
1    13.111.210.166 (United States)

ASN22606 (EXACT-7, US)
PTR: click.n.nivea.co.th
click.n.nivea.co.th
25    2620:1ec:4a::43 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.nivea.co.th
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
images-eu.nivea.com
1    2600:9000:2057:9200:11:f266:7200:93a1 (United States)

ASN16509 (AMAZON-02, US)
wtb-tag.swaven.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    87.230.98.74 (Bergisch Gladbach, Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com
consentmanager.mgr.consensu.org
7    2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tm-eu.beiersdorf.com
3    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2600:9000:21f3:5e00:4:9e5:d940:93a1 (United States)

ASN16509 (AMAZON-02, US)
wtb-api-hub.swaven.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
24    52.84.106.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-125.bud50.r.cloudfront.net
widgets.swaven.com
4    2606:4700:20::681a:283 (United States)

ASN13335 (CLOUDFLARENET, US)
eu-west-1-wtb-tag-api.swaven.com
1    13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net
img.static-swaven.com
1    13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net
content.static-swaven.com
2    143.204.215.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-41.fra53.r.cloudfront.net
trk2-wtb.swaven.com
Apex Domain
Subdomains		 Transfer
34 swaven.com
wtb-tag.swaven.com — Cisco Umbrella Rank: 324133
wtb-api-hub.swaven.com — Cisco Umbrella Rank: 326125
widgets.swaven.com — Cisco Umbrella Rank: 345607
eu-west-1-wtb-tag-api.swaven.com — Cisco Umbrella Rank: 334710
trk2-wtb.swaven.com — Cisco Umbrella Rank: 463953
235 KB
26 nivea.co.th
click.n.nivea.co.th
www.nivea.co.th
533 KB
13 nivea.com
images-eu.nivea.com — Cisco Umbrella Rank: 527886
354 KB
7 beiersdorf.com
tm-eu.beiersdorf.com — Cisco Umbrella Rank: 301993
3 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6041
631 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
393 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
260 KB
2 static-swaven.com
img.static-swaven.com — Cisco Umbrella Rank: 675331
content.static-swaven.com — Cisco Umbrella Rank: 530956
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
848 B
1 consensu.org
consentmanager.mgr.consensu.org — Cisco Umbrella Rank: 15852
16 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
88 11
Domain Requested by
25 www.nivea.co.th 1 redirects www.nivea.co.th
24 widgets.swaven.com wtb-tag.swaven.com
widgets.swaven.com
13 images-eu.nivea.com www.nivea.co.th
7 tm-eu.beiersdorf.com 2 redirects www.googletagmanager.com
www.google-analytics.com
4 eu-west-1-wtb-tag-api.swaven.com
3 wtb-api-hub.swaven.com wtb-tag.swaven.com
widgets.swaven.com
3 www.google.de www.nivea.co.th
3 stats.g.doubleclick.net 2 redirects www.googletagmanager.com
3 www.googletagmanager.com www.nivea.co.th
www.googletagmanager.com
2 trk2-wtb.swaven.com
2 www.google.com 2 redirects
1 content.static-swaven.com
1 img.static-swaven.com
1 consentmanager.mgr.consensu.org www.nivea.co.th
1 www.google-analytics.com www.googletagmanager.com
1 wtb-tag.swaven.com www.nivea.co.th
1 click.n.nivea.co.th 1 redirects
88 17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.beiersdorf.com
Subject Issuer Validity Valid
www.nivea.co.th
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
images-eu.nivea.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-25 -
2023-03-25		 a year crt.sh
*.swaven.com
Go Daddy Secure Certificate Authority - G2		 2022-11-09 -
2023-12-11		 a year crt.sh
consentmanager.mgr.consensu.org
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
tm-eu.beiersdorf.com
GTS CA 1D4		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
img.static-swaven.com
Amazon		 2022-04-19 -
2023-05-18		 a year crt.sh
*.static-swaven.com
Go Daddy Secure Certificate Authority - G2		 2022-04-10 -
2023-05-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Frame ID: 89C940730F3A7DDD5CA559ACADCC235E
Requests: 58 HTTP requests in this frame

Frame: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Frame ID: 7315D91FD995AFE1289B79BD96EF455C
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

นีเวีย: แบรนด์และบริษัท - NIVEA

Page URL History Show full URLs

  1. https://click.n.nivea.co.th/?qs=beda4afe02c55e7fa18fa28bde0755bbb2092d14b3fbe35162c15d06332c07b0e3cd84fa... HTTP 302
    https://www.nivea.co.th/about-us/our-company/company-overview-page?contactid=amira.bebars1@vodafone.com HTTP 301
    https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

88
Requests

97 %
HTTPS

65 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

1406 kB
Transfer

3014 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.n.nivea.co.th/?qs=beda4afe02c55e7fa18fa28bde0755bbb2092d14b3fbe35162c15d06332c07b0e3cd84fa12389209ab68a248c5a9c3d8eac4111b81e59fecab3f3ade714a9169 HTTP 302
    https://www.nivea.co.th/about-us/our-company/company-overview-page?contactid=amira.bebars1@vodafone.com HTTP 301
    https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://tm-eu.beiersdorf.com/j/collect?v=1&_v=j98&aip=1&a=1746089035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&dr=&dp=%2Fabout-us%2Fcompany-overview-page&ul=en-us&de=UTF-8&dt=%E0%B8%99%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B8%B5%E0%B8%A2%3A%20%E0%B9%81%E0%B8%9A%E0%B8%A3%E0%B8%99%E0%B8%94%E0%B9%8C%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%20-%20NIVEA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACgFqo~&jid=1072403114&gjid=722163329&cid=2014481626.1671976371&tid=UA-44073543-2&_gid=1353860045.1671976371&_fplc=0&_r=1&gtm=2wgbu0M4PQ5NR&cg1=Content%20Page&cd1=TH&cd2=TH-TH&cd3=Content%20Page&cd4=XL%20(%3E%3D%201280)&cd5=(not%20set)&cd6=%2Fabout-us%2Fcompany-overview-page&cd7=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&cd8=TH&cd9=TH-TH&cd10=(not%20set)&cd11=GTM-M4PQ5NR&cd13=Not%20Logged%20In&cd15=Guest%20Visitor&cd19=(not%20set)&cd23=Sample2&cd24=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&cd25=(not%20set)&cd27=CPA%3A%200%2C%20LCD%3A%200%2C%20MCD%3A%201&cd28=external&cd29=(not%20set)&cd30=Visible%20-%20Desktop%20-%20OnLoad&cd35=CPA%3A%200%2C%20LCD%3A%200%2C%20MCD%3A%201&z=507637816 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_gid=1353860045.1671976371&gjid=722163329&_v=j98&z=507637816 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_v=j98&z=507637816 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_v=j98&z=507637816&slf_rd=1&random=536058420
Request Chain 32
  • https://tm-eu.beiersdorf.com/j/collect?v=1&_v=j98&aip=1&a=1746089035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&dr=&dp=%2Fabout-us%2Fcompany-overview-page&ul=en-us&de=UTF-8&dt=%E0%B8%99%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B8%B5%E0%B8%A2%3A%20%E0%B9%81%E0%B8%9A%E0%B8%A3%E0%B8%99%E0%B8%94%E0%B9%8C%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%20-%20NIVEA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACgFqo~&jid=1600334925&gjid=2068819282&cid=2014481626.1671976371&tid=UA-45839341-2&_gid=1353860045.1671976371&_fplc=0&_r=1&gtm=2wgbu0M4PQ5NR&cg1=Content%20Page&cd1=TH&cd2=TH-TH&cd3=Content%20Page&cd4=XL%20(%3E%3D%201280)&cd5=(not%20set)&cd6=%2Flocal%2Fabout-us%2Fcompany-overview-page&cd7=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&cd8=TH&cd9=TH-TH&cd10=(not%20set)&cd11=GTM-M4PQ5NR&cd13=Not%20Logged%20In&cd15=Guest%20Visitor&cd19=(not%20set)&cd23=Sample2&cd24=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&cd25=(not%20set)&cd27=CPA%3A%200%2C%20LCD%3A%200%2C%20MCD%3A%201&cd28=external&cd29=(not%20set)&cd30=Visible%20-%20Desktop%20-%20OnLoad&cd35=CPA%3A%200%2C%20LCD%3A%200%2C%20MCD%3A%201&cd31=2014481626.1671976371&cd32=1671976370852.eh7n6uv3&cd33=2022-12-25T13%3A52%3A50.852%2B00%3A00&z=1640373254 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_gid=1353860045.1671976371&gjid=2068819282&_v=j98&z=1640373254 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_v=j98&z=1640373254 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_v=j98&z=1640373254&slf_rd=1&random=967899900

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request company-overview-page
www.nivea.co.th/about-us/
Redirect Chain
  • https://click.n.nivea.co.th/?qs=beda4afe02c55e7fa18fa28bde0755bbb2092d14b3fbe35162c15d06332c07b0e3cd84fa12389209ab68a248c5a9c3d8eac4111b81e59fecab3f3ade714a9169
  • https://www.nivea.co.th/about-us/our-company/company-overview-page?contactid=amira.bebars1@vodafone.com
  • https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
208 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
52d69e1df13b22c31278e7877d96493301a5896c1570b5f1995aa585fda938b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
br
content-length
58941
content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 13:52:49 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-azure-ref
0slWoYwAAAADiyZ3UwdXaRKwLSMa3eB8ARlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-azure-ref-originshield
0slWoYwAAAACyP7JKIkkdR59g0lpYNiBhRlJBMjMxMDUwNDE3MDI3ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
x-cache
PRIVATE_NOSTORE

