www.weleda.com Open in urlscan Pro
2001:1af8:4700:a158:121:0:1:90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://one-lnk.com/x1epUsHs8_nHGX3meQuqJDVhEp8f5D5gpMylGsJ8nMnfmCUZ5MOh8xwdyCI0w2lctqnwwA3DnsmrmEOr0pAMcW14A/x1e1DQ...
Effective URL:
https://www.weleda.com/about-us
Submission: On May 10 via manual (May 10th 2021, 6:57:00 pm UTC) from CA

Summary HTTP 94 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 26 domains to perform 94 HTTP transactions. The main IP is 2001:1af8:4700:a158:121:0:1:90, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is www.weleda.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 2nd 2020. Valid for: 2 years.

This is the only time www.weleda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.9.97.43 65.9.97.43	16509 (AMAZON-02) (AMAZON-02)
1 3	2001:1af8:470... 2001:1af8:4700:a158:121:0:1:90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
12	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	34.102.147.248 34.102.147.248	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:1b::84 2a04:4e42:1b::84	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 6	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.23.3.38 3.23.3.38	16509 (AMAZON-02) (AMAZON-02)
2	35.241.23.116 35.241.23.116	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2016	15169 (GOOGLE) (GOOGLE)
94	34

1 65.9.97.43 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

one-lnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:1af8:4700:a158:121:0:1:90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

www.weleda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

weledaint-prod.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.38 (United States) 2 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.102 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.11 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.3.38 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-3-38.us-east-2.compute.amazonaws.com

analytics.tsyhelm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.23.116 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 116.23.241.35.bc.googleusercontent.com

ut.ra.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google.com 2 redirects www.google.com adservice.google.com	58 KB
12	fastly.net weledaint-prod.global.ssl.fastly.net	929 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	772 KB
9	youtube-nocookie.com www.youtube-nocookie.com	705 KB
8	doubleclick.net 4 redirects ad.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
8	adnxs.com 4 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	9 KB
6	google.de adservice.google.de www.google.de	1 KB
4	facebook.com www.facebook.com	278 B
4	mouseflow.com 2 redirects cdn.mouseflow.com	57 KB
4	google-analytics.com www.google-analytics.com	21 KB
3	pinterest.com ct.pinterest.com	750 B
3	linksynergy.com ut.ra.linksynergy.com consent.linksynergy.com tags.rd.linksynergy.com	956 B
3	bing.com bat.bing.com	9 KB
3	facebook.net connect.facebook.net	169 KB
3	weleda.com 1 redirects www.weleda.com	372 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	805 B
2	pinimg.com s.pinimg.com	18 KB
2	googletagmanager.com www.googletagmanager.com	99 KB
2	youtube.com www.youtube.com	43 KB
1	ytimg.com i.ytimg.com	78 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	tsyhelm.com analytics.tsyhelm.com	233 B
1	cloudflare.com cdnjs.cloudflare.com	8 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	rakuten.com tag.rmp.rakuten.com	22 KB
1	one-lnk.com 1 redirects one-lnk.com	418 B
94	26

	Domain	Requested by
12	www.google.com	www.weleda.com www.gstatic.com www.youtube-nocookie.com
12	weledaint-prod.global.ssl.fastly.net	www.weleda.com weledaint-prod.global.ssl.fastly.net
10	www.gstatic.com	www.google.com www.youtube-nocookie.com
9	www.youtube-nocookie.com	www.youtube.com www.youtube-nocookie.com www.weleda.com
6	secure.adnxs.com	4 redirects www.weleda.com
4	www.google.de	www.weleda.com
4	www.facebook.com	www.weleda.com connect.facebook.net
4	ad.doubleclick.net	4 redirects
4	cdn.mouseflow.com	2 redirects www.weleda.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.weleda.com
3	ct.pinterest.com	s.pinimg.com www.weleda.com
3	bat.bing.com	www.weleda.com bat.bing.com
3	connect.facebook.net	www.weleda.com connect.facebook.net
3	www.weleda.com	1 redirects weledaint-prod.global.ssl.fastly.net
2	idsync.rlcdn.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	adservice.google.de	www.weleda.com
2	adservice.google.com	2 redirects
2	s.pinimg.com	www.weleda.com s.pinimg.com
2	www.googletagmanager.com	www.weleda.com www.googletagmanager.com
2	www.youtube.com	www.weleda.com www.youtube.com
1	i.ytimg.com	www.youtube-nocookie.com
1	yt3.ggpht.com	www.youtube-nocookie.com
1	tags.rd.linksynergy.com	www.weleda.com
1	fonts.gstatic.com	www.youtube-nocookie.com
1	ib.adnxs.com	www.weleda.com
1	consent.linksynergy.com	www.weleda.com
1	ut.ra.linksynergy.com	tag.rmp.rakuten.com
1	analytics.tsyhelm.com	www.weleda.com
1	acdn.adnxs.com	www.weleda.com
1	cdnjs.cloudflare.com	www.weleda.com
1	www.googleadservices.com	www.googletagmanager.com
1	tag.rmp.rakuten.com	www.weleda.com
1	one-lnk.com	1 redirects
94	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
twitter.com
www.natrue.org
forms.gle
accessible360.com

Subject Issuer	Validity	Valid
weleda.com GeoTrust TLS RSA CA G1	`2020-06-02` - `2022-08-01`	2 years	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rmp.rakuten.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-02-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
analytics.tsyhelm.com Amazon	`2021-02-01` - `2022-03-02`	a year	crt.sh
ut.ra.linksynergy.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.linksynergy.com Thawte RSA CA 2018	`2019-06-11` - `2021-07-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rd.linksynergy.com Thawte RSA CA 2018	`2020-01-03` - `2022-01-05`	2 years	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.weleda.com/about-us
Frame ID: A7C3964E35880EDC3B66EFE39E2AA65D
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=db7oi2u9x2jd
Frame ID: 3019CE2C024D0895A8571024A1A2EB57
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=p9joolxult49
Frame ID: 38341C2BF3D739D6113F962EF0224868
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
Frame ID: 164F2CDF456D01CCF99FF736CF9B7FF6
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=sxxugzjf0v5
Frame ID: 2A31D8BCF422232761E92BCC10BDE6F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=8vz22k2pplpi
Frame ID: 9162B9C64338C12496B5C114D806F56A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://one-lnk.com/x1epUsHs8_nHGX3meQuqJDVhEp8f5D5gpMylGsJ8nMnfmCUZ5MOh8xwdyCI0w2lctqnwwA3Dnsmr... HTTP 302
https://www.weleda.com/about-us/our-story?utm_source=email&utm_medium=apsis&utm_campaign=footer&ee=... HTTP 301
https://www.weleda.com/about-us Page URL

Page Statistics

94
Requests

100 %
HTTPS

62 %
IPv6

26
Domains

35
Subdomains

34
IPs

4
Countries

3383 kB
Transfer

9364 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Weleda.NA/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/weleda_usa/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WeledaNorthAmerica
Title: Youtube

Search URL Search Domain Scan URL

URL: http://twitter.com/Weleda
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.natrue.org/
Title: NATRUE

