ma.oriflame.com Open in urlscan Pro
20.93.235.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://login.oriflame.one/
Effective URL:
https://ma.oriflame.com/
Submission: On March 12 via api (March 12th 2023, 1:37:38 am UTC) from US — Scanned from US

Summary HTTP 130 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 11 domains to perform 130 HTTP transactions. The main IP is 20.93.235.241, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ma.oriflame.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on June 15th 2022. Valid for: a year.

This is the only time ma.oriflame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.172.150.143 163.172.150.143	12876 (Online SAS) (Online SAS)
12	20.93.235.241 20.93.235.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
66	152.195.19.97 152.195.19.97	15133 (EDGECAST) (EDGECAST)
23	13.107.226.40 13.107.226.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.40.232 142.251.40.232	15169 (GOOGLE) (GOOGLE)
7	20.93.237.24 20.93.237.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	108.138.106.101 108.138.106.101	16509 (AMAZON-02) (AMAZON-02)
1	142.250.65.174 142.250.65.174	15169 (GOOGLE) (GOOGLE)
1	18.164.96.46 18.164.96.46	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.52 18.164.96.52	16509 (AMAZON-02) (AMAZON-02)
1	52.212.98.141 52.212.98.141	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	34.253.152.182 34.253.152.182	16509 (AMAZON-02) (AMAZON-02)
2	20.42.73.140 20.42.73.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.156.40.242 35.156.40.242	16509 (AMAZON-02) (AMAZON-02)
130	19

1 163.172.150.143 (France)

ASN12876 (Online SAS, FR)
PTR: 143-150-172-163.instances.scw.cloud

login.oriflame.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.93.235.241 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ma.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)

media-afr-cdn.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-we-cdn.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clientapp-cdn.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 13.107.226.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api-static.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.232 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.93.237.24 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

graphql-we.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.174 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-52.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.98.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-98-141.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.152.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-152-182.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.73.140 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.40.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-40-242.eu-central-1.compute.amazonaws.com

apps.mypurecloud.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
108	oriflame.com ma.oriflame.com media-afr-cdn.oriflame.com static.oriflame.com — Cisco Umbrella Rank: 541753 assets-we-cdn.oriflame.com clientapp-cdn.oriflame.com — Cisco Umbrella Rank: 530641 api-static.oriflame.com — Cisco Umbrella Rank: 585168 graphql-we.oriflame.com Failed	2 MB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 607 script.hotjar.com — Cisco Umbrella Rank: 738 in.hotjar.com — Cisco Umbrella Rank: 1662	73 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	21 KB
2	mypurecloud.de apps.mypurecloud.de — Cisco Umbrella Rank: 55071	121 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 783	281 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	562 B
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2162 content.hotjar.io — Cisco Umbrella Rank: 6133	419 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 892	44 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	106 KB
1	oriflame.one login.oriflame.one	441 B
130	11

	Domain	Requested by
27	clientapp-cdn.oriflame.com	ma.oriflame.com clientapp-cdn.oriflame.com assets-we-cdn.oriflame.com
23	api-static.oriflame.com	assets-we-cdn.oriflame.com
20	assets-we-cdn.oriflame.com	ma.oriflame.com assets-we-cdn.oriflame.com
12	media-afr-cdn.oriflame.com	ma.oriflame.com
12	ma.oriflame.com	login.oriflame.one assets-we-cdn.oriflame.com
7	graphql-we.oriflame.com	assets-we-cdn.oriflame.com
7	static.oriflame.com	ma.oriflame.com static.oriflame.com
3	www.google-analytics.com	login.oriflame.one www.google-analytics.com
2	apps.mypurecloud.de	clientapp-cdn.oriflame.com apps.mypurecloud.de
2	dc.services.visualstudio.com	assets-we-cdn.oriflame.com
2	www.google.com	ma.oriflame.com
1	content.hotjar.io	assets-we-cdn.oriflame.com
1	stats.g.doubleclick.net	assets-we-cdn.oriflame.com
1	in.hotjar.com	assets-we-cdn.oriflame.com
1	vc.hotjar.io	assets-we-cdn.oriflame.com
1	script.hotjar.com	static.hotjar.com
1	www.googleoptimize.com	www.googletagmanager.com
1	static.hotjar.com	login.oriflame.one
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	clientapp-cdn.oriflame.com
1	login.oriflame.one
130	21

This site contains no links.