Redirect headers

cache-control
private, no-store
content-length
208
content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 13:52:49 GMT
location
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
server
Microsoft-IIS/10.0
x-azure-ref
0sVWoYwAAAAAgkFvc0UsuR4bdKLda5j4fRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-azure-ref-originshield
0sVWoYwAAAABt4nGsoZtTSp7inTCbHRj0RlJBMjMxMDUwNDE3MDQ1ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
x-cache
PRIVATE_NOSTORE
NiveaXIcons-010420201600.woff
www.nivea.co.th/dist/NiveaX/_/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/_/fonts/NiveaXIcons-010420201600.woff
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5606169db16fd18b54489e0e579646451ef53763704d6cbb37cb7852586ae9e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Origin
https://www.nivea.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 05 Oct 2022 14:26:03 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0y0WoYwAAAABAA6/o+8BTQrFCJ4LextKRRlJBMjMxMDUwNDE3MDExADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"6d33466c6d8d81:0"
x-azure-ref
0slWoYwAAAAA/84ZIHnZCRYAOqQALeHo+RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-cache
TCP_HIT
content-type
application/font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7368
font-faces.css
www.nivea.co.th/dist/NiveaX/ 		2 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/font-faces.css?202211300617
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2c70c41d9a7461fc6d62e07f188c415d6346151f58165b9957d2d1584eb10f86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 30 Nov 2022 05:17:09 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
05ZymYwAAAAAR6ti0rJOEQ7PYh7hachTrRlJBMjMxMDUwNDE3MDM5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"bfd730ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0slWoYwAAAAAL6rg0BF6sTbTJKbHhomyDRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
388
styles-ltr.css
www.nivea.co.th/dist/NiveaX/ 		430 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/styles-ltr.css?202211300617
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b43c37a6c6c04873368e314bb87c344665fe73a6ee661917db14172f77678171
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 30 Nov 2022 05:17:09 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0qe2nYwAAAAB+kcDH/ftSQKUP0jg8XXgVRlJBMjMxMDUwNDE4MDMxADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"663c39ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0slWoYwAAAAAcwfClmpk/TaEv437EqZfHRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
font-faces-local-th-TH.css
www.nivea.co.th/dist/NiveaX/ 		237 B
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/font-faces-local-th-TH.css?202211300617
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b300f0c289d4e37ed11a00fcd037851b461afc4d348b62983d85623e693bb4a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 30 Nov 2022 05:17:09 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0RdCnYwAAAADYVmbRDshZQJgSZEL7Ui8LRlJBMjMxMDUwNDE4MDE5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"c28f2eff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0slWoYwAAAACFsPMvlFizRbpE2gLlYQ0hRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
227
gtm.js
www.googletagmanager.com/ 		362 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4PQ5NR
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e9be87c87b5d47a12c745998ab1215670aecbfd69cfe824e029ecd9ef8221c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100077
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 13:52:50 GMT
gtm.js
www.googletagmanager.com/ 		418 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9DKQVG
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42118ca875db2064731a597640970b1b6cfaeeb0d39dc32f5386808e94bc982d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99448
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 13:52:50 GMT
nivea-faq-shop-stage.jpg
images-eu.nivea.com/-/media/global/advice/faq/shop-faq/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/global/advice/faq/shop-faq/nivea-faq-shop-stage.jpg?rx=428&ry=0&rw=2063&rh=806&mw=1600&hash=2101E93766AE0755F9D991672C921F01
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
653fdc36504f4dc1ca57600626d068755c55b03d3436ee9beeecae8cc7bfbc0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Tue, 31 May 2016 09:29:26 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0slWoYwAAAACQNjlmR4Z5R51UbbOolo8ZRlJBMjMxMDUwNDE3MDI3ADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
53e029c2a8f4407aaf2f13e7ad1de3a3_temp
x-azure-ref
0slWoYwAAAABhZOqiV1faSa+xwhZ0KnTDRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_REMOTE_HIT
content-type
image/jpeg
cache-control
public, max-age=31104000
content-disposition
inline; filename="NIVEA-FAQ-Shop-Stage.jpg"
accept-ranges
bytes
content-length
68597
application.js
www.nivea.co.th/dist/NiveaX/ 		328 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2a2bc03b9f7a7c3ca56b5da02c69bb8d0499d23b914d3805ae344019ec3864ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 30 Nov 2022 05:17:09 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0HfymYwAAAAAdbpPCg1ZsRYlFxiM1NBlNRlJBMjMxMDUwNDE4MDIzADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"814e1fff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAAA7Jk4fpmQ/RZbMmNHgoDmlRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
NIVEABrandTypeWeb-Regular.woff2
www.nivea.co.th/dist/NiveaX/_/fonts/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/_/fonts/NIVEABrandTypeWeb-Regular.woff2
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/font-faces.css?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a4f0bfd5f1dc027273eeebd1344c838d3efeaeccd5243f446c4735998998118f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

Referer
https://www.nivea.co.th/dist/NiveaX/font-faces.css?202211300617
Origin
https://www.nivea.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 05 Oct 2022 14:26:03 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
01UOlYwAAAABRDH7zAoL9QpGplYK7plR0RlJBMjMxMDUwNDE3MDI1ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"2670366c6d8d81:0"
x-azure-ref
0slWoYwAAAABTYRknMX/pSphwS8kZR5z1RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-cache
TCP_HIT
content-type
application/font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
56142
nivsup-webfont.woff
www.nivea.co.th/dist/NiveaX/_/fonts/thai/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/_/fonts/thai/nivsup-webfont.woff
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/font-faces-local-th-TH.css?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
abf0d793d652d0ae24a6c70fc8dc35887075f78d93d3104de6df8fc7c9045ccd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