Search URL Search Domain Scan URL

URL: https://forms.gle/qE9AB6eQ98k31uuX8
Title: Baby Samples Inquires

Search URL Search Domain Scan URL

URL: https://accessible360.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://one-lnk.com/x1epUsHs8_nHGX3meQuqJDVhEp8f5D5gpMylGsJ8nMnfmCUZ5MOh8xwdyCI0w2lctqnwwA3DnsmrmEOr0pAMcW14A/x1e1DQn8kTf4AeWYLaZuh8kh6YHD4B4uj2aHt0_aD2LB18c7378D3hV34rx2ui3MsSbLq4IZDbzpDwTV0BhJVkbodiw4iyrdv4t8So1Dh7ZWdNex7X6kLhCq7vHmMQ6Gi5_vFvTgk-RLMg8g8hqvFXJB2tDRkT-O_cLbu_X7bbl2wr4YLvKmTehImKmeodgKKZUpmTs9QID7eyeSmtkC0hIDjwGA4nMIBe8-XmE502e-qbZtH16ZDkmDRhO1EWAv8Yb/x1evATM5dNJaImXE2tOOMYHIjb-a-cuwvAKkddcvtuB-1EdFjB5l7exSdpgewtqKyva/ HTTP 302
https://www.weleda.com/about-us/our-story?utm_source=email&utm_medium=apsis&utm_campaign=footer&ee=KDGzrTdGULBxNJoa6rMa HTTP 301
https://www.weleda.com/about-us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0.js HTTP 301
https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0_eu.js

Request Chain 27

https://cdn.mouseflow.com/projects/a11e1089-cd12-417a-8b74-9141c1632f8d.js HTTP 301
https://cdn.mouseflow.com/projects/a11e1089-cd12-417a-8b74-9141c1632f8d_eu.js

Request Chain 32

https://ad.doubleclick.net/activity;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001 HTTP 302
https://adservice.google.com/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda.com/

Request Chain 33

https://secure.adnxs.com/px?id=825861&seg=10661162&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D825861%26seg%3D10661162%26t%3D2

Request Chain 34

https://secure.adnxs.com/px?id=1024434&seg=14318820&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1024434%26seg%3D14318820%26t%3D2

Request Chain 35

https://secure.adnxs.com/getuid?https://analytics.tsyhelm.com/pixel.gif?bust=1620673001&session=iazjslsgh&tsy_id=0ff94eb4-1b07-455b-bcae-b2ad3de7343a&referrer=&client=weleda&event=pageview&fragment=&xandr_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fanalytics.tsyhelm.com%2Fpixel.gif%3Fbust%3D1620673001%26session%3Diazjslsgh%26tsy_id%3D0ff94eb4-1b07-455b-bcae-b2ad3de7343a%26referrer%3D%26client%3Dweleda%26event%3Dpageview%26fragment%3D%26xandr_id%3D%24UID HTTP 302
https://analytics.tsyhelm.com/pixel.gif?bust=1620673001&session=iazjslsgh&tsy_id=0ff94eb4-1b07-455b-bcae-b2ad3de7343a&referrer=&client=weleda&event=pageview&fragment=&xandr_id=3041409263638756182

Request Chain 36

https://ad.doubleclick.net/ddm/activity/src=10651509;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID] HTTP 302
https://adservice.google.com/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://www.weleda.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://www.weleda.com/

Request Chain 64

https://idsync.rlcdn.com/458359.gif?partner_uid=d35814fa-e38c-9b31-0b48-6686384f2dbd HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGQzNTgxNGZhLWUzOGMtOWIzMS0wYjQ4LTY2ODYzODRmMmRiZBAAGg0I6YPmhAYSBQjoBxAAQgBKAA HTTP 307
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=1fa6ba6cefbe23f423b51a3ae1945f59408f65a8ccfc4cba53051fcb0714a9656ac34734d8e453ee

94 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request about-us Show response
www.weleda.com/
Redirect Chain

https://one-lnk.com/x1epUsHs8_nHGX3meQuqJDVhEp8f5D5gpMylGsJ8nMnfmCUZ5MOh8xwdyCI0w2lctqnwwA3DnsmrmEOr0pAMcW14A/x1e1DQn8kTf4AeWYLaZuh8kh6YHD4B4uj2aHt0_aD2LB18c7378D3hV34rx2ui3MsSbLq4IZDbzpDwTV0BhJVkb...
https://www.weleda.com/about-us/our-story?utm_source=email&utm_medium=apsis&utm_campaign=footer&ee=KDGzrTdGULBxNJoa6rMa
https://www.weleda.com/about-us

581 KB
371 KB

374ms
374ms

Document
text/html

2001:1af8:4700:a158:121:0:1:90
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:1af8:4700:a158:121:0:1:90 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

Resource Hash

404e274d3a873a64669fdc0cf5432b25c544dc28c354c715394211995448e864

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
X-Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: www.weleda.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: BACKEND=site3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:39 GMT
vary: Origin,Accept-Encoding
pragma: no-cache
cache-control: no-cache
content-security-policy: frame-ancestors 'self' weleda.sabio.de
x-content-security-policy: frame-ancestors 'self' weleda.sabio.de
x-webkit-csp: frame-ancestors 'self' weleda.sabio.de
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-type: text/html;charset=UTF-8
set-cookie: _visitor=403d985e-7773-4fe8-a26b-5ecebe57ec58; Max-Age=63072000; Expires=Wed, 10-May-2023 18:56:39 GMT; Path=/; HttpOnly JSESSIONID=3235186A462B0CEB926731D7EAEF6401; Path=/; HttpOnly CUSTOMER_UUID=269642d0-be3e-4473-a069-7aed968478ec; Max-Age=31536000; Expires=Tue, 10-May-2022 18:56:39 GMT; Path=/; HttpOnly _visitor=403d985e-7773-4fe8-a26b-5ecebe57ec58; Max-Age=63072000; Expires=Wed, 10-May-2023 18:56:39 GMT; Path=/; HttpOnly; SameSite=none; Secure JSESSIONID=3235186A462B0CEB926731D7EAEF6401; Path=/; HttpOnly; SameSite=none; Secure CUSTOMER_UUID=269642d0-be3e-4473-a069-7aed968478ec; Max-Age=31536000; Expires=Tue, 10-May-2022 18:56:39 GMT; Path=/; HttpOnly; SameSite=none; Secure BACKEND=site3; Path=/; HttpOnly; SameSite=none; Secure
content-encoding: gzip
x-served-by: web-prod-3
x-time-microsecs: D=359412
transfer-encoding: chunked

Redirect headers

date: Mon, 10 May 2021 18:56:39 GMT
location: /about-us
content-length: 0
x-served-by: web-prod-3
x-time-microsecs: D=48781
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: BACKEND=site3; path=/; HttpOnly
cache-control: private

GET
H/1.1 200
OK style.css
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/ 865 KB
102 KB 95ms
28ms Stylesheet
text/css 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea5ba02133d4741a48515f590569b8a33c40499b3c14a59f60bfdcef2b276d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
Age: 325641
Via: 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Content-Length: 103860
x-xss-protection: 1; mode=block
X-Served-By: web-prod-4, cache-fra19125-FRA
x-frame-options: DENY
X-Timer: S1620673000.074459,VS0,VE0
x-time-microsecs: D=27773
Vary: Accept-Encoding, Origin
content-type: text/css;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Sat, 07 May 2022 00:29:19 GMT
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
X-Cache-Hits: 46

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
647 B 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0927d50af6e8720020e4676afb22e29d4f5d3fbc26bf35b258c43c9b29744283