Subject Issuer	Validity	Valid
*.oriflame.com Trusted Secure Certificate Authority 5	`2022-06-15` - `2023-07-16`	a year	crt.sh
sni55cbgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-03-25`	a year	crt.sh
static.oriflame.com Trusted Secure Certificate Authority 5	`2023-02-13` - `2024-02-13`	a year	crt.sh
sni2a484gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-07-19`	a year	crt.sh
api-static.oriflame.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-03` - `2023-11-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-02-17` - `2024-02-12`	a year	crt.sh
mypurecloud.de Amazon	`2022-09-20` - `2023-10-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ma.oriflame.com/
Frame ID: A36B8192A6270B5E74A5F6790B5BD835
Requests: 115 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oriflame Cosmetics | Oriflame Cosmetics

Page URL History Show full URLs

http://login.oriflame.one/ Page URL
https://ma.oriflame.com/ Page URL

Detected technologies

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+/widgets/([\d.]+)
apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

130
Requests

97 %
HTTPS

11 %
IPv6

11
Domains

21
Subdomains

19
IPs

5
Countries

2495 kB
Transfer

8398 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://login.oriflame.one/ Page URL
https://ma.oriflame.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
login.oriflame.one/ 103 B
441 B 277ms
85ms Document
text/html 163.172.150.143
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://login.oriflame.one/
Protocol: HTTP/1.1
Server: 163.172.150.143 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 143-150-172-163.instances.scw.cloud
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 105
Content-Type: text/html
Date: Sun, 12 Mar 2023 01:37:28 GMT
ETag: "67-5f211d9ea201f-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 12 Jan 2023 14:22:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request / Show response
ma.oriflame.com/ 114 KB
23 KB 303ms
94ms Document
text/html 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/

Requested by

Host: login.oriflame.one
URL: http://login.oriflame.one/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6568a9652e76dc2d908d7cc024314929746e9afd5476dc057a23a5872e9dd5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: http://login.oriflame.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: s-maxage=1200, stale-while-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 01:37:28 GMT
ETag: "asxnhw94jk2hdc"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
request-context: appId=cid-v1:
x-nextjs-cache: HIT

GET
H2 200 contentImage
media-afr-cdn.oriflame.com/ 51 KB
51 KB 1208ms
790ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=1d8bb3be-f152-48e7-8fd9-92ffe2fc3331&name=17395597_2&inputFormat=jpg&w=1600&bc=%23f5f5f5&ib=%23f5f5f5&q=80

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D120) /

Resource Hash

be78f13b5e6d01ce87c79f88121656f253231b798563d1fe5ef0828aedadcc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
strict-transport-security: max-age=16070400; includeSubDomains
server: ECAcc (nyd/D120)
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=604800
content-length: 51888
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 font-sans-ori.css
static.oriflame.com/fonts/v2/ 1 KB
417 B 481ms
31ms Stylesheet
text/css 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Requested by: Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D189) /
Resource Hash: a2aac6320b1399d98e193000ee859ebcfbb4c29b72939e5770487e385d711101

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
content-md5: o3NyudBIIqumAmcnkaTB4A==
age: 563653
x-cache: HIT
content-length: 261
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 07:54:20 GMT
server: ECAcc (nyd/D189)
etag: 0x8DB1961002B7AB7
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5b2e06e8-001e-0074-5f62-4f54cc000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Sun, 19 Mar 2023 01:37:28 GMT

GET
H2 200 sans-regular.woff2
static.oriflame.com/fonts/v2/fonts/ 48 KB
48 KB 484ms
34ms Font
font/woff2 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/fonts/sans-regular.woff2
Requested by: Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D107) /
Resource Hash: 376b936162580acef2fb006d53dfb5be47031613e2b373411e6f3bf35baab7bd