Referer
https://www.nivea.co.th/dist/NiveaX/font-faces-local-th-TH.css?202211300617
Origin
https://www.nivea.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 05 Oct 2022 14:26:03 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0jnijYwAAAADClf16RE4fT5rZyVygpGTqRlJBMjMxMDUwNDE4MDQ1ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"144866c6d8d81:0"
x-azure-ref
0slWoYwAAAADqHCsky/utQJHTshalytimRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-cache
TCP_HIT
content-type
application/font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
50920
nivea-ball-kind.webp
images-eu.nivea.com/-/media/global/marke-unternehmen/brand-history/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/global/marke-unternehmen/brand-history/nivea-ball-kind.webp?mw=800&hash=85DBFD037BFC66B47CC981D4DED7DA2A
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
06ecc1a451ce30c6d075e7a39c2bf6581b85383a1650b89eab6f00a3c80d07e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Tue, 12 Apr 2022 12:15:17 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0AAikYwAAAAC3mwZWM3I3SLUF69L2MCKeRlJBMjMxMDUwNDE4MDE3ADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
4153c85727224cf4a7252c29447b8809
x-azure-ref
0slWoYwAAAAC1KuzK7frlQY5X0FuBCm9qRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="nivea-ball-kind.webp"
accept-ranges
bytes
content-length
40674
karriere.webp
images-eu.nivea.com/-/media/global/home/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/global/home/karriere.webp?mw=1600&hash=5058987E39DE145D7622B66A9F7826FD
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27697e05964d3a1eac2422c6dcae14daf5ec5c5fda62578488561b44258981b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Tue, 31 May 2016 09:37:29 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0ws+jYwAAAACaBmT8ZpedQKtudU8aNahKRlJBMjMxMDUwNDE3MDMxADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
c5378a528b2e49da9ad6921a66239498
x-azure-ref
0slWoYwAAAAB7c6LJPJhESKM6dRHJVaacRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="karriere.webp"
accept-ranges
bytes
content-length
106434
nachhaltigkeit-t.webp
images-eu.nivea.com/-/media/global/marke-unternehmen/nachhaltigkeit/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/global/marke-unternehmen/nachhaltigkeit/nachhaltigkeit-t.webp?mw=800&hash=5F7701145B64088E627B25E18695EBBD
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5fe4862768a68aa62080317548b97d65b7fd823d5a925c957439b00a8c724860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Tue, 31 May 2016 09:38:17 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0KhSeYwAAAADMGn6GU8MPRpkZ9Sx4uxSORlJBMjMxMDUwNDE3MDI5ADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
b174174d9b5e415193808018e4698439
x-azure-ref
0slWoYwAAAACE+JrVVSTzSInx+PulsAVnRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="nachhaltigkeit-t.webp"
accept-ranges
bytes
content-length
47248
361d459813f14cff8235626887813415-web_1010x1180_transparent_png.webp
images-eu.nivea.com/-/media/media-center-items/2/7/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/media-center-items/2/7/3/361d459813f14cff8235626887813415-web_1010x1180_transparent_png.webp?mw=259&hash=9C8E882AC30D33FDBF1A72EE1738367E
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
99c31d0876efe42e168919c70c801cd19709832f6fae1d04a9834437ff4f9129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 01 Dec 2021 11:52:07 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0/uikYwAAAAAbfo+BQUErTKnxE5AgktAoRlJBMjMxMDUwNDE3MDIzADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
478c199be1a5444c8f5b95807756a438
x-azure-ref
0slWoYwAAAADWVHVsj7t4SYkqWfi10bQMRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="361d459813f14cff8235626887813415-web_1010x1180_transparent_png.webp"
accept-ranges
bytes
content-length
4822
5293edf1a8f448e1aeff3cf0e54549c5-web_1010x1180_transparent_png.webp
images-eu.nivea.com/-/media/media-center-items/0/4/0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/media-center-items/0/4/0/5293edf1a8f448e1aeff3cf0e54549c5-web_1010x1180_transparent_png.webp?mw=259&hash=9D21BE13F069B2EB35951C2F78255AFF
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c0999e39bd144ae0e33a943f7e77223345ea766c251cb59817dfc14285d6dda8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 01 Dec 2021 11:53:30 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0TQWkYwAAAAAQqLymOqYTSKcuRajBnSAaRlJBMjMxMDUwNDE4MDMxADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
8334ff3d0cf447caa9226630e6c5bee4
x-azure-ref
0slWoYwAAAAB7OUAAJCfYTJQydeM2OXWZRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="5293edf1a8f448e1aeff3cf0e54549c5-web_1010x1180_transparent_png.webp"
accept-ranges
bytes
content-length
5690
239329-web_1010x1180_transparent_png.webp
images-eu.nivea.com/-/media/media-center-items/f/8/8/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/media-center-items/f/8/8/239329-web_1010x1180_transparent_png.webp?mw=259&hash=F4E932036C01C4E60D2E5D03B0ACFCB0
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b08939c038685caafc78560897563157fe7f7719f958c5d40af9d5f0d42990f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 01 Dec 2021 11:48:06 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0tKKjYwAAAACnFlGrVylLSo2KKV/M4nMJRlJBMjMxMDUwNDE3MDQ3ADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
ad7e5be2114840abaedd714f791fe1e6_temp
x-azure-ref
0slWoYwAAAABGdq2zIGQxTKYsBdZgKFfcRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/png
cache-control
public, max-age=31104000
content-disposition
inline; filename="239329-web_1010x1180_transparent_png.png"
accept-ranges
bytes
content-length
37880
l2_nm_10_mobile.webp
images-eu.nivea.com/-/media/local/th/article_mar_2020/6-ways-to-get-rid-of-body-odor/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/local/th/article_mar_2020/6-ways-to-get-rid-of-body-odor/l2_nm_10_mobile.webp?rx=0&ry=32&rw=590&rh=327&mw=383&hash=E6069E575165F79F2B78EEC13D5C7A79
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2d6f7c94b3e166e625366cf63331211bd44f0407d27c6c448052c41568a668db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Thu, 02 Jul 2020 05:22:29 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
033KlYwAAAADp4LZBEF3BS7bPoQtxwUsJRlJBMjMxMDUwNDE3MDIxADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
bcbb675121e14e018913ac27cdcae8d9
x-azure-ref
0slWoYwAAAACuTw8Imn7wT7RugSweT78IRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="L2_NM_10_mobile.webp"
accept-ranges
bytes
content-length
9266
boost-up-confidence-banner.webp
images-eu.nivea.com/-/media/local/th/articles/2020/articles-december-2020/women-article/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/local/th/articles/2020/articles-december-2020/women-article/boost-up-confidence-banner.webp?rx=0&ry=0&rw=1801&rh=1000&mw=383&hash=1A3B3E5926689656679E06C4D156E831
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4dcc596660263e4d6b68cde2195d1b80c5fedc49141d5f8f9e9033440d3c9543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Tue, 22 Dec 2020 08:01:14 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0TQWkYwAAAABR7TJn+zOlSojgOwBVVd4xRlJBMjMxMDUwNDE4MDExADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
f65d3430cc7144ee9b9420e99f56bcc2
x-azure-ref
0slWoYwAAAAA7JbL2WNleSq6c1tmnQotiRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="boost-up-confidence-banner.webp"
accept-ranges
bytes
content-length
3656
cleansing-for-acne-sensitive-skin-thumb.webp
images-eu.nivea.com/-/media/local/th/article_jan_2020/01-pick-facial-foam-to-get-brighten-skin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/local/th/article_jan_2020/01-pick-facial-foam-to-get-brighten-skin/cleansing-for-acne-sensitive-skin-thumb.webp?rx=0&ry=0&rw=590&rh=327&mw=383&hash=A31AD7D9FFD0C3A1247B0AE5CE47A296
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae8351f26611e403cab2e876c3a5ef02301481adee8e7f10a95a64f2da30cf63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 22 Jan 2020 12:49:12 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0FJqmYwAAAAC9feQ35YClQKeJvfr0fM8KRlJBMjMxMDUwNDE3MDMzADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
2fa429657dd04fb8afc4a250b8cb675c
x-azure-ref
0slWoYwAAAAANAka9OF+5T6bUUKngG1NFRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="cleansing-for-acne-sensitive-skin-thumb.webp"
accept-ranges
bytes
content-length
5658
clear-facial-skin-without-acne-banner.webp
images-eu.nivea.com/-/media/local/th/articles/2020/articles-february-2020/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/local/th/articles/2020/articles-february-2020/clear-facial-skin-without-acne-banner.webp?rx=0&ry=0&rw=1801&rh=1000&mw=383&hash=22DDAA75B61C5F01BCFA7A66C076234D
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
47e4e9d6a6085ab95f2e82ec85c8293e4c042b425017cea1a6a8eb0102f67b0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Fri, 02 Apr 2021 09:14:24 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0H4GhYwAAAACimQ+eXnhfRrbPU3cDSN1bRlJBMjMxMDUwNDE3MDMxADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
cf9b6c088bd4477c9f8d465358cf7e03
x-azure-ref
0slWoYwAAAAAe70mMgcRXQ5Q3mtg5YIlHRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="clear-facial-skin-without-acne-banner.webp"
accept-ranges
bytes
content-length
7908
nivea_awo_june.webp
images-eu.nivea.com/-/media/local/th/articles/articles-august-2020/smoothen-cracked-heels-with-moisturising-cream/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/local/th/articles/articles-august-2020/smoothen-cracked-heels-with-moisturising-cream/nivea_awo_june.webp?rx=0&ry=0&rw=1640&rh=910&mw=383&hash=9140FC7558876D75D55F9B3AAC5F8F6D
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
39337533922c08c293f96a905c5deeca2e42e458d7f2ae151baf6c1253cce2ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 07 Apr 2021 09:22:52 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0/uikYwAAAABaM01zX9FjSYUq5T41GoSARlJBMjMxMDUwNDE3MDE5ADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
a15bf6b9ba1340cfbedaead1e0fee993
x-azure-ref
0slWoYwAAAAA4XX+2i38mSpVtZi2frYZmRlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="NIVEA_AWO_JUNE.webp"
accept-ranges
bytes
content-length
11020
niveam_resize_626x417.webp
images-eu.nivea.com/-/media/local/th/niveamen-content/clear-acne-secrets-for-men/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.nivea.com/-/media/local/th/niveamen-content/clear-acne-secrets-for-men/niveam_resize_626x417.webp?rx=0&ry=0&rw=626&rh=347&mw=383&hash=CBB909AEEC743E8A4C03CFC5BE17BFB6
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a5f639e40f6d316ce63bc2698d7ee57064181f1d5f40aa99283dad35255bc51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 15 Jul 2020 03:39:47 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0/uikYwAAAADR84mGW4cxTaZPxd/8fLQJRlJBMjMxMDUwNDE3MDMxADFlMTU2ODhkLWUxMmYtNDA1ZC1hNGYwLTczNTFkMGQ0YTdkMQ==
etag
d404e44299654d1bbac76ac80db28f02
x-azure-ref
0slWoYwAAAAA0b25Pv/JMSa4DgEJBnAq+RlJBMzFFREdFMDkwNgAxZTE1Njg4ZC1lMTJmLTQwNWQtYTRmMC03MzUxZDBkNGE3ZDE=
x-cache
TCP_HIT
content-type
image/webp
cache-control
public, max-age=31104000
content-disposition
inline; filename="NiveaM_Resize_626X417.webp"
accept-ranges
bytes
content-length
9330
[request].865a4494.js
www.nivea.co.th/dist/NiveaX/modules/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/[request].865a4494.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b0e19fbdd0475fd522b37447388560317f215d4db38b8ebae64b96cb6b3090ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:49 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0tGSlYwAAAAB/ZfjMyjhQTocNdFIUK8/lRlJBMjMxMDUwNDE3MDMxADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"3e9ce2ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAADCxw3ZHEd9Q4ppXQYkHzpzRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5612
tag.min.js
wtb-tag.swaven.com/scripts/5db19805197dbc65f8d4d9a5/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wtb-tag.swaven.com/scripts/5db19805197dbc65f8d4d9a5/tag.min.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9200:11:f266:7200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
d7f6efd2bdf5dfa299ec18ebf2a9a8a23a8fedc078a04cd0b063ad94e6089a38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 13:26:59 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 13:22:10 GMT
server
nginx/1.22.0
x-amz-cf-pop
FRA6-C1
age
519951
etag
W/"63a06582-9299"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
aKEJNyseUpXakKon_K6fPIuGU6ggU8zpf9mOFCsrKByMUYCrjU8Y4Q==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4PQ5NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 13:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
126
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 15:50:44 GMT
js
www.googletagmanager.com/gtag/ 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RZ6VBVCMRM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4PQ5NR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa70b0c23df06ed04da8dcc978d95fcaa4b474fd2009c0b038c4ede37abd5634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66302
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 13:52:50 GMT
addurl.php
consentmanager.mgr.consensu.org/delivery/ 		16 B
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consentmanager.mgr.consensu.org/delivery/addurl.php?id=undefined&h=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&gtmcb=1866354906
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 13:52:50 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Dec 2022 13:52:50 GMT
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
collect
tm-eu.beiersdorf.com/g/ 		65 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tm-eu.beiersdorf.com/g/collect?v=2&tid=G-RZ6VBVCMRM&gtm=2oebu0&_p=1746089035&_gaz=1&cid=2014481626.1671976371&ul=en-us&sr=1600x1200&_fplc=0&_uc=DE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&dr=&sid=1671976370&sct=1&seg=0&dt=%E0%B8%99%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B8%B5%E0%B8%A2%3A%20%E0%B9%81%E0%B8%9A%E0%B8%A3%E0%B8%99%E0%B8%94%E0%B9%8C%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%20-%20NIVEA&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_path_sanitised=%2Fabout-us%2Fcompany-overview-page&ep.page_country=TH&ep.page_language=TH-TH&ep.page_category=Content%20Page&ep.container_id=GTM-M4PQ5NR&up.cookie_settings=CPA%3A%200%2C%20LCD%3A%200%2C%20MCD%3A%201&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZ6VBVCMRM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:51 GMT
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache
access-control-allow-credentials
true
x-accel-buffering
no
expires
Sun, 25 Dec 2022 13:52:51 GMT
collect
stats.g.doubleclick.net/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RZ6VBVCMRM&cid=2014481626.1671976371&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZ6VBVCMRM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RZ6VBVCMRM&cid=2014481626.1671976371&gtm=2oebu0&aip=1&z=1027301722
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5db19805197dbc65f8d4d9a5
wtb-api-hub.swaven.com/cache/tag/v1/app/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wtb-api-hub.swaven.com/cache/tag/v1/app/5db19805197dbc65f8d4d9a5?&h=aHR0cHM6Ly93d3cubml2ZWEuY28udGg%3D
Requested by
Host: wtb-tag.swaven.com
URL: https://wtb-tag.swaven.com/scripts/5db19805197dbc65f8d4d9a5/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:4:9e5:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
83d2d400935d800d26283edcd3da1aeb768b9e36bb043bab4a784243c039d702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 17:46:29 GMT
content-encoding
br
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA2-C2
age
1195581
etag
W/"766-6yj6hmWkHODZ93eSxreOKPTPzhA"
vary
Accept-Encoding
x-cache
Hit from cloudfront
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://www.nivea.co.th
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
x-amz-cf-id
FNHmRs-r-8tq05GK8xhzX-SxxTgjzL20ypwxOT3bN_B7-vRfYnTyRA==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://tm-eu.beiersdorf.com/j/collect?v=1&_v=j98&aip=1&a=1746089035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&dr=&dp=%2Fabout-us%2Fcompany-overview-page&u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_gid=1353860045.1671976371&gjid=722163...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_v=j98&z=507637816
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_v=j98&z=507637816&slf_rd=1&random=536058420
42 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_v=j98&z=507637816&slf_rd=1&random=536058420
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 25 Dec 2022 13:52:51 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44073543-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1072403114&_v=j98&z=507637816&slf_rd=1&random=536058420
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://tm-eu.beiersdorf.com/j/collect?v=1&_v=j98&aip=1&a=1746089035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&dr=&dp=%2Fabout-us%2Fcompany-overview-page&u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_gid=1353860045.1671976371&gjid=206881...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_v=j98&z=1640373254
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_v=j98&z=1640373254&slf_rd=1&random=96789...
42 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_v=j98&z=1640373254&slf_rd=1&random=967899900
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 25 Dec 2022 13:52:51 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45839341-2&cid=jWTx6RCIIbolzgUGNT7qlJmmA/LK%2BzU5aUue3uRnDgw%3D.1671976371&jid=1600334925&_v=j98&z=1640373254&slf_rd=1&random=967899900
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
tm-eu.beiersdorf.com/ 		35 B
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tm-eu.beiersdorf.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.nivea.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
server
Google Frontend
content-type
image/gif
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
tm-eu.beiersdorf.com/ 		35 B
205 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tm-eu.beiersdorf.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.nivea.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
server
Google Frontend
content-type
image/gif
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
MobileBurgerNavigation-burgerNavigationMarkUp.51e21ed2.js
www.nivea.co.th/dist/NiveaX/modules/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/MobileBurgerNavigation-burgerNavigationMarkUp.51e21ed2.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
20b7865fe7fc75b595280e6a294ea589be8d179d31b4bdcada76ca3f83d06329
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
09IunYwAAAAD70ukjdLK0S6y5ZVy/0XOERlJBMjMxMDUwNDE3MDE5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"46e87ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAAAWUVd30p7eR56ujyfDs0SGRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5252
CircleNavigation~Navigation.fd3dd775.js
www.nivea.co.th/dist/NiveaX/modules/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/CircleNavigation~Navigation.fd3dd775.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
82bc1a95bf612bc4f64416084b73d1b61916e7b52d85b4734698a7faeffdc9ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0J/ClYwAAAACZO9Jh6kNSRJyo4OinXTfARlJBMjMxMDUwNDE4MDExADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"fe984eff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAABHQFDwHRsTT73vFjAW76GzRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9575
Navigation.cf04389a.js
www.nivea.co.th/dist/NiveaX/modules/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/Navigation.cf04389a.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8244890aad232709b0763d38e6aef97f0b96b8070d141b3f32d9dc90c9e34265
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0Xf6lYwAAAADxJfkeDJdcSZCndcEBby9mRlJBMjMxMDUwNDE4MDExADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"6bb18eff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAAB7Fp/gw6x1T4MmCCHmFFv6RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11164
ScrollSlider.1ecef454.js
www.nivea.co.th/dist/NiveaX/modules/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/ScrollSlider.1ecef454.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
12340f3a8e48731a6287b776791711b272c6d8f42a327436211556a86f99d3ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0FySkYwAAAADwb2y3am8zSI6agzoYPVMbRlJBMjMxMDUwNDE3MDQ3ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"4578bcff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAADGEDS3kGOUTLzdpON6CLZhRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1126
NivTBreadcrumbs.336c06e0.js
www.nivea.co.th/dist/NiveaX/modules/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/NivTBreadcrumbs.336c06e0.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a6397cfdaa60cad6f61a5f5689b3f0cf9c2402fb8476403886ad262f4522450c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0TQSkYwAAAAAlVjALErwnSqRrDT0XsKbtRlJBMjMxMDUwNDE4MDM5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"67fd90ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAABFHT371u6yQIZOvkwwlBUpRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
689
Breadcrumb.0360f085.js
www.nivea.co.th/dist/NiveaX/modules/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/Breadcrumb.0360f085.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d08dae9436e257662a6c835bf390afcd2e866b1c7ba4138148752eeea673aed6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:09 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0gv6lYwAAAADxop1unfg1Rq0uinfzc8BaRlJBMjMxMDUwNDE4MDQ3ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"557145ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAADYEs8zv6HyQIACwtfojIJ4RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
980
NivTTeasers.f8e1fc6f.js
www.nivea.co.th/dist/NiveaX/modules/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/NivTTeasers.f8e1fc6f.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
446a0653eb029966713a689087479a27262d112017c748116aa9c0bbd2ea40ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0lJOmYwAAAAAaYktR+gGGR44FIR116llPRlJBMjMxMDUwNDE4MDExADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"bba99bff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAACOYwseev6cSbZX5PtVbEN5RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1430
Slider.563c810a.js
www.nivea.co.th/dist/NiveaX/modules/ 		41 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/Slider.563c810a.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
afe72ea97fb24cea7d225c8fb40cd87d3d7986823e27c7242064a50729466111
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0gv6lYwAAAAAQ88ZV2VqxRJD+so76FpA0RlJBMjMxMDUwNDE4MDUzADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"5263c6ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAAAHFPRJduMjSrI8grc3inJRRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21433
SliderPagination.8512fb56.js
www.nivea.co.th/dist/NiveaX/modules/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/SliderPagination.8512fb56.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9e9fdbb784c2a03dee57f9a4e92055a844dddd87f08e636d7d24e1f35f46d12d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
006OmYwAAAAD4xFnQx2d7RKVeXqka8VcJRlJBMjMxMDUwNDE3MDI1ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"64adc8ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAABEy9YOfcuGR4Udsup5NIIjRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2011
Footer.a18d7de0.js
www.nivea.co.th/dist/NiveaX/modules/ 		646 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/Footer.a18d7de0.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9eed039d40775eddeeaa10a04b1228e7fdbe643eb626a167b4f76a93af226173
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0lJOmYwAAAAC53q6KN3++Ro9T6EPHsIVERlJBMjMxMDUwNDE4MDUxADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"a29b6bff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAADrWXhgp962Q4b7mslWtqi0RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
492
NivTFooter.d8016f8b.js
www.nivea.co.th/dist/NiveaX/modules/ 		992 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/NivTFooter.d8016f8b.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2ac89a9f562e9f1eb306c29a4c5bd840a839df4462622739c8c71983d22526b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0hqWjYwAAAAD0d+jcNOF5SrmPpT4xdjzARlJBMjMxMDUwNDE4MDQ1ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"494593ff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAAB5McRxkXuhQKFTtmMKEBYkRlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
681
FormElement.b57658b5.js
www.nivea.co.th/dist/NiveaX/modules/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/FormElement.b57658b5.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
833d7be87d6a5d518516ed34d4be680969a701b49e65f8c6948433bb5ea069ca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0ynKlYwAAAAA5lNa+E1nmRK9+FFxBRzHNRlJBMjMxMDUwNDE3MDQ5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"e246dff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0slWoYwAAAABR15LhD7u5S5mcP8CyiOyERlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
921
loader.js
widgets.swaven.com/awe/1/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/loader.js
Requested by
Host: wtb-tag.swaven.com
URL: https://wtb-tag.swaven.com/scripts/5db19805197dbc65f8d4d9a5/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7bc57f8a22991da05999fcc04cac892157ad412653dc7add7e0c2a76ab435d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 21:29:35 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:33 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
58997
etag
W/"64a7e220613e4e5deadc22b74e54741f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=172800
x-amz-cf-id
XVeUY1qOza482btm3p60gK4g9BLUSWHmy90Yl2n77almhbvnJDRVjQ==
%2Fabout-us%2Fcompany-overview-page
wtb-api-hub.swaven.com/cache/tag/v1/app/5db19805197dbc65f8d4d9a5/page/ 		76 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wtb-api-hub.swaven.com/cache/tag/v1/app/5db19805197dbc65f8d4d9a5/page/%2Fabout-us%2Fcompany-overview-page?&h=aHR0cHM6Ly93d3cubml2ZWEuY28udGg%3D
Requested by
Host: wtb-tag.swaven.com
URL: https://wtb-tag.swaven.com/scripts/5db19805197dbc65f8d4d9a5/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:4:9e5:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
696d05831d67f4f75ce687fd87eab67ecbbde66c2bbb906fa25ec045c6f0d735