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 10 May 2021 18:56:39 GMT

GET
H/1.1 200
OK script.js Show response
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/js/ 858 KB
231 KB 103ms
36ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/js/script.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e3c0b6ce19481e248061e663185c2dfd798dadb235c58ad8599c941477a51c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
Age: 457073
Via: 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Content-Length: 236085
x-xss-protection: 1; mode=block
X-Served-By: web-prod-1, cache-fra19128-FRA
x-frame-options: DENY
X-Timer: S1620673000.079744,VS0,VE0
x-time-microsecs: D=21676
Vary: Accept-Encoding, Origin
content-type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Thu, 05 May 2022 11:58:46 GMT
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK script.js Show response
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/js/module-assets/headerfooter/ 21 KB
6 KB 30ms
29ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/js/module-assets/headerfooter/script.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dde9bd69e383dd3c2a5bf40418b5689b5b1a763e83c0d249335fe0f3a3cd5e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
Age: 457074
Via: 1.1 varnish
X-Cache: HIT
Connection: keep-alive
Content-Length: 5479
x-xss-protection: 1; mode=block
X-Served-By: web-prod-4, cache-fra19128-FRA
x-frame-options: DENY
X-Timer: S1620673000.182698,VS0,VE0
x-time-microsecs: D=10779
Vary: Accept-Encoding, Origin
content-type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Thu, 05 May 2022 11:58:47 GMT
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
X-Cache-Hits: 72

GET
H/1.1 200
OK weledahippo%3Astagestatic1792x768
weledaint-prod.global.ssl.fastly.net/binaries/content/gallery/us-en/headers/story/hd_switzerland_harvest.jpg/hd_switzerland_harvest.jpg/ 402 KB
403 KB 196ms
194ms Image
image/jpeg 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weledaint-prod.global.ssl.fastly.net/binaries/content/gallery/us-en/headers/story/hd_switzerland_harvest.jpg/hd_switzerland_harvest.jpg/weledahippo%3Astagestatic1792x768

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4cc426ad6c796f7ad7bbd69d8068dbc66b65eaebe73e33d4c80e6e2543e2333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Length: 411760
x-xss-protection: 1; mode=block
X-Served-By: web-prod-2, cache-fra19125-FRA
last-modified: Wed, 25 Nov 2020 17:43:58 GMT
x-frame-options: DENY
X-Timer: S1620673000.182017,VS0,VE163
x-time-microsecs: D=84298
etag: "1639946320703"
Vary: Accept-Encoding, Origin
content-type: image/jpeg;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Sat, 23 Oct 2021 20:09:21 GMT
Cache-control: public, immutable, max-age=14346761, public
Accept-Ranges: bytes
link: <https://www.weleda.com/binaries/content/gallery/us-en/headers/story/hd_switzerland_harvest.jpg/hd_switzerland_harvest.jpg/weledahippo:stagestatic1792x768>; rel="canonical"
X-Cache-Hits: 0

GET
H/1.1 200
OK reviewed_by_a360_badge.jpg
weledaint-prod.global.ssl.fastly.net/binaries/content/gallery/global/assets/icons/ 6 KB
7 KB 60ms
30ms Image
image/jpeg 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weledaint-prod.global.ssl.fastly.net/binaries/content/gallery/global/assets/icons/reviewed_by_a360_badge.jpg

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c009a2b3c60b11c54854c6bd1262c0f01578a582d084e20a8cd282ce7b07e2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 325654
X-Cache: HIT
Connection: keep-alive
Content-Length: 6251
x-xss-protection: 1; mode=block
X-Served-By: web-prod-4, cache-fra19128-FRA
last-modified: Mon, 01 Mar 2021 13:20:42 GMT
x-frame-options: SAMEORIGIN
X-Timer: S1620673000.212091,VS0,VE1
x-time-microsecs: D=170338
etag: "1635259945003"
Vary: Accept-Encoding, Origin
content-type: image/jpeg;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Mon, 12 Jul 2021 11:37:29 GMT
Cache-control: public, immutable, max-age=5742503, public
Accept-Ranges: bytes
link: <https://www.weleda.com/binaries/content/gallery/global/assets/icons/reviewed_by_a360_badge.jpg>; rel="canonical"
X-Cache-Hits: 1

GET
H/1.1 200
OK pci_compliant.jpg
weledaint-prod.global.ssl.fastly.net/binaries/content/gallery/global/assets/icons/ 7 KB
8 KB 84ms
28ms Image
image/jpeg 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weledaint-prod.global.ssl.fastly.net/binaries/content/gallery/global/assets/icons/pci_compliant.jpg

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d95ac4ea48475884c2ff1ffee5bb336cbde61170eafdf92a4aca173871323d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 235641
X-Cache: HIT
Connection: keep-alive
Content-Length: 7276
x-xss-protection: 1; mode=block
X-Served-By: web-prod-3, cache-fra19139-FRA
last-modified: Fri, 01 Jul 2016 11:56:17 GMT
x-frame-options: SAMEORIGIN
X-Timer: S1620673000.238439,VS0,VE1
x-time-microsecs: D=52132
etag: "1448155763016"
Vary: Accept-Encoding, Origin
content-type: image/jpeg;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Sat, 14 Mar 2026 15:02:20 GMT
Cache-control: public, immutable, max-age=153063181, public
Accept-Ranges: bytes
link: <https://www.weleda.com/binaries/content/gallery/global/assets/icons/pci_compliant.jpg>; rel="canonical"
X-Cache-Hits: 1

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
826 B 20ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5f5976a9951ccc9633713128a757238fe10f5213823283eb8d617e396d8a962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 10 May 2021 18:56:40 GMT

GET
H2 200 120236.ct.js Show response
tag.rmp.rakuten.com/ 66 KB
22 KB 326ms
264ms Script
text/javascript 34.102.147.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rmp.rakuten.com/120236.ct.js
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 8b6ab988b18c2b7f2c02bde491aee843951b4689a1514c5e0770cf50498ff55d

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 18:56:40 GMT
x-cache: miss
x-samesite: secure
via: 1.1 google
cache-control: max-age=86400
accept-ranges: bytes
content-type: text/javascript
alt-svc: clear

GET
H/1.1 200
OK 28a76428-4ba0-42c7-9121-ed9e13cfb893.woff2
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/ 21 KB
22 KB 89ms
29ms Font
application/octet-stream 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/28a76428-4ba0-42c7-9121-ed9e13cfb893.woff2

Requested by

Host: weledaint-prod.global.ssl.fastly.net
URL: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32f5e862339cb9bdd39fcaa7370da6d37528ba2873bc7bc92e8b9a3067af16dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.weleda.com
Referer: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 394090
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Content-Length: 21508
x-xss-protection: 1; mode=block
X-Served-By: web-prod-4, cache-fra19166-FRA
x-frame-options: DENY
X-Timer: S1620673000.249763,VS0,VE2
x-time-microsecs: D=8863
Vary: Accept-Encoding, Origin
content-type: application/octet-stream;charset=UTF-8
Access-Control-Allow-Origin: https://www.weleda.com
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
expires: Fri, 06 May 2022 05:28:29 GMT

GET
H/1.1 200 cartItems Show response
www.weleda.com/restservices-us-en/cart/ 16 B
437 B 78ms
78ms XHR
application/json 2001:1af8:4700:a158:121:0:1:90
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weleda.com/restservices-us-en/cart/cartItems?_=1620673000216

Requested by

Host: weledaint-prod.global.ssl.fastly.net
URL: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/js/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:1af8:4700:a158:121:0:1:90 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