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:28 GMT
content-md5: 7gly7J4j6fNmUCw4ga6ckg==
age: 563650
x-cache: HIT
content-length: 48876
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 07:54:20 GMT
server: ECAcc (nyd/D107)
etag: 0x8DB196100320973
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 3eeb7e06-a01e-0099-7862-4f1f81000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 19 Mar 2023 01:37:28 GMT

GET
H2 200 font-sans-condensed-ori.css
static.oriflame.com/fonts/v2/ 1 KB
398 B 481ms
32ms Stylesheet
text/css 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Requested by: Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D167) /
Resource Hash: a150bb5483cb315d11a809402e98626d9e66a7d2aa1be6afe6cacb55895e4aa6

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
content-md5: m8TKYxcl8oGnwcXVvsTPWg==
age: 551682
x-cache: HIT
content-length: 269
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 07:54:20 GMT
server: ECAcc (nyd/D167)
etag: 0x8DB196100289507
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cdf6584d-b01e-0013-4b7e-4f4430000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Sun, 19 Mar 2023 01:37:28 GMT

GET
H2 200 vendor.bundle.js Show response
static.oriflame.com/shared-libs/v2/ 2 MB
570 KB 466ms
33ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/shared-libs/v2/vendor.bundle.js
Requested by: Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D106) /
Resource Hash: c39939d932456cca600fed9b48ea2f82d22afab763697d54d2cd4f91e722ffad

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
content-md5: pncCSxEVPZAf1ykrgfX6yQ==
age: 563761
x-cache: HIT
content-length: 583516
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 09:54:24 GMT
server: ECAcc (nyd/D106)
etag: 0x8DA75FF4FFC978F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 99795175-301e-0022-6f62-4fa523000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Sun, 19 Mar 2023 01:37:28 GMT

GET
H2 200 vendor.bundle.js Show response
static.oriflame.com/shared-libs/v3/ 1 MB
389 KB 438ms
5ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/shared-libs/v3/vendor.bundle.js
Requested by: Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D139) /
Resource Hash: 061e885209a0666a01ae075f9cfcb9ef5e1c7f38b631cb53687984d9b37c2866

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
content-md5: 47sFAQ7CWO99mw/UgJPdiA==
age: 472913
x-cache: HIT
content-length: 398138
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 09:29:29 GMT
server: ECAcc (nyd/D139)
etag: 0x8DB196E4AC11AA6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 722c1ced-801e-0018-2536-50bf5b000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Sun, 19 Mar 2023 01:37:28 GMT

GET
H2 200 93bf9b150e472e22.css
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/css/ 327 B
351 B 429ms
12ms Stylesheet
text/css 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/css/93bf9b150e472e22.css

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D115) /

Resource Hash

46bee27500c0e6c078c0b99bcd935f7dc16e67ed83f7e56f3a466a915fdf0485

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 20 Feb 2023 08:41:03 GMT
server: ECAcc (nyd/D115)
age: 1442721
etag: W/"147-1866dfbc918"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 197
request-context: appId=cid-v1:25218284-61cd-4163-b155-dfc4560b5bea

GET
H2 200 webpack-c9ec00029aa379be.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 6 KB
3 KB 411ms
11ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-c9ec00029aa379be.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D107) /

Resource Hash

a129c69dac6c7b8f672a45ddec1d579a69512d6bb96a037c6130b8f8735f0a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D107)
age: 467765
etag: W/"17c6-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 2587
request-context: appId=cid-v1:

GET
H2 200 framework-6c0853bb38f5a729.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 140 KB
45 KB 413ms
14ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/framework-6c0853bb38f5a729.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D14A) /

Resource Hash

c8bdfe80d5b8b1c3de37d85a2e657a6e259fec8df45da4922092c8294ad3a427

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 20 Feb 2023 08:41:04 GMT
server: ECAcc (nyd/D14A)
age: 1442590
etag: W/"231e0-1866dfbcd00"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 45703
request-context: appId=cid-v1:25218284-61cd-4163-b155-dfc4560b5bea

GET
H2 200 main-dd59dcd25eda1aee.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 107 KB
32 KB 421ms
22ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D168) /