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:07:31 GMT
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx/1.22.0
x-amz-cf-pop
FRA2-C2
age
175519
etag
"4c-qrYa5BwYFJvcK2uzts+Qz8xKRnU"
x-cache
Hit from cloudfront
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://www.nivea.co.th
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
content-length
76
x-amz-cf-id
RHfLuRpKNuNOxndYD5AN-WNPpcYNVtlLDuUnImXn9OZiyvtXFyNakQ==
collect
tm-eu.beiersdorf.com/ 		35 B
205 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tm-eu.beiersdorf.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.nivea.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
server
Google Frontend
content-type
image/gif
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
ScrollTo.208dc227.js
www.nivea.co.th/dist/NiveaX/modules/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/modules/ScrollTo.208dc227.js
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/application.js?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4d1d7f06ccb95b0e6fb5d869137cfcddf67a1e43a72edd4530250f13b6892ca2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
content-encoding
br
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 30 Nov 2022 05:17:10 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0KKWnYwAAAAAgRrRZ8NTdSI+XsYn5k/zoRlJBMjMxMDUwNDE4MDE5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"8a3dbdff7a4d91:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0s1WoYwAAAACiV4bNRmtDSoqZ7upSezmURlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
cache-control
max-age=2592000
accept-ranges
bytes
content-length
738
GetMainNavigation
www.nivea.co.th/xajax/ 		10 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/xajax/GetMainNavigation?item=sitecore%3A%2F%2Fweb%2F%7B5C7CF6C2-2D93-5CB6-AE3F-D88C2504C929%7D%3Flang%3Dth-TH%26ver%3D1&context=sitecore%3A%2F%2Fweb%2F%7B6752D6D0-A877-4436-B96B-F9B7AABF35B8%7D%3Flang%3Dth-TH%26ver%3D1
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/modules/Navigation.cf04389a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6e8ce767cbb829cf3b0d341429fbc514da8e2e4addc701d9c3e1d9680b522e1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/about-us/company-overview-page?contactid=amira.bebars1@vodafone.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
date
Sun, 25 Dec 2022 13:52:50 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0s1WoYwAAAADPR2zFQFNdQ7USxJiuQ6l5RlJBMjMxMDUwNDE3MDI5ADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
x-azure-ref
0s1WoYwAAAADL/8GXZHRKS6X7vCnZO4V0RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-cache
PRIVATE_NOSTORE
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
9917
expires
-1
view_page
eu-west-1-wtb-tag-api.swaven.com/app/5db19805197dbc65f8d4d9a5/track/ 		35 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-west-1-wtb-tag-api.swaven.com/app/5db19805197dbc65f8d4d9a5/track/view_page?v=1671976371034&rfr=&url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&url_pathname=%2Fabout-us%2Fcompany-overview-page&pageId=83509939-080c-4e4f-85b0-6c29e6b62598&_utests=null&countries=%5B%22TH%22%5D&geoCountry=DE&locale=th-TH&swnlp=0&country=TH&s_id=486ddaf9-96d0-466a-93fa-5eb9014c6137&s_ts=1671976370828&s_referrer=null&s_url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d0MInWgwMDUm9Bbm4IQmWZZjBeytNsF8G5Lwzz6OsfOqvnoukTPsn3NI%2BTDnL07fjK4cxS8NKqCor9ZZfZ5mHuZvi6Z%2F24KoRFqX4IAFU%2BlLpwlRVyRZ%2F81jlKn7kYZnaLdfkyIttyVKZOBxbbpFQS0MEFugM3uPjv7lsVH"}],"group":"cf-nel","max_age":604800}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
77f20f3f6c399156-FRA
content-length
35
expires
-1
c33d9795-ba43-484d-b394-81388b9fb006
https://www.nivea.co.th/ 		41 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nivea.co.th/c33d9795-ba43-484d-b394-81388b9fb006
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b750570c7c42ad690cc0ee103799da82abe8cec2b2780b25619659cbf3c36e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
41
Content-Type
text/javascript
index.html
widgets.swaven.com/awe/1/a7ebe07/std/ Frame 7315 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca1e6c6f17ff69a39fac4c9663cc0a4b8ea95f53449823722c84020c63059ea4