Resource Hash

eb1fcc87563c225dea39c6df4128636f3b148f58a62b8f7ed79592f0ea6784ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.weleda.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: BACKEND=site3; _visitor=403d985e-7773-4fe8-a26b-5ecebe57ec58; JSESSIONID=3235186A462B0CEB926731D7EAEF6401; CUSTOMER_UUID=269642d0-be3e-4473-a069-7aed968478ec
Connection: keep-alive
Referer: https://www.weleda.com/about-us
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.weleda.com/about-us
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-time-microsecs: D=22919
x-frame-options: DENY
content-type: application/json;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
content-length: 36
x-xss-protection: 1; mode=block
x-served-by: web-prod-3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
66 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKFMJR

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1050023a289a09939fdd6f6dfff5be0fd07f105c70c71c594825f9fa625bb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67193
x-xss-protection: 0
last-modified: Mon, 10 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 18:56:40 GMT

GET
H/1.1 200
OK weleda_logo.svg
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/img/ 9 KB
9 KB 29ms
28ms Image
image/svg+xml 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/img/weleda_logo.svg

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e31d14b8c5505637012e8570bde2526e21e2c65520dc23783f685d309dc73749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 325946
X-Cache: HIT
X-Cache-Hits: 2
Connection: keep-alive
Content-Length: 9026
x-xss-protection: 1; mode=block
X-Served-By: web-prod-3, cache-fra19128-FRA
x-frame-options: DENY
X-Timer: S1620673000.253296,VS0,VE0
x-time-microsecs: D=9398
Vary: Accept-Encoding, Origin
content-type: image/svg+xml;charset=UTF-8
Access-Control-Allow-Origin: http://www.weleda.de
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
expires: Sat, 07 May 2022 00:24:13 GMT

GET
DATA 200
OK truncated
/ 349 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a591327de9f9f5ff621be988b37cd7219f213db6727b0719b995e5b688df86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ 335 KB
131 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99416b76ef60008edc2057882bfb782e731a5a32264d60c7f2a5f69e577c618d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.weleda.com
Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16195
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133814
x-xss-protection: 0
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:26:45 GMT

GET
H/1.1 200
OK weledaicon.woff
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/icons/ 63 KB
64 KB 31ms
30ms Font
application/x-font-woff 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/icons/weledaicon.woff

Requested by

Host: weledaint-prod.global.ssl.fastly.net
URL: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d170923c43506a271926839082b422a61ee694cab65cc987917fc29df9610772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.weleda.com
Referer: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 456118
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Content-Length: 64780
x-xss-protection: 1; mode=block
X-Served-By: web-prod-1, cache-fra19166-FRA
x-frame-options: DENY
X-Timer: S1620673000.313468,VS0,VE1
x-time-microsecs: D=10090
Vary: Accept-Encoding, Origin
content-type: application/x-font-woff;charset=UTF-8
Access-Control-Allow-Origin: https://www.weleda.com
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
expires: Thu, 05 May 2022 12:14:41 GMT

GET
H/1.1 200
OK 4187f20b-019d-4146-9d93-dc5ffe3a3296.woff2
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/ 21 KB
22 KB 154ms
97ms Font
application/octet-stream 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/4187f20b-019d-4146-9d93-dc5ffe3a3296.woff2

Requested by

Host: weledaint-prod.global.ssl.fastly.net
URL: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9731c02ae6eaf41be969881c52bfe42e70f7ca6962a3b4e163a69be177298e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.weleda.com
Referer: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 325652
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Content-Length: 21396
x-xss-protection: 1; mode=block
X-Served-By: web-prod-1, cache-fra19166-FRA
x-frame-options: DENY
X-Timer: S1620673000.369558,VS0,VE63
x-time-microsecs: D=41775
Vary: Accept-Encoding, Origin
content-type: application/octet-stream;charset=UTF-8
Access-Control-Allow-Origin: https://www.weleda.com
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
expires: Sat, 07 May 2022 00:29:08 GMT

GET
H/1.1 200
OK newweled-webfont.woff2
weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/ 20 KB
20 KB 94ms
35ms Font
application/octet-stream 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/fonts/newweled-webfont.woff2

Requested by

Host: weledaint-prod.global.ssl.fastly.net
URL: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

91f2edda3944cabfc1c287b09904319fa299a6414ae12c5047f7cd057f0b2ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.weleda.com
Referer: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Age: 456118
X-Cache: HIT
X-Cache-Hits: 1
Connection: keep-alive
Content-Length: 20032
x-xss-protection: 1; mode=block
X-Served-By: web-prod-4, cache-fra19148-FRA
x-frame-options: DENY
X-Timer: S1620673000.373121,VS0,VE3
x-time-microsecs: D=9442
Vary: Accept-Encoding, Origin
content-type: application/octet-stream;charset=UTF-8
Access-Control-Allow-Origin: https://www.weleda.com
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
Cache-control: public, immutable, max-age=31536000, public
Accept-Ranges: bytes
expires: Thu, 05 May 2022 12:14:41 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/838cc154/www-widgetapi.vflset/ 120 KB
42 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fc14b506094638e5299d3cec5e2940ffe41bc978a4497d52b0eb17cc4ce47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 16:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 8242
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42906
x-xss-protection: 0
expires: Tue, 10 May 2022 16:39:18 GMT

GET
H/1.1 200
OK products_us-en_1620669666384.json Show response
weledaint-prod.global.ssl.fastly.net/binaries/content/assets/json/products/ 222 KB
35 KB 145ms
145ms XHR
application/json 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://weledaint-prod.global.ssl.fastly.net/binaries/content/assets/json/products/products_us-en_1620669666384.json

Requested by

Host: weledaint-prod.global.ssl.fastly.net
URL: https://weledaint-prod.global.ssl.fastly.net/webfiles/1620214161015/js/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

470954786f9f758f5ef08c422a02359baf96a23a9391e39b9a654f3161749504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish
X-Cache: MISS
Connection: keep-alive
Content-Length: 34928
x-xss-protection: 1; mode=block
X-Served-By: web-prod-3, cache-fra19166-FRA
last-modified: Mon, 10 May 2021 18:01:06 GMT
x-frame-options: DENY
X-Timer: S1620673001.686298,VS0,VE117
x-time-microsecs: D=88974
etag: "1584841577914-gzip"
Vary: Accept-Encoding, Origin
content-type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.weleda.com
X-Fastly-Auth: fastly-5ee0fc58d2744fab84c227bfc25f13e1
expires: Mon, 10 May 2021 19:52:15 GMT
Cache-control: public, immutable, max-age=3334, public
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3019 39 KB
20 KB 36ms
35ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=db7oi2u9x2jd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aaceaf681d1e0d30b7edd04b7a93464a81c6616a4d2f9207015288258d26b2ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-14tjKMvSz7f3GrqGB0Rcxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=db7oi2u9x2jd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.weleda.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 May 2021 18:56:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-14tjKMvSz7f3GrqGB0Rcxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20188
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3834 40 KB
21 KB 38ms
37ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=p9joolxult49

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a18cdd3ac48230cc57d94e6bcc304d5e635d1d1c1ab4843d077776f3b2d982c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HsoOwBLtmEKRpzvySPvrtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=p9joolxult49
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.weleda.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 May 2021 18:56:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-HsoOwBLtmEKRpzvySPvrtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21135
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKFMJR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1788
date: Mon, 10 May 2021 18:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 10 May 2021 20:26:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 50ms
49ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKFMJR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13939
x-xss-protection: 0
server: cafe
etag: 16751590114636182394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 May 2021 18:56:40 GMT