Resource Hash

d215af6c9785751714c32d4beb1a6b918fdd825865d18c50ea235bb0f8b57982

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D168)
age: 467765
etag: W/"1ac2a-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 32678
request-context: appId=cid-v1:

GET
H2 200 _app-fa6caa4d232934b2.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/ 236 KB
78 KB 422ms
23ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D189) /

Resource Hash

71550096cffbca95bc3e191bfc63799522dfaa67e12f6eb91183918672966d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:17 GMT
server: ECAcc (nyd/D189)
age: 467765
etag: W/"3aef5-186b7833dc8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 80189
request-context: appId=cid-v1:

GET
H2 200 8f9db12d-c85e812c56486517.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 364 KB
36 KB 414ms
15ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/8f9db12d-c85e812c56486517.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D16B) /

Resource Hash

1f215cd6e0916d64f3100cac183856c309a07be689211398d86a3c4c55dc73d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:41 GMT
server: ECAcc (nyd/D16B)
age: 467765
etag: W/"5b13c-186b7839b88"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 37254
request-context: appId=cid-v1:

GET
H2 200 dd451e1e-9e5d34948d741dcf.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 229 KB
20 KB 24ms
10ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/dd451e1e-9e5d34948d741dcf.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D19A) /

Resource Hash

155d76829f7fe4e9458c5de93bc98745fb3e1a36b0d0c1f32f398a63ffeed838

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:16 GMT
server: ECAcc (nyd/D19A)
age: 467663
etag: W/"39270-186b78339e0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 20729
request-context: appId=cid-v1:

GET
H2 200 c6cf4848-46d69571ed63d978.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 224 KB
23 KB 25ms
11ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/c6cf4848-46d69571ed63d978.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D176) /

Resource Hash

42cb425670ea3c8f3f4b3eed6593741b3d054a3e5f5eb0d06900458eb5b37315

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:16 GMT
server: ECAcc (nyd/D176)
age: 467765
etag: W/"380f1-186b78339e0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 22971
request-context: appId=cid-v1:

GET
H2 200 80f08544-3a33e0da3f43b899.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 77 KB
20 KB 29ms
15ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/80f08544-3a33e0da3f43b899.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D128) /

Resource Hash

01ae8382b2a46fe9eb0a33d9e099ea940d4d9065c84867830b9ab7e0010e5a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:27 GMT
server: ECAcc (nyd/D128)
age: 467663
etag: W/"13232-186b78364d8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 20208
request-context: appId=cid-v1:

GET
H2 200 921-f31607a7b0f866c6.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 108 KB
29 KB 23ms
9ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/921-f31607a7b0f866c6.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D158) /

Resource Hash

3b81df53f185414ed2c08a864144ad7c47f2e2bf76187fbee8eb9db48411d855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 20 Feb 2023 08:41:04 GMT
server: ECAcc (nyd/D158)
age: 1443204
etag: W/"1af0f-1866dfbcd00"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 29192
request-context: appId=cid-v1:25218284-61cd-4163-b155-dfc4560b5bea

GET
H2 200 488-346a5fa58edd9878.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 535 KB
134 KB 37ms
23ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/488-346a5fa58edd9878.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D116) /

Resource Hash

e71b3f33cc08689579be391f67ae92dbd5bf3d649c0d90cf215e9f084d7389f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D116)
age: 467765
etag: W/"85c67-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 137444
request-context: appId=cid-v1:

GET
H2 200 719-0407992e9ebd292b.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 281 KB
75 KB 32ms
18ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/719-0407992e9ebd292b.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D127) /

Resource Hash

5d3c33c67e17636af522847e85720e419ebd1274fc7fcd4f3667a805f7762a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D127)
age: 467765
etag: W/"464e9-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 76213
request-context: appId=cid-v1:

GET
H2 200 %5Blanguage%5D-7c1adc01e0854be5.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/internal/%5Btenant%5D/ 36 KB
10 KB 28ms
14ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/internal/%5Btenant%5D/%5Blanguage%5D-7c1adc01e0854be5.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D109) /

Resource Hash

b499b857821b02d551c429ca6608c4172f6f17e6bd27f13ee0897421e6faf52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:17 GMT
server: ECAcc (nyd/D109)
age: 467765
etag: W/"9136-186b7833dc8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 10563
request-context: appId=cid-v1:

GET
H2 200 _buildManifest.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/dZ6eizejfnlAVlmQdx5f7/ 1 KB
627 B 42ms
28ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/dZ6eizejfnlAVlmQdx5f7/_buildManifest.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D142) /

Resource Hash

dc20a98002068ab0b26304e26f056c9a576f8817d67fbba17ebdacb215377db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D142)
age: 467663
etag: W/"45d-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 551
request-context: appId=cid-v1:

GET
H2 200 _ssgManifest.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/dZ6eizejfnlAVlmQdx5f7/ 138 B
182 B 32ms
19ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/dZ6eizejfnlAVlmQdx5f7/_ssgManifest.js

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D135) /

Resource Hash

a63ededc02db05692509d12688ace4b334aeee7d6f0cc6c43adfe2b3fb7fcd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:28 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:17 GMT
server: ECAcc (nyd/D135)
age: 467413
etag: W/"8a-186b7833dc8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 107
request-context: appId=cid-v1:

GET contentImage
media-afr-cdn.oriflame.com/ 0
0

GET
H2 200 contentImage
media-afr-cdn.oriflame.com/ 46 KB
46 KB 794ms
396ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=f9962146-d877-43ea-b103-13bb478feab3&name=17395603_2&inputFormat=jpg&w=1600&bc=%23f5f5f5&ib=%23f5f5f5&q=80

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D120) /

Resource Hash

97c49384cde976ceabe09955cad609335deac11a6b299bc623b019ff8135de7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
strict-transport-security: max-age=16070400; includeSubDomains
server: ECAcc (nyd/D120)
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=604800
content-length: 46932
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 contentImage
media-afr-cdn.oriflame.com/ 40 KB
40 KB 802ms
408ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=e2d796f2-9817-427f-a88e-7cdfec85e314&name=17395608_2&inputFormat=jpg&w=1600&bc=%23f5f5f5&ib=%23f5f5f5&q=80

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D120) /

Resource Hash

d83db43447682c15de679d9ec4c04140dcc3180168c219d9110015db5bd7016f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
strict-transport-security: max-age=16070400; includeSubDomains
server: ECAcc (nyd/D120)
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=604800
content-length: 41023
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/analytics-provider/ 630 B
584 B 118ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/analytics-provider/index.js
Requested by: Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D16F) /
Resource Hash: a07a12e751744365b68a24da14d6e4eda83e988bb9395eb80b9a854f9ab5ac34

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
content-md5: GoxR0hIYSeg68fzAyDEH1Q==
age: 407
x-cache: HIT
content-length: 404
x-ms-lease-status: unlocked
last-modified: Tue, 08 Nov 2022 09:54:22 GMT
server: ECAcc (nyd/D16F)
etag: 0x8DAC16F36328009
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 23ce2d1f-101e-000a-6882-54475d000000
cache-control: max-age=900
x-ms-version: 2009-09-19
expires: Sun, 12 Mar 2023 01:52:29 GMT

GET
H2 200 sans-bold.woff2
static.oriflame.com/fonts/v2/fonts/ 50 KB
50 KB 8ms
7ms Font
font/woff2 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/fonts/sans-bold.woff2
Requested by: Host: static.oriflame.com
URL: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D106) /
Resource Hash: 4c18728afd784259d9f58cb89e53a1a9de32a13096a6507ea8662337c40a842d

Request headers

Referer: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-md5: lqYUnDoO1x2RJ1n+GwJ5mg==
age: 563374
x-cache: HIT
content-length: 51124
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 07:54:21 GMT
server: ECAcc (nyd/D106)
etag: 0x8DB19610046EDEA
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: dfb3982f-a01e-0052-3563-4f1cd4000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 19 Mar 2023 01:37:29 GMT

GET
H2 200 sans-condensed-bold.woff2
static.oriflame.com/fonts/v2/fonts/ 46 KB
46 KB 8ms
8ms Font
font/woff2 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/fonts/sans-condensed-bold.woff2
Requested by: Host: static.oriflame.com
URL: https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D11F) /
Resource Hash: 786131c7336f090016f4b1d451fcf5f9c423dba8961f7a63f3c655c3f2ed69aa