Request headers

Referer
https://www.nivea.co.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1574676
cache-control
public, max-age=31536000
content-encoding
br
content-security-policy-report-only
default-src 'self'; script-src https://*.swaven.com https://*.mapbox.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.swaven.com https://*.static-swaven.com data: blob: http: https:; media-src https://*.swaven.com https://*.static-swaven.com; style-src https://*.swaven.com https://*.mapbox.com 'unsafe-inline' https://fonts.googleapis.com; connect-src https://*.swaven.com https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com; form-action 'none'; block-all-mixed-content ; child-src blob:; worker-src blob:; frame-src 'none'; font-src 'self' https://fonts.gstatic.com https://prd-swaven-content-upload.s3.eu-west-1.amazonaws.com https://content.static-swaven.com; report-uri https://swaven.report-uri.com/r/d/csp/reportOnly; report-to csp-endpoint;
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 08:28:16 GMT
etag
W/"90045004e1cdb7180fa34e800411bea7"
last-modified
Wed, 07 Dec 2022 08:27:32 GMT
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true,"failure_fraction":0.2}
report-to
{"group":"csp-endpoint","max_age":31536000,"include_subdomains":true,"endpoints":[{"url":"https://swaven.report-uri.com/r/d/csp/reportOnly"}]},{"group":"default","max_age":31536000,"include_subdomains":true,"endpoints":[{"url":"https://swaven.report-uri.com/a/d/g"}]}
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
x-amz-cf-id
52OII2kPv9cK8h19AA0d_PlNzNf8sffbxz5-04Xfj6lKGlcBOBHp-Q==
x-amz-cf-pop
BUD50-C1
x-cache
Hit from cloudfront
619671048201dc0fa6b8d981
wtb-api-hub.swaven.com/cache/wtb/v2/api/conf/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wtb-api-hub.swaven.com/cache/wtb/v2/api/conf/619671048201dc0fa6b8d981
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:4:9e5:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1ef497757dfca650cd2cb0f8c830f4c4de817d9bb270839049fda92f4daa6470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nivea.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:33:19 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA2-C2
age
436771
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length
1275
pragma
no-cache
server
Microsoft-IIS/8.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache
access-control-allow-credentials
true
x-amz-cf-id
r_OfSzplx7x7FUiUM8GoLwwssupc2QF04hHAtUUV6YfQ7NQkZxZl2Q==
expires
-1
NiveaXIcons-010420201600.woff
www.nivea.co.th/dist/NiveaX/_/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nivea.co.th/dist/NiveaX/_/fonts/NiveaXIcons-010420201600.woff
Requested by
Host: www.nivea.co.th
URL: https://www.nivea.co.th/dist/NiveaX/styles-ltr.css?202211300617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5606169db16fd18b54489e0e579646451ef53763704d6cbb37cb7852586ae9e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Request headers

Referer
https://www.nivea.co.th/dist/NiveaX/styles-ltr.css?202211300617
Origin
https://www.nivea.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net
date
Sun, 25 Dec 2022 13:52:50 GMT
last-modified
Wed, 05 Oct 2022 14:26:03 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0y0WoYwAAAABAA6/o+8BTQrFCJ4LextKRRlJBMjMxMDUwNDE3MDExADc3YzM3N2ExLWU1YzAtNGRhNy05MTg1LTQxYzhjZTMyOTM0YQ==
etag
"6d33466c6d8d81:0"
x-azure-ref
0s1WoYwAAAABblOT30HdJSIMabkbmS8I4RlJBMzFFREdFMDMxMgA3N2MzNzdhMS1lNWMwLTRkYTctOTE4NS00MWM4Y2UzMjkzNGE=
x-cache
TCP_HIT
content-type
application/font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7368
vue.js
widgets.swaven.com/awe/1/a7ebe07/std/ Frame 7315 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/vue.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:32 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574676
etag
W/"b21b8531847604ab5f2f5caaef51ba31"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
xvSUm8yeVpFJlD9Pp_2qtxF94_bD6F_b25_c2u3X8kbJEiYK4G5y-w==
utils.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/utils.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05de6f7a42ff4155f8ea91c6ac97c972a50cea6e73fabe269c8bf74ebf98ef7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:36 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574676
etag
W/"f21b34bea6ca570d0246ddc443b29971"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
xAg1Jj7fBgUAR6ZR49sNgZ4YFCr7y4yxrOWQsRHxwxrz6GkaYKgwow==
hostCom.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/hostCom.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b94e2e077339ebd88dfce9cccdbb814e892632a17d9f2beadf233068b2d25042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:35 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574676
etag
W/"d2b05edf4f340c5dbbcaee2a961a7374"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
f-7n3EQYA5o3FIzsCCzutL6qoOUnnhIq0MvwYhkLmQgyzs8MmhRwIw==
appInit.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14e25b63f7f37cc3b2f6378b74a9a3d6ce50f6a88b8e872492632891d6c9b464