GET
H2

200

1bde951a-997a-4a7a-b470-66205f42e9d0_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0.js
https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0_eu.js

168 KB
56 KB

322ms
322ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0_eu.js
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e663f9202f29e3842b835ba180b3bdff56aa3047d63d1b094821cdf778133813

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 07:44:38 GMT
server: NetDNA-cache/2.2
etag: W/"8a7c92fcb31d71:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/1bde951a-997a-4a7a-b470-66205f42e9d0_eu.js
date: Mon, 10 May 2021 18:56:40 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: BT3eY4PxC2AzoQoMDTiiC0RWmYp98H47K8jFqMNKQRSaewvs3lc6mJFjQF1hRowOArxKqUSSFcxQTOxqivPaDg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 10 May 2021 18:56:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 7ms
5ms Script
application/javascript 2a04:4e42:1b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 337c5824e8502220398b84ba82ac409c2139beba4083b7f9d430911f6038b69f

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "bd6bc0ee8c67107934ef9487b4afc41d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2

200

a11e1089-cd12-417a-8b74-9141c1632f8d_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/a11e1089-cd12-417a-8b74-9141c1632f8d.js
https://cdn.mouseflow.com/projects/a11e1089-cd12-417a-8b74-9141c1632f8d_eu.js

764 B
659 B

103ms
95ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/a11e1089-cd12-417a-8b74-9141c1632f8d_eu.js
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 20:19:31 GMT
server: NetDNA-cache/2.2
etag: W/"2ca91bee17cbd51:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/a11e1089-cd12-417a-8b74-9141c1632f8d_eu.js
date: Mon, 10 May 2021 18:56:40 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 200 sjcl.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sjcl/1.0.6/ 25 KB
8 KB 15ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sjcl/1.0.6/sjcl.min.js

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5133bdb5a30932cbbcef2eacf3b4824d73a8fb0b01954800374aaf0b416d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1550197
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7830
cf-request-id: 09f93c8d75000016eab1b58000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-62b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=coub9L6aSh%2BHj2SOpT%2FZkE8zm9MJmdm40ESSKitFD8ME7568LJljNuG%2FifoGHS20BmX3nlq9tzJm47plwPcmVV8GpZs87ZsEnWUbUjjFHM5yJwgRfIm6UpWYKy3ae%2FReDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64d5638f284916ea-FRA
expires: Sat, 30 Apr 2022 18:56:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 33ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: 78B2C7B9FEE74DF7B4A9A2DF132605EE Ref B: FRAEDGE1309 Ref C: 2021-05-10T18:56:40Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-853599953

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKFMJR

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94e24988d5ce67dd20c5fe85702263bf99f2174e8bab68e567080dd9f0d5e54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34213
x-xss-protection: 0
last-modified: Mon, 10 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 18:56:40 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 7 KB
3 KB 97ms
33ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
ETag: "5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2601
Expires: Tue, 11 May 2021 18:56:42 GMT

GET
H2

200

/
adservice.google.de/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda.com/
Redirect Chain

https://ad.doubleclick.net/activity;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001?
https://ad.doubleclick.net/activity;dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001?
https://adservice.google.com/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda....
https://adservice.google.de/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda.com/

42 B
107 B

46ms
43ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda.com/

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/dc_pre=COqxkrTlv_ACFUIMewodm7MCSQ;src=8072263;type=sitev0;cat=sitev0;ord=1;num=4178745696107;gtm=2wg4s0;auiddc=1773620135.1620673001;~oref=https://www.weleda.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=825861&seg=10661162&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D825861%26seg%3D10661162%26t%3D2

43 B
1 KB

53ms
52ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D825861%26seg%3D10661162%26t%3D2

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 18:56:41 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid: 1d69d9ec-7cbc-4573-b16c-4d65bb739518
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 18:56:40 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: 283c17cc-7c82-4daa-b2f3-f22553de3136
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D825861%26seg%3D10661162%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1024434&seg=14318820&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1024434%26seg%3D14318820%26t%3D2

43 B
1 KB

44ms
42ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1024434%26seg%3D14318820%26t%3D2

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 May 2021 18:56:41 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 2f9c951a-6634-413d-a868-6d0f5c1a59b9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 18:56:40 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.153:80
AN-X-Request-Uuid: 330d9ca7-1086-48e4-86d3-fc6fcb0a698b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1024434%26seg%3D14318820%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel.gif
analytics.tsyhelm.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://analytics.tsyhelm.com/pixel.gif?bust=1620673001&session=iazjslsgh&tsy_id=0ff94eb4-1b07-455b-bcae-b2ad3de7343a&referrer=&client=weleda&event=pageview&fragment...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fanalytics.tsyhelm.com%2Fpixel.gif%3Fbust%3D1620673001%26session%3Diazjslsgh%26tsy_id%3D0ff94eb4-1b07-455b-bcae-b2ad3de7343a%26referrer%3D%2...
https://analytics.tsyhelm.com/pixel.gif?bust=1620673001&session=iazjslsgh&tsy_id=0ff94eb4-1b07-455b-bcae-b2ad3de7343a&referrer=&client=weleda&event=pageview&fragment=&xandr_id=3041409263638756182

64 B
233 B

762ms
490ms

Image
image/gif

3.23.3.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.tsyhelm.com/pixel.gif?bust=1620673001&session=iazjslsgh&tsy_id=0ff94eb4-1b07-455b-bcae-b2ad3de7343a&referrer=&client=weleda&event=pageview&fragment=&xandr_id=3041409263638756182
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.3.38 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-3-38.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
content-length: 64
apigw-requestid: fIE8fh7SCYcEM1Q=
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 10 May 2021 18:56:41 GMT
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid: c95cb5ba-202f-4d47-ba5f-235178ad648d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://analytics.tsyhelm.com/pixel.gif?bust=1620673001&session=iazjslsgh&tsy_id=0ff94eb4-1b07-455b-bcae-b2ad3de7343a&referrer=&client=weleda&event=pageview&fragment=&xandr_id=3041409263638756182
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10651509;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[...
https://ad.doubleclick.net/ddm/activity/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...
https://adservice.google.com/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons...
https://adservice.google.de/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_conse...

42 B
744 B

67ms
42ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://www.weleda.com/

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=10651509;dc_pre=COS2krTlv_ACFYQNewodV6MCzw;type=weled0;cat=weled0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID];~oref=https://www.weleda.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsp Show response
ut.ra.linksynergy.com/ 131 B
363 B 116ms
49ms Script
text/javascript 35.241.23.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.ra.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by: Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120236.ct.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.116 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.23.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 94018fba2a88a2723351208aed5ca2e3dcfdabd209d9a02e43fa1646b45c9084

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
via: 1.1 google
p3p: CP="NOI BUS NID DSP COR"
content-encoding: gzip
alt-svc: clear
content-length: 132
content-type: text/javascript

GET
H2 200 p
consent.linksynergy.com/consent/v2/ 37 B
258 B 107ms
38ms Image
image/gif 35.241.23.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.linksynergy.com/consent/v2/p?rmch=cs&tp=gdpr&domain=www.weleda.com&sought=false&in_scope=true&purposes=&vendors=&ext_id=875c38bf-236d-41ba-9ce1-3ea099195ee7
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.116 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.23.241.35.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
via: 1.1 google
content-type: image/gif
alt-svc: clear
content-length: 37
p3p: CP="NOI BUS NID DSP COR"

GET
H2 200 wX0I-UBZIPI Show response
www.youtube-nocookie.com/embed/ Frame 164F 50 KB
22 KB 80ms
58ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/838cc154/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffbd55a6177d59750ac56f40a60a8f8dde3377342d000843bb5bb76ca6fbc1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.weleda.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 May 2021 18:56:40 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+300; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 10 May 2021 19:53:44 GMT

GET
H2 200 main.174fc5ea.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.174fc5ea.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "b34201d87a68e217179821df4a24c060"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17102
access-control-expose-headers: X-CDN

GET
H3-29 200 446805395688117 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/446805395688117?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a00f732839bedc18758b9b373da28d15ccfe9a156f6b611feb13033152fb7a65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74220
x-fb-rlafr: 0
pragma: public
x-fb-debug: 8/KSSgLT5Yoxcy6Glhmd3XyeVgdyGadDHL/z7kXDYhfl3/NguFU5txVzevciE/IApfyRw6vMzMZp2PCz6ytveQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 May 2021 18:56:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 23000713 Show response
bat.bing.com/p/action/ 0
93 B 35ms
35ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/23000713
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 May 2021 18:56:40 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: A8FA379016FD4A6599CC5EBF91898D7D Ref B: FRAEDGE1309 Ref C: 2021-05-10T18:56:40Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
93 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=23000713&Ver=2&mid=9f0879fa-e0d3-47b3-850e-71d2f9618a2b&sid=74b501e0b1c111ebac030b861757789a&vid=74b513f0b1c111eb83627720d081b234&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&p=https%3A%2F%2Fwww.weleda.com%2Fabout-us&r=&lt=1507&evt=pageLoad&msclkid=N&sv=1&rn=666692
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 10 May 2021 18:56:40 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C705A28C001D49F9996216D8276B92AD Ref B: FRAEDGE1309 Ref C: 2021-05-10T18:56:40Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1620673000980&cv=9&fst=1620673000980&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.weleda.com%2Fabout-us&tiba=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed39c42e5f1cd537dad0c92d3dc9161772010b6978d8b9533dd85e66e4184ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
352 B 152ms
33ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=e00d387c-b7c2-40b1-92f3-ff911b5dd71c&it=1620673000985&v=0.0.15&u=https%3A%2F%2Fwww.weleda.com%2Fabout-us&st=1620673000985&et=1620673000985&if=0
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 18:56:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 196.240.57.220; 196.240.57.220; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 10.2.80.88:80
Content-Length: 42
Content-Type: image/gif

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 3019 51 KB
25 KB 22ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=db7oi2u9x2jd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
age: 6666
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Tue, 10 May 2022 17:05:34 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 3019 335 KB
131 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99416b76ef60008edc2057882bfb782e731a5a32264d60c7f2a5f69e577c618d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133814
x-xss-protection: 0
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:26:45 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 3834 51 KB
25 KB 21ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
age: 6667
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Tue, 10 May 2022 17:05:34 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 3834 335 KB
131 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99416b76ef60008edc2057882bfb782e731a5a32264d60c7f2a5f69e577c618d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133814
x-xss-protection: 0
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:26:45 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/ 2 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853599953/?random=1620673001022&cv=9&fst=1620673001022&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.weleda.com%2Fabout-us&tiba=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f485685cc5c89ad62d41032539b6c894879a6761f8a520663a445c02056009a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 57 B
306 B 127ms
61ms XHR
application/json 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2617133106630&cb=1620673001088
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.174fc5ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ea9a39cb1c8f282b7c510a478c0cbadcba172d3692ba22d335c3e0977bf88189

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.weleda.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVl6RTRNekZpWVdFdFl6VXdNUzAwTWpBMExUbG1ZMkV0TnpSaE9XWXdaVEpsWVRsbQ
x-pinterest-rid: 8273129933670357
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
content-length: 77
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 120ms
56ms Image
image/gif 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2617133106630&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.weleda.com%2Fabout-us%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22174fc5ea%22%7D&cb=1620673001089
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1823596854559693
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 567911746891458 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/567911746891458?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12e9fae6023d86ae9da84f0fda9ecf80853971024b3869226f296b2791d42b6c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74158
x-fb-rlafr: 0
pragma: public
x-fb-debug: 4Zu8Z/XDEPBLVnqE9yyf/7imtsmIhTr/wUMMOVz5R6dZPeMovFoQsPpSrOueDrXIh8m8U13EfvxMq58EfLq+eg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 May 2021 18:56:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=446805395688117&ev=PageView&dl=https%3A%2F%2Fwww.weleda.com%2Fabout-us&rl=&if=false&ts=1620673001122&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620673001119.666943831&it=1620673000969&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=l0&rqm=GET

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 10 May 2021 18:56:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 37ms
36ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-35972047-1&cid=2039105689.1620673001&jid=2097015383&gjid=1026429900&_gid=619854934.1620673001&_u=aGBAgEALAAAAAE~&z=781819102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 18:56:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.weleda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=1390846495&t=pageview&_s=1&dl=https%3A%2F%2Fwww.weleda.com%2Fabout-us&ul=en-us&de=UTF-8&dt=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALAAAAAG~&jid=413984329&gjid=956871270&cid=2039105689.1620673001&tid=UA-57093936-21&_gid=619854934.1620673001&_r=1&gtm=2wg4s0PKFMJR&z=1663799322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weleda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1390846495&t=pageview&_s=1&dl=https%3A%2F%2Fwww.weleda.com%2Fabout-us&ul=en-us&de=UTF-8&dt=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=2097015383&gjid=1026429900&cid=2039105689.1620673001&tid=UA-35972047-1&_gid=619854934.1620673001&gtm=2wg4s0PKFMJR&z=773178770

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65567
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube-nocookie.com/s/player/838cc154/ Frame 164F 359 KB
53 KB 12ms
10ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/838cc154/www-player-webp.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

458f0d6ddd69b45ae8a3858e346eb5c4dd6557d07a6f93e41819ceca18003603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 360479
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54022
x-xss-protection: 0
expires: Fri, 06 May 2022 14:48:42 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/838cc154/www-embed-player.vflset/ Frame 164F 189 KB
67 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/838cc154/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf592ded5e37c31c3e1df0010cb88f9e742411dc388ba1a9da05d6b562c52d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 360539
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68201
x-xss-protection: 0
expires: Fri, 06 May 2022 14:47:42 GMT

GET
H3-29 200 base.js Show response
www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/ Frame 164F 2 MB
521 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c4056c042180b15422accdb377a3d74d87785e6ba63d4d3f19493a6aed3cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 360006
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 532999
x-xss-protection: 0
expires: Fri, 06 May 2022 14:56:35 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/838cc154/fetch-polyfill.vflset/ Frame 164F 8 KB
3 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/838cc154/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 360539
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 06 May 2022 14:47:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 164F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube-nocookie.com
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 508241
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 04 May 2022 21:46:00 GMT

GET
H2

200

cs
tags.rd.linksynergy.com/
Redirect Chain

https://idsync.rlcdn.com/458359.gif?partner_uid=d35814fa-e38c-9b31-0b48-6686384f2dbd
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGQzNTgxNGZhLWUzOGMtOWIzMS0wYjQ4LTY2ODYzODRmMmRiZBAAGg0I6YPmhAYSBQjoBxAAQgBKAA
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=1fa6ba6cefbe23f423b51a3ae1945f59408f65a8ccfc4cba53051fcb0714a9656ac34734d8e453ee