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:33 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574676
etag
W/"36282b4e03714b9c4db16c783a9edd14"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
OTXhaMCQmC4xTP4W2q8srIqwmtAESPbgwMFwO8tHD8UousqlTKj-SA==
mapping.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/mapping.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61dae6a6d5cb3a81708e1903d5ddebb2614c7b6d289b8f5f37a3400c349c2fd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:36 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574675
etag
W/"1cd67acca9ccdef5823d4c2fcb068f91"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
vqSuSHwCiJpAqooWXJdSR9oQVkZLHVCMiYWrWRv4lGNpJ-vDzL2PuA==
daco.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/daco.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14fa50b4472902ab306c2309650efbcd862ebacd6a893fed62acc7b2d745a5d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:34 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574676
etag
W/"e822e2d0a2cd29c6124e3b1a8d20e4f6"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
XBB0E2f02y8sb-R7lR54cc9QYU68ZexxOkJlwM1rhf3lOFp0wg_h2A==
i18n.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/i18n.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5629c4f73970acaea3bf7b36d2519831dd2ffe36a448f92d337671b20ac37287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:35 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574675
etag
W/"98ee598d1e6f1f522c3e594528958681"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
LyFeSZcHkoMsuUs9WidDKuFPW2OxFcfCT-iF5gRzXlEasZEkwu0_QA==
app.js
widgets.swaven.com/awe/1/a7ebe07/std/js/ Frame 7315 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/js/app.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2721506819ee04ef37e21d626c324ec8fb230460b9f05f57bde51b0421065dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:33 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574676
etag
W/"c8d5e4e3a2379bd291a5a00643324edd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
p6svd0mfMuX7Y7bSPuGQ0SgOfiXOchqVwRcZVwnmyFnT3WaJommR8A==
swaven-link.js
widgets.swaven.com/awe/1/a7ebe07/std/components/swaven-link/ Frame 7315 		550 B
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/swaven-link/swaven-link.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e5a800a14665fbfeaf06cebe2edce02197c30e8acbae4895bc7b90d78c44d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:18 GMT
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:47 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574674
etag
"48c281ffd57b9ca61ab4f1e77eba10bd"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
550
x-amz-cf-id
z2a77q4fckrslAZmol7Si4AWE5b1W5VHO-l4o-QVSrEH5K_A9Jq6hw==
termsofuse.js
widgets.swaven.com/awe/1/a7ebe07/std/components/termsofuse/ Frame 7315 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/termsofuse/termsofuse.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecab0e692900cf4f669d5e58f48fd94f2226d2740d5699a0d940771bf3232de8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:18 GMT
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:48 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574674
etag
"57248f0cefc50ac2fa6f8b7c8cfae3e4"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
836
x-amz-cf-id
HD3yox8CKkiCeOG6PZYnjFzKt-denDsD8VokNz8gh7esdxDppUU4Rg==
warning.js
widgets.swaven.com/awe/1/a7ebe07/std/components/warning/ Frame 7315 		684 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/warning/warning.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c58f677988fdda4df62561d217e8d40f28099db2a2292524f15858bcd8d196f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:18 GMT
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:48 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574674
etag
"874d9d53cea1193136b3f4636289d0a3"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
684
x-amz-cf-id
f40NorVmEAKMBKxtDsvuo7nq3skoS3QsHiuIjdMn5vYHIVXI-yje-w==
errmon.js
widgets.swaven.com/awe/1/a7ebe07/std/components/errmon/ Frame 7315 		521 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/errmon/errmon.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
349e2d397184ee547d861e0f19508107e18491acdfbd3f4865d408aa47110875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:18 GMT
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:39 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574674
etag
"ff53735ab33cb4a81a9a531826fb9762"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
521
x-amz-cf-id
v3jQPfnljfcYigGYtFhnRGT5ZJBRkKDTkYrL1VHfMVMKvvAP7bhfNQ==
default.css
widgets.swaven.com/awe/1/a7ebe07/style/ Frame 7315 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/style/default.css
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89d13dbfa445f6b9ec3e04aaf2464a23ee1df84f4d2a1586138ec2e48f37fa2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:16 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:35 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574675
etag
W/"99ab2be508012735f4acebcce0c57b79"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
fyMG2CeujL64rw0Jfm00ZbLqHZenbpWpmBvqk_xT6BJ5Cpq9_x8IhA==
collect
tm-eu.beiersdorf.com/g/ 		65 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tm-eu.beiersdorf.com/g/collect?v=2&tid=G-RZ6VBVCMRM&gtm=2oebu0&_p=1746089035&cid=2014481626.1671976371&ul=en-us&sr=1600x1200&_fplc=0&_uc=DE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page&dr=&sid=1671976370&sct=1&seg=0&dt=%E0%B8%99%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B8%B5%E0%B8%A2%3A%20%E0%B9%81%E0%B8%9A%E0%B8%A3%E0%B8%99%E0%B8%94%E0%B9%8C%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%20-%20NIVEA&_s=2&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZ6VBVCMRM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nivea.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 25 Dec 2022 13:52:51 GMT
x-content-type-options
nosniff
server
Google Frontend
content-type
text/plain
access-control-allow-origin
https://www.nivea.co.th
cache-control
no-cache
access-control-allow-credentials
true
x-accel-buffering
no
expires
Sun, 25 Dec 2022 13:52:51 GMT
template.html
widgets.swaven.com/awe/templates/default/_nivea_pop_social/ Frame 7315 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/template.html
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b72a170677eae5e44abd43a7b56d552330eecba53af9d4614246dddcd920d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:47:43 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 16:57:40 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
47109
etag
"3e58059c55c71952638b94f3507be254"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/html; charset=utf-8
cache-control
public, max-age=172800
accept-ranges
bytes
content-length
2444
x-amz-cf-id
g1mK6HvXBVhy-cBiOCle7k_S4LTgW_B7okQle15X_oMJV6gaA77-oA==
autocomplete.js
widgets.swaven.com/awe/1/a7ebe07/std/components/autocomplete/ Frame 7315 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/autocomplete/autocomplete.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4a41ecaee9140bde0d905ae1607e63ffac06d19f8de6301001f8a58d965e924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:17 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:37 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574675
etag
W/"1a4c0dd625594e204046e2a69565c307"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
gEjdSahFJTZiYxReO0cYnISQeq8iGMQKHapl2vk6l-GonwZ3j4Jd8w==
carousel.js
widgets.swaven.com/awe/1/a7ebe07/std/components/carousel/ Frame 7315 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/carousel/carousel.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c1911b5714eb83e9aef09d86b7c9b50a66d0253ec58de81178b8da768c40abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:17 GMT
content-encoding
br
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:39 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574675
etag
W/"a157145933e5e74f5cda2f116dec7791"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
3URlOXNadQOQcbPBDeUAdrXE72T8Jrt46OkF5eoWgQi_4dGH1ewgeA==
ratings.js
widgets.swaven.com/awe/1/a7ebe07/std/components/ratings/ Frame 7315 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/std/components/ratings/ratings.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b855abfde59f810b51c05c98f6bff2936d87bc69c0f38809c207f527cbd1cc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 08:28:19 GMT
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:47 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1574672
etag
"799df52ed8d8384db25eb6d415583add"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
980
x-amz-cf-id
uUeePXiownT613jT_DBMy1KjVvsSKBGdVsf4HjddRBZDrALB0grMFg==
style.css
widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/ Frame 7315 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/style.css
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17e8d8e2bcc897d7e49be64e86ea57846752be8c91a471ed033085674e8b43dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 00:51:17 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 16:57:41 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
2552494
etag
"8301515a58f8d45d87b55d20c2ec8ed2"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2186
x-amz-cf-id
yo8Q7DZvIBBuPuhSqzv-tltLL1nP-Oy2sni6p8sk9S6uhjuWq1niAQ==
i18nLabels.min.js
widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/ Frame 7315 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/i18nLabels.min.js
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/appInit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c313b51446547687332e286b3e9bfb63c8a57fdc93a2b7cf35ef836f4fdd5641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 01:41:17 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 16:57:40 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
3499895
etag
"c5277b91e609837b0253cb7b6e0f790f"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3166
x-amz-cf-id
bo5KoRWFNeYv7dpePwsRvr0wgSYHaSAiARNoh17peKt8F8atfWitdA==
th.json
widgets.swaven.com/awe/1/a7ebe07/texts/ Frame 7315 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/1/a7ebe07/texts/th.json
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/1/a7ebe07/std/js/i18n.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62c61977e308958605d051576bc773741380ced32223ee79731d7294949e42c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/awe/1/a7ebe07/std/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:06:48 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 08:27:42 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
age
1140364
etag
W/"9b2084b6b53c69b3625a39d3eb377240"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
x689GcpNBGdhKzNnBS3l5JcjfhZy3ciONgFnb8P2UzrI0T6hRXLyAg==
/
img.static-swaven.com/v7/ Frame 7315 		59 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-swaven.com/v7/?width=500&org_if_sml=1&ci_url_encoded=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
Scaleflex HTTP Loadbalancer /
Resource Hash
9b1bf922702cd08a9a76187a877695530ad6ce4b425fd72d7d326402ffcb7cf5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 13:52:51 GMT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
server
Scaleflex HTTP Loadbalancer
x-cloudimg-traceid
CiI_018_20221225135251_b11bd_FAsC
x-amz-cf-pop
FRA2-C1
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
vb_DwSs46plXsVVaaYYpnTOYEwWnSW8mWW_Ji68skfGM8BdbS6bJJQ==
x-xss-protection
1
s.png
content.static-swaven.com/img/logos/2021/ Frame 7315 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.static-swaven.com/img/logos/2021/s.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437470dafdec4a0810f9d0136563a9da436cca7d0766b71f305f4ff371fdf0e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:04:48 GMT
x-amz-version-id
null
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 08 Sep 2021 13:51:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2530084
etag
"33cc77beafbb1412a7d3b8b51eab2f68"
x-amz-meta-cb-modifiedtime
Wed, 08 Sep 2021 13:39:29 GMT
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
940
x-amz-cf-id
a3_2cQnoNMsiMOvqb3clk_YxGiia7wBuUNeBr8cysXUu6oSgs4-_KA==
pv
eu-west-1-wtb-tag-api.swaven.com/widget/track/ Frame 7315 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-west-1-wtb-tag-api.swaven.com/widget/track/pv?wtbid=619671048201dc0fa6b8d981&fmt=awe&module=wtb&type=awe&v=1671976371479&lang=th&opscode=467&area=main&pageid=83509939-080c-4e4f-85b0-6c29e6b62598&iid=1fa4f33daf3f44428cd12ce1f8382f6b&reqpid=&ct=TH&ct_context=TH&geocountry=DE&touchpoint=ST&dpr=NaN&test=0&trkOrigin=daco&tzOffset=0&appid=5db19805197dbc65f8d4d9a5&s_ts=1671976370828&s_id=486ddaf9-96d0-466a-93fa-5eb9014c6137&auto=1&build=a7ebe07&buildName=std&safeframe=0&ts=477&s_url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&rfr2=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9tTCypfBhLyhrvU0%2FUanzwtZCyOsmS4FTvTDzqnTBqRXgb2tFEr%2BEyZYXWo9AoceTk9Fp81ZT4AWtfMH6zuno4ToKei4rjjrZ5fU6yXTGeP4vnzXI2VMkx5EfoChYn6ipeMjYeysRxmDMeMUeCejzzkamEz6HuL9lm0fBt9"}],"group":"cf-nel","max_age":604800}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
77f20f41c8ff9156-FRA
content-length
35
expires
-1
px.png
trk2-wtb.swaven.com/ Frame 7315 		70 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk2-wtb.swaven.com/px.png?action=pv&wtbid=619671048201dc0fa6b8d981&fmt=awe&module=wtb&type=awe&v=1671976371479&lang=th&opscode=467&area=main&pageid=83509939-080c-4e4f-85b0-6c29e6b62598&iid=1fa4f33daf3f44428cd12ce1f8382f6b&reqpid=&ct=TH&ct_context=TH&geocountry=DE&touchpoint=ST&dpr=NaN&test=0&trkOrigin=daco&tzOffset=0&appid=5db19805197dbc65f8d4d9a5&s_ts=1671976370828&s_id=486ddaf9-96d0-466a-93fa-5eb9014c6137&auto=1&build=a7ebe07&buildName=std&safeframe=0&ts=477&s_url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&rfr2=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-41.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 06:31:32 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 16:22:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2186480
etag
"35800716e266902e4fe68ab558d981fb"
x-amz-meta-cb-modifiedtime
Wed, 17 Nov 2021 16:22:24 GMT
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
70
x-amz-cf-id
buDK_pE0aIepEpqBJ7DerbXu0jHeb20ZetOIWcHSeZkLP3HAjAzprA==
initMetrics
eu-west-1-wtb-tag-api.swaven.com/widget/track/ Frame 7315 		35 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-west-1-wtb-tag-api.swaven.com/widget/track/initMetrics?wtbid=619671048201dc0fa6b8d981&fmt=awe&module=wtb&type=awe&v=1671976371480&lang=th&opscode=467&area=main&pageid=83509939-080c-4e4f-85b0-6c29e6b62598&iid=1fa4f33daf3f44428cd12ce1f8382f6b&reqpid=&ct=TH&ct_context=TH&geocountry=DE&touchpoint=ST&dpr=NaN&test=0&trkOrigin=daco&tzOffset=0&appid=5db19805197dbc65f8d4d9a5&s_ts=1671976370828&s_id=486ddaf9-96d0-466a-93fa-5eb9014c6137&loadTime=327&cpus=4&intersectionObs=1&perf_appInit=109&memory=8&perf_conf=36&perf_ifr=151&perf_loader=216&perf_fd=11&perf_switch=1&perf_mount=15&perf_template=39&log=1&ts=478&build=a7ebe07&buildName=std&safeframe=0&template=default%2F_nivea_pop_social&s_url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&rfr2=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba0vBlApnFGZ84VX%2Ffd0BqvEF0gjSWYFggrUTZHYteyDn2xRpt85C7%2FcULQQhQ4Nldh62%2FrQFTSxWaqYczTnRApk42DINw650pbdkoAth%2B%2Fyl6WxVdo4M%2FLvAdGNt4S9LjZNF6%2FIXzB20m0Lksd7iI16WX56EKbBGKs46Ttq"}],"group":"cf-nel","max_age":604800}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
77f20f41c9019156-FRA
content-length
35
expires
-1
NIVEABrandTypeWeb-Bold.woff2
widgets.swaven.com/awe/templates/default/_nivea_pop_social/ Frame 7315 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/NIVEABrandTypeWeb-Bold.woff2
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1c542371cfbd2be99b66dcb65fdbccdf0ed19af4010fe43471d7e47c43807f5