37 B
335 B

113ms
43ms

Image
image/gif

34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=1fa6ba6cefbe23f423b51a3ae1945f59408f65a8ccfc4cba53051fcb0714a9656ac34734d8e453ee
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
via: 1.1 google
content-type: image/gif
alt-svc: clear
content-length: 37
x-samesite: secure

Redirect headers

date: Mon, 10 May 2021 18:56:41 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=1fa6ba6cefbe23f423b51a3ae1945f59408f65a8ccfc4cba53051fcb0714a9656ac34734d8e453ee
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 29ms
21ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1620673000980&cv=9&fst=1620669600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.weleda.com%2Fabout-us&tiba=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&async=1&fmt=3&is_vtc=1&random=885808684&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
108 B 28ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1620673000980&cv=9&fst=1620669600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.weleda.com%2Fabout-us&tiba=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&async=1&fmt=3&is_vtc=1&random=885808684&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 77ms
37ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-57093936-21&cid=2039105689.1620673001&jid=413984329&gjid=956871270&_gid=619854934.1620673001&_u=aGDAAEALAAAAAG~&z=1177951183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 18:56:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.weleda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-35972047-1&cid=2039105689.1620673001&jid=2097015383&_u=aGBAgEALAAAAAE~&z=316929283

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-35972047-1&cid=2039105689.1620673001&jid=2097015383&_u=aGBAgEALAAAAAE~&z=316929283

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
197 B 143ms
88ms XHR
text/plain 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.174fc5ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1127892632022822
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3019 102 B
131 B 17ms
16ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=npGaewopg1UaB8CNtYfx-y1j

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0969f0ca46a6f19d27f76e8ed98f974395121d227c3085ed9325a63ccce3102

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=db7oi2u9x2jd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 10 May 2021 18:56:41 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/853599953/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853599953/?random=1620673001022&cv=9&fst=1620669600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.weleda.com%2Fabout-us&tiba=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&async=1&fmt=3&is_vtc=1&random=520833941&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/853599953/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853599953/?random=1620673001022&cv=9&fst=1620669600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.weleda.com%2Fabout-us&tiba=About%20Us%20%7C%20Weleda%20Natural%20Skin%20Care&async=1&fmt=3&is_vtc=1&random=520833941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-57093936-21&cid=2039105689.1620673001&jid=413984329&_u=aGDAAEALAAAAAG~&z=636487605

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-57093936-21&cid=2039105689.1620673001&jid=413984329&_u=aGDAAEALAAAAAG~&z=636487605

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3834 102 B
131 B 18ms
17ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=npGaewopg1UaB8CNtYfx-y1j

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0969f0ca46a6f19d27f76e8ed98f974395121d227c3085ed9325a63ccce3102

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&co=aHR0cHM6Ly93d3cud2VsZWRhLmNvbTo0NDM.&hl=en&v=npGaewopg1UaB8CNtYfx-y1j&size=normal&cb=p9joolxult49
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 10 May 2021 18:56:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=567911746891458&ev=PageView&dl=https%3A%2F%2Fwww.weleda.com%2Fabout-us&rl=&if=false&ts=1620673001403&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620673001402.549694259&it=1620673000969&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=l0&rqm=GET

Requested by

Host: www.weleda.com
URL: https://www.weleda.com/about-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 10 May 2021 18:56:41 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2A31 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=sxxugzjf0v5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8db9e05891857d609a943d0976e15a403cf19949b6bb728d3fab8641150a43cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-skQgQcU9azAJsgPcpb9lDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=sxxugzjf0v5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.weleda.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 May 2021 18:56:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-skQgQcU9azAJsgPcpb9lDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9162 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=8vz22k2pplpi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9af0e8ba8651814356cc07949ef38ea0f1aff07da97c1c50991cad194b3d3e22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mdiGbUveuMrt9Us7y9DEDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=8vz22k2pplpi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.weleda.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.weleda.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 May 2021 18:56:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-mdiGbUveuMrt9Us7y9DEDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 15ms
8ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymAxThgjnpCvHgBw5

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 10 May 2021 18:56:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.weleda.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 remote.js Show response
www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/ Frame 164F 97 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a012d3fd1a6ca8bd5e935ab46b8dbd8649291eba5f8c0531193a2e3fe034262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 359902
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32882
x-xss-protection: 0
expires: Fri, 06 May 2022 14:58:19 GMT

GET
H3-29 200 MXHSWTHf_SnYpRbSq_1iK8cgQMfa2xmRjaEli5VOIts.js Show response
www.google.com/js/th/ Frame 164F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/MXHSWTHf_SnYpRbSq_1iK8cgQMfa2xmRjaEli5VOIts.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3171d25931dffd29d8a516d2abfd622bc72040c7dadb19918da1258b954e22db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 09:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 34173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13249
x-xss-protection: 0
expires: Tue, 10 May 2022 09:27:08 GMT

GET
H3-29 200 embed.js Show response
www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/ Frame 164F 24 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de9a17ef3df7449abe4806ba44917c4c532c86b3d1d7dcd24e31838c0e0437d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 360006
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7717
x-xss-protection: 0
expires: Fri, 06 May 2022 14:56:35 GMT

GET
DATA 200
OK truncated
/ Frame 164F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwng2QgXQb0x8n1IIkRGMHnZgComkp7UIJufhLy5MFw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 164F 984 B
1 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwng2QgXQb0x8n1IIkRGMHnZgComkp7UIJufhLy5MFw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

06d7389c32435c35621d086024fa6073a75b0553932340adf1488cf6917425bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:19:33 GMT
x-content-type-options: nosniff
age: 5828
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 984
x-xss-protection: 0
server: fife
etag: "v17d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 06 May 2021 10:45:44 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/wX0I-UBZIPI/ Frame 164F 78 KB
78 KB 40ms
39ms Image
image/webp 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/wX0I-UBZIPI/maxresdefault.webp

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb2bccbd950ddb9362682380bd7d2042798884d7223bb4365bb96646439f30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
x-content-type-options: nosniff
server: sffe
etag: "1598389647"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80058
x-xss-protection: 0
expires: Mon, 10 May 2021 20:56:41 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 2A31 51 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=sxxugzjf0v5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
age: 6667
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Tue, 10 May 2022 17:05:34 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 2A31 335 KB
131 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=sxxugzjf0v5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99416b76ef60008edc2057882bfb782e731a5a32264d60c7f2a5f69e577c618d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133814
x-xss-protection: 0
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:26:45 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 9162 51 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=8vz22k2pplpi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 17:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
age: 6667
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Tue, 10 May 2022 17:05:34 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/ Frame 9162 335 KB
131 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/npGaewopg1UaB8CNtYfx-y1j/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=npGaewopg1UaB8CNtYfx-y1j&k=6LcwBqIUAAAAAPmQyaTFRkzsylj34jWS6_9aecrf&cb=8vz22k2pplpi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99416b76ef60008edc2057882bfb782e731a5a32264d60c7f2a5f69e577c618d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133814
x-xss-protection: 0
last-modified: Mon, 03 May 2021 04:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:26:45 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 164F 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/838cc154/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 10 May 2021 18:56:41 GMT

GET
H3-29 204 generate_204
www.youtube-nocookie.com/ Frame 164F 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?4pDZug
Requested by: Host: www.weleda.com
URL: https://www.weleda.com/about-us
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 18:56:42 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.weleda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryn5i5n7kIkLlZf2Bs