Request headers

Referer
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/style.css
Origin
https://widgets.swaven.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 02:14:44 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
x-amz-cf-pop
BUD50-C1
age
128288
x-cache
Hit from cloudfront
content-length
62964
last-modified
Mon, 24 Jan 2022 13:43:29 GMT
server
AmazonS3
etag
"0b88cc60bb575b13b6c4f4cf3ed30d76"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=172800
accept-ranges
bytes
x-amz-cf-id
B_ktULTGSr_-alz1tVFW99-ukqo83DtWXhJfs8JrWFW6ydEb7TMr1A==
NIVEABrandTypeWeb-Regular.woff2
widgets.swaven.com/awe/templates/default/_nivea_pop_social/ Frame 7315 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/NIVEABrandTypeWeb-Regular.woff2
Requested by
Host: widgets.swaven.com
URL: https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-125.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4f0bfd5f1dc027273eeebd1344c838d3efeaeccd5243f446c4735998998118f

Request headers

Referer
https://widgets.swaven.com/awe/templates/default/_nivea_pop_social/c6ce8f0_ab63/style.css
Origin
https://widgets.swaven.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 00:29:28 GMT
content-encoding
gzip
via
1.1 4988aba3224481ada0837b985e86ef38.cloudfront.net (CloudFront)
x-amz-cf-pop
BUD50-C1
age
48204
x-cache
Hit from cloudfront
content-length
55995
last-modified
Mon, 24 Jan 2022 13:43:30 GMT
server
AmazonS3
etag
"9a229447b0796256447eb569d62e323c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=172800
accept-ranges
bytes
x-amz-cf-id
wYj_yIg0GZWu58jbJrG-AIJhPNbtl3KmrxUIsbl5KUUbr-IFG9AoIQ==
btn
eu-west-1-wtb-tag-api.swaven.com/widget/track/ Frame 7315 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-west-1-wtb-tag-api.swaven.com/widget/track/btn?wtbid=619671048201dc0fa6b8d981&fmt=awe&module=wtb&type=awe&v=1671976372260&lang=th-th&opscode=467&area=clientdom&pageid=83509939-080c-4e4f-85b0-6c29e6b62598&iid=1fa4f33daf3f44428cd12ce1f8382f6b&reqpid=4005808650781%3A1%2F4005808305933%3A2%2F4005808355877%3A3&ct=TH&ct_context=TH&geocountry=DE&touchpoint=ST&dpr=NaN&test=0&trkOrigin=daco&tzOffset=0&appid=5db19805197dbc65f8d4d9a5&s_ts=1671976370828&s_id=486ddaf9-96d0-466a-93fa-5eb9014c6137&idx=1%2C2%2C3&build=a7ebe07&buildName=std&safeframe=0&ts=1257&s_url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&rfr2=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 13:52:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qW4J%2FDIF6sxihF4CS%2BRwj2L6BJTEbNyEAg2sF0SKErfO33zamNTrD784lCq80wpwjC0R0rkKVop0RUQ6Bj0mU5lYZtdIDMGwX91asx5AF4D%2FYsQpnTslfB93o17QyimvuZ1SFBAx7r8qIGWtj6dtKTxqhMTvGoy1DZ56F%2FjB"}],"group":"cf-nel","max_age":604800}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
77f20f46aaf19156-FRA
content-length
35
expires
-1
px.png
trk2-wtb.swaven.com/ Frame 7315 		70 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk2-wtb.swaven.com/px.png?action=btn&wtbid=619671048201dc0fa6b8d981&fmt=awe&module=wtb&type=awe&v=1671976372260&lang=th-th&opscode=467&area=clientdom&pageid=83509939-080c-4e4f-85b0-6c29e6b62598&iid=1fa4f33daf3f44428cd12ce1f8382f6b&reqpid=4005808650781%3A1%2F4005808305933%3A2%2F4005808355877%3A3&ct=TH&ct_context=TH&geocountry=DE&touchpoint=ST&dpr=NaN&test=0&trkOrigin=daco&tzOffset=0&appid=5db19805197dbc65f8d4d9a5&s_ts=1671976370828&s_id=486ddaf9-96d0-466a-93fa-5eb9014c6137&idx=1%2C2%2C3&build=a7ebe07&buildName=std&safeframe=0&ts=1257&s_url=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com&rfr2=https%3A%2F%2Fwww.nivea.co.th%2Fabout-us%2Fcompany-overview-page%3Fcontactid%3Damira.bebars1%40vodafone.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-41.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.swaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 06:31:32 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 16:22:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2186481
etag
"35800716e266902e4fe68ab558d981fb"
x-amz-meta-cb-modifiedtime
Wed, 17 Nov 2021 16:22:24 GMT
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
70
x-amz-cf-id
aFyWXyewbDb8TXYxt4go0YVfksxIVMxjkVJOVmYH_Bl1u4Au6GYYMQ==

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| loadCSS object| dataLayer object| NiveaXwebpackJsonp function| _ object| NiveaX string| animationEndEvent function| onYouTubeIframeAPIReady object| swnDataLayer object| google_tag_manager object| google_tag_data object| __gtm_cookie_helpers number| __ga_pageview_sample string| GoogleAnalyticsObject function| ga object| cookieHelpers undefined| interactionCookie function| findInDataLayer object| riveted object| helpers string| _gtm_hidden string| _gtm_visibilityChange boolean| _gtm_initialPageIsVisible function| _gtm_handleRepeatedVisibility function| _gtm_handleInitialVisibility undefined| expireDate object| gaGlobal boolean| swnTagLoaded object| gaplugins object| gaData function| _ga_originalSendHitTask number| tnsId object| aweLoader function| swnInitAwe function| swnOpenAwe function| swnUnloadAll boolean| _gtm_pageviewTracked

13 Cookies

Domain/Path Name / Value
www.nivea.co.th/ Name: shell#lang
Value: en
www.nivea.co.th/ Name: ContactLevel
Value: Value=Guest Visitor&ContactLevelExpires=25.12.2022 13:54:50
.nivea.co.th/ Name: cookie-policy-accepted
Value: 0
.nivea.co.th/ Name: LegitimateCookiesDisabled
Value: 0
.nivea.co.th/ Name: PerformanceCookiesDisabled
Value: 0
.nivea.co.th/ Name: MarketingCookiesDisabled
Value: 1
.nivea.co.th/ Name: _uconfig
Value: %5B%5D
.nivea.co.th/ Name: _ga_RZ6VBVCMRM
Value: GS1.1.1671976370.1.0.1671976370.60.0.0
.nivea.co.th/ Name: _ga
Value: GA1.3.2014481626.1671976371
.nivea.co.th/ Name: _gid
Value: GA1.3.1353860045.1671976371
.nivea.co.th/ Name: _gat_bhGlobal
Value: 1
.nivea.co.th/ Name: _gat_bhLocal
Value: 1
.nivea.co.th/ Name: _sconfig
Value: %5B%7B%22action%22%3A%22evtInt%22%2C%22value%22%3A1%7D%2C%7B%22action%22%3A%22lp%22%2C%22value%22%3A%221%22%7D%2C%7B%22action%22%3A%22tst%22%2C%22value%22%3A1671976371295%7D%2C%7B%22action%22%3A%22pvs%22%2C%22value%22%3A1%7D%5D

1 Console Messages

Source Level URL
Text
network error URL: https://img.static-swaven.com/v7/?width=500&org_if_sml=1&ci_url_encoded=1
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://webvisor.com https://mc.yandex.ru https://yastatic.net

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.n.nivea.co.th
consentmanager.mgr.consensu.org
content.static-swaven.com
eu-west-1-wtb-tag-api.swaven.com
images-eu.nivea.com
img.static-swaven.com
stats.g.doubleclick.net
tm-eu.beiersdorf.com
trk2-wtb.swaven.com
widgets.swaven.com
wtb-api-hub.swaven.com
wtb-tag.swaven.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nivea.co.th
13.111.210.166
13.224.189.110
13.224.189.97
143.204.215.41
2600:9000:2057:9200:11:f266:7200:93a1
2600:9000:21f3:5e00:4:9e5:d940:93a1
2606:4700:20::681a:283
2620:1ec:4a::43
2620:1ec:4e:1::44
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2013
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
52.84.106.125
87.230.98.74
05de6f7a42ff4155f8ea91c6ac97c972a50cea6e73fabe269c8bf74ebf98ef7c
06ecc1a451ce30c6d075e7a39c2bf6581b85383a1650b89eab6f00a3c80d07e5
0c58f677988fdda4df62561d217e8d40f28099db2a2292524f15858bcd8d196f
12340f3a8e48731a6287b776791711b272c6d8f42a327436211556a86f99d3ec
14e25b63f7f37cc3b2f6378b74a9a3d6ce50f6a88b8e872492632891d6c9b464
14fa50b4472902ab306c2309650efbcd862ebacd6a893fed62acc7b2d745a5d7
17b72a170677eae5e44abd43a7b56d552330eecba53af9d4614246dddcd920d5
17e8d8e2bcc897d7e49be64e86ea57846752be8c91a471ed033085674e8b43dc
1ef497757dfca650cd2cb0f8c830f4c4de817d9bb270839049fda92f4daa6470
20b7865fe7fc75b595280e6a294ea589be8d179d31b4bdcada76ca3f83d06329
2721506819ee04ef37e21d626c324ec8fb230460b9f05f57bde51b0421065dc4
27697e05964d3a1eac2422c6dcae14daf5ec5c5fda62578488561b44258981b3
2a2bc03b9f7a7c3ca56b5da02c69bb8d0499d23b914d3805ae344019ec3864ba
2ac89a9f562e9f1eb306c29a4c5bd840a839df4462622739c8c71983d22526b5
2c1911b5714eb83e9aef09d86b7c9b50a66d0253ec58de81178b8da768c40abd
2c70c41d9a7461fc6d62e07f188c415d6346151f58165b9957d2d1584eb10f86
2d6f7c94b3e166e625366cf63331211bd44f0407d27c6c448052c41568a668db
349e2d397184ee547d861e0f19508107e18491acdfbd3f4865d408aa47110875
39337533922c08c293f96a905c5deeca2e42e458d7f2ae151baf6c1253cce2ee
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
42118ca875db2064731a597640970b1b6cfaeeb0d39dc32f5386808e94bc982d
437470dafdec4a0810f9d0136563a9da436cca7d0766b71f305f4ff371fdf0e7
446a0653eb029966713a689087479a27262d112017c748116aa9c0bbd2ea40ab
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc
47e4e9d6a6085ab95f2e82ec85c8293e4c042b425017cea1a6a8eb0102f67b0d
4b855abfde59f810b51c05c98f6bff2936d87bc69c0f38809c207f527cbd1cc9
4d1d7f06ccb95b0e6fb5d869137cfcddf67a1e43a72edd4530250f13b6892ca2
4dcc596660263e4d6b68cde2195d1b80c5fedc49141d5f8f9e9033440d3c9543
52d69e1df13b22c31278e7877d96493301a5896c1570b5f1995aa585fda938b6
5606169db16fd18b54489e0e579646451ef53763704d6cbb37cb7852586ae9e4
5629c4f73970acaea3bf7b36d2519831dd2ffe36a448f92d337671b20ac37287
5e9be87c87b5d47a12c745998ab1215670aecbfd69cfe824e029ecd9ef8221c1
5fe4862768a68aa62080317548b97d65b7fd823d5a925c957439b00a8c724860
61dae6a6d5cb3a81708e1903d5ddebb2614c7b6d289b8f5f37a3400c349c2fd6
62c61977e308958605d051576bc773741380ced32223ee79731d7294949e42c0
653fdc36504f4dc1ca57600626d068755c55b03d3436ee9beeecae8cc7bfbc0a
696d05831d67f4f75ce687fd87eab67ecbbde66c2bbb906fa25ec045c6f0d735
6e8ce767cbb829cf3b0d341429fbc514da8e2e4addc701d9c3e1d9680b522e1a
8244890aad232709b0763d38e6aef97f0b96b8070d141b3f32d9dc90c9e34265
82bc1a95bf612bc4f64416084b73d1b61916e7b52d85b4734698a7faeffdc9ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833d7be87d6a5d518516ed34d4be680969a701b49e65f8c6948433bb5ea069ca
83d2d400935d800d26283edcd3da1aeb768b9e36bb043bab4a784243c039d702
89d13dbfa445f6b9ec3e04aaf2464a23ee1df84f4d2a1586138ec2e48f37fa2b
8b750570c7c42ad690cc0ee103799da82abe8cec2b2780b25619659cbf3c36e5
8e5a800a14665fbfeaf06cebe2edce02197c30e8acbae4895bc7b90d78c44d96
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
99c31d0876efe42e168919c70c801cd19709832f6fae1d04a9834437ff4f9129
9b1bf922702cd08a9a76187a877695530ad6ce4b425fd72d7d326402ffcb7cf5
9e9fdbb784c2a03dee57f9a4e92055a844dddd87f08e636d7d24e1f35f46d12d
9eed039d40775eddeeaa10a04b1228e7fdbe643eb626a167b4f76a93af226173
a4f0bfd5f1dc027273eeebd1344c838d3efeaeccd5243f446c4735998998118f
a5f639e40f6d316ce63bc2698d7ee57064181f1d5f40aa99283dad35255bc51e
a6397cfdaa60cad6f61a5f5689b3f0cf9c2402fb8476403886ad262f4522450c
abf0d793d652d0ae24a6c70fc8dc35887075f78d93d3104de6df8fc7c9045ccd
ae8351f26611e403cab2e876c3a5ef02301481adee8e7f10a95a64f2da30cf63
afe72ea97fb24cea7d225c8fb40cd87d3d7986823e27c7242064a50729466111
b08939c038685caafc78560897563157fe7f7719f958c5d40af9d5f0d42990f0
b0e19fbdd0475fd522b37447388560317f215d4db38b8ebae64b96cb6b3090ad
b300f0c289d4e37ed11a00fcd037851b461afc4d348b62983d85623e693bb4a7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43c37a6c6c04873368e314bb87c344665fe73a6ee661917db14172f77678171
b94e2e077339ebd88dfce9cccdbb814e892632a17d9f2beadf233068b2d25042
c0999e39bd144ae0e33a943f7e77223345ea766c251cb59817dfc14285d6dda8
c313b51446547687332e286b3e9bfb63c8a57fdc93a2b7cf35ef836f4fdd5641
c4a41ecaee9140bde0d905ae1607e63ffac06d19f8de6301001f8a58d965e924
ca1e6c6f17ff69a39fac4c9663cc0a4b8ea95f53449823722c84020c63059ea4
d08dae9436e257662a6c835bf390afcd2e866b1c7ba4138148752eeea673aed6
d7f6efd2bdf5dfa299ec18ebf2a9a8a23a8fedc078a04cd0b063ad94e6089a38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7bc57f8a22991da05999fcc04cac892157ad412653dc7add7e0c2a76ab435d6
ecab0e692900cf4f669d5e58f48fd94f2226d2740d5699a0d940771bf3232de8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c542371cfbd2be99b66dcb65fdbccdf0ed19af4010fe43471d7e47c43807f5
fa70b0c23df06ed04da8dcc978d95fcaa4b474fd2009c0b038c4ede37abd5634