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 10 May 2021 18:56:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.weleda.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H2 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 164F 28 B
278 B 19ms
19ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/838cc154/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/wX0I-UBZIPI?controls=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.weleda.com&widgetid=1
X-YouTube-Client-Version: 1.20210505.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgsyZkVWTGJpUTNfdyjog-aEBg%3D%3D
X-YouTube-Ad-Signals: dt=1620673001602&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C992%2C558&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 10 May 2021 18:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 10 May 2021 18:56:51 GMT

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.weleda.com/	1970-01-19 20:20:49	Name: _fbp Value: fb.1.1620673001402.549694259
.weleda.com/	1970-01-20 02:56:49	Name: _pin_unauth Value: dWlkPVl6RTRNekZpWVdFdFl6VXdNUzAwTWpBMExUbG1ZMkV0TnpSaE9XWXdaVEpsWVRsbQ
.weleda.com/	1970-01-20 02:56:49	Name: stc120236 Value: tsa:1620673001343.1236642188.1549473.8286277485597737.:20210510192641\|env:1%7C20210610185641%7C20210510192641%7C1%7C1097640:20220510185641\|uid:1620673001342.562138493.542984.120236.1706426954.6:20220510185641\|srchist:1097640%3A1%3A20210610185641:20220510185641

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
X-Content-Security-Policy	frame-ancestors 'self' weleda.sabio.de
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tsyhelm.com
bat.bing.com
cdn.mouseflow.com
cdnjs.cloudflare.com
connect.facebook.net
consent.linksynergy.com
ct.pinterest.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
one-lnk.com
s.pinimg.com
secure.adnxs.com
stats.g.doubleclick.net
tag.rmp.rakuten.com
tags.rd.linksynergy.com
ut.ra.linksynergy.com
weledaint-prod.global.ssl.fastly.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.weleda.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
142.250.185.194
151.101.112.84
151.101.13.194
172.217.23.102
185.33.220.240
185.33.221.11
2.18.232.130
2001:1af8:4700:a158:121:0:1:90
23.111.9.38
2606:4700::6810:135e
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::84
3.23.3.38
34.102.147.248
34.98.67.3
35.241.23.116
35.244.174.68
65.9.97.43
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06d7389c32435c35621d086024fa6073a75b0553932340adf1488cf6917425bf
0927d50af6e8720020e4676afb22e29d4f5d3fbc26bf35b258c43c9b29744283
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12e9fae6023d86ae9da84f0fda9ecf80853971024b3869226f296b2791d42b6c
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
2a012d3fd1a6ca8bd5e935ab46b8dbd8649291eba5f8c0531193a2e3fe034262
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3171d25931dffd29d8a516d2abfd622bc72040c7dadb19918da1258b954e22db
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
32f5e862339cb9bdd39fcaa7370da6d37528ba2873bc7bc92e8b9a3067af16dc
337c5824e8502220398b84ba82ac409c2139beba4083b7f9d430911f6038b69f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3a18cdd3ac48230cc57d94e6bcc304d5e635d1d1c1ab4843d077776f3b2d982c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
404e274d3a873a64669fdc0cf5432b25c544dc28c354c715394211995448e864
458f0d6ddd69b45ae8a3858e346eb5c4dd6557d07a6f93e41819ceca18003603
470954786f9f758f5ef08c422a02359baf96a23a9391e39b9a654f3161749504
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c4056c042180b15422accdb377a3d74d87785e6ba63d4d3f19493a6aed3cbb6
6e3c0b6ce19481e248061e663185c2dfd798dadb235c58ad8599c941477a51c2
7d95ac4ea48475884c2ff1ffee5bb336cbde61170eafdf92a4aca173871323d0
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b6ab988b18c2b7f2c02bde491aee843951b4689a1514c5e0770cf50498ff55d
8db9e05891857d609a943d0976e15a403cf19949b6bb728d3fab8641150a43cf
91f2edda3944cabfc1c287b09904319fa299a6414ae12c5047f7cd057f0b2ed5
94018fba2a88a2723351208aed5ca2e3dcfdabd209d9a02e43fa1646b45c9084
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
94e24988d5ce67dd20c5fe85702263bf99f2174e8bab68e567080dd9f0d5e54e
9731c02ae6eaf41be969881c52bfe42e70f7ca6962a3b4e163a69be177298e55
99416b76ef60008edc2057882bfb782e731a5a32264d60c7f2a5f69e577c618d
9af0e8ba8651814356cc07949ef38ea0f1aff07da97c1c50991cad194b3d3e22
9cb2bccbd950ddb9362682380bd7d2042798884d7223bb4365bb96646439f30a
a00f732839bedc18758b9b373da28d15ccfe9a156f6b611feb13033152fb7a65
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aaceaf681d1e0d30b7edd04b7a93464a81c6616a4d2f9207015288258d26b2ba
b0969f0ca46a6f19d27f76e8ed98f974395121d227c3085ed9325a63ccce3102
b1050023a289a09939fdd6f6dfff5be0fd07f105c70c71c594825f9fa625bb31
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c009a2b3c60b11c54854c6bd1262c0f01578a582d084e20a8cd282ce7b07e2bd
c4a591327de9f9f5ff621be988b37cd7219f213db6727b0719b995e5b688df86
cf592ded5e37c31c3e1df0010cb88f9e742411dc388ba1a9da05d6b562c52d1a
d170923c43506a271926839082b422a61ee694cab65cc987917fc29df9610772
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dde9bd69e383dd3c2a5bf40418b5689b5b1a763e83c0d249335fe0f3a3cd5e62
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de9a17ef3df7449abe4806ba44917c4c532c86b3d1d7dcd24e31838c0e0437d4
e31d14b8c5505637012e8570bde2526e21e2c65520dc23783f685d309dc73749
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cc426ad6c796f7ad7bbd69d8068dbc66b65eaebe73e33d4c80e6e2543e2333
e4fc14b506094638e5299d3cec5e2940ffe41bc978a4497d52b0eb17cc4ce47b
e5f5976a9951ccc9633713128a757238fe10f5213823283eb8d617e396d8a962
e663f9202f29e3842b835ba180b3bdff56aa3047d63d1b094821cdf778133813
ea5ba02133d4741a48515f590569b8a33c40499b3c14a59f60bfdcef2b276d9e
ea9a39cb1c8f282b7c510a478c0cbadcba172d3692ba22d335c3e0977bf88189
eb1fcc87563c225dea39c6df4128636f3b148f58a62b8f7ed79592f0ea6784ba
ed39c42e5f1cd537dad0c92d3dc9161772010b6978d8b9533dd85e66e4184ee8
ed5133bdb5a30932cbbcef2eacf3b4824d73a8fb0b01954800374aaf0b416d66
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f485685cc5c89ad62d41032539b6c894879a6761f8a520663a445c02056009a3
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12
ffbd55a6177d59750ac56f40a60a8f8dde3377342d000843bb5bb76ca6fbc1d4

www.weleda.com Open in urlscan Pro 2001:1af8:4700:a158:121:0:1:90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

94 Requests

100 %HTTPS

62 %IPv6

26 Domains

35 Subdomains

34 IPs

4 Countries

3383 kBTransfer

9364 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.weleda.com Open in urlscan Pro
2001:1af8:4700:a158:121:0:1:90 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

100 %
HTTPS

62 %
IPv6

26
Domains

35
Subdomains

34
IPs

4
Countries

3383 kB
Transfer

9364 kB
Size

3
Cookies

94 HTTP transactions
2 data transactions