Request headers

Referer: https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-md5: Re1FYWahJI/Zo1a8EFQV/g==
age: 561834
x-cache: HIT
content-length: 46708
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 07:54:20 GMT
server: ECAcc (nyd/D11F)
etag: 0x8DB1961003C8F34
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: f91215fd-b01e-0071-3567-4f8617000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 19 Mar 2023 01:37:29 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/analytics-provider/2.0.0/ 8 KB
3 KB 7ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/analytics-provider/2.0.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/analytics-provider/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D164) /
Resource Hash: 5f4cf8472e9ede122c057aff621af5793ca0081a332ede419a92ad20bdef64c9

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
content-md5: Wx8ZVHbLQHcKQEH9mKG6nQ==
age: 10683198
x-cache: HIT
content-length: 3273
x-ms-lease-status: unlocked
last-modified: Tue, 08 Nov 2022 09:52:52 GMT
server: ECAcc (nyd/D164)
etag: 0x8DAC16F00F010F0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb4a0941-a01e-000f-1a59-f39586000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:29 GMT

GET
H2 200 ori_whats-new-component.c4b278770571aaf9.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 13 KB
4 KB 7ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ori_whats-new-component.c4b278770571aaf9.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-c9ec00029aa379be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D165) /

Resource Hash

1bb169f5cff3dd4ef90ef1aa26f80e0719dfa840b2daf1bf78b0689cebc432b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D165)
age: 467412
etag: W/"3413-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 4118
request-context: appId=cid-v1:

GET
H2 200 884-296a34d45e2b8263.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 16 KB
5 KB 8ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/884-296a34d45e2b8263.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-c9ec00029aa379be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D14C) /

Resource Hash

0a3c82636f224e6520e2429fc09db2a72138eacf08ed724ef48b75c1f150c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:17 GMT
server: ECAcc (nyd/D14C)
age: 467541
etag: W/"3ed0-186b7833dc8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 4776
request-context: appId=cid-v1:

GET
H2 200 ori_newsletter-popup-component.788c05b5b3774d32.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 14 KB
4 KB 9ms
8ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ori_newsletter-popup-component.788c05b5b3774d32.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-c9ec00029aa379be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D154) /

Resource Hash

3a8080d4606aa9e31ec0b0bf73a0f7be29586829120a9ce9f05fd841a2bba305

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D154)
age: 467412
etag: W/"39c5-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 4326
request-context: appId=cid-v1:

HEAD
H/1.1 200
OK index.json
ma.oriflame.com/_next/data/dZ6eizejfnlAVlmQdx5f7/ 0
0 93ms
93ms Fetch
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/_next/data/dZ6eizejfnlAVlmQdx5f7/index.json?tenant=ma&language=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-7441459580b34cfa-01
request-id: |04821a38f6b04de8a1457c6800a99d80.7441459580b34cfa
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 01:37:29 GMT
x-nextjs-matched-path: /internal/[tenant]/[language]
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: "xxhedclurqusw"
Vary: Accept-Encoding
Content-Type: application/json
x-nextjs-cache: HIT
Cache-Control: s-maxage=1200, stale-while-revalidate
Connection: keep-alive
x-nextjs-rewrite: /internal/ma/fr-MA?tenant=ma&language=fr-MA/
Content-Length: 40440
request-context: appId=cid-v1:

OPTIONS
H2 200 ShopSection
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 612ms
181ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAAASA60MIb03T5GE1SlA20uQTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 catalogues
api-static.oriflame.com/tenants/Ma/ 0
0 547ms
171ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/catalogues
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAADZac+NxvlCTayqeKW1jjxfTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

GET
H2 200 ShopSection Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 65 KB
9 KB 579ms
577ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3132f26c6737a7d539cee03e022dfae4778e6311d551fe6b3b72bb9346d30b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAABuR9U8YggYR7I/cI9DJgpaTU5aMjIxMDYwNjExMDE3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Date,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAACd35acEmWLSJnS6e8bj9ZVTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 8870
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/basket-provider/ 622 B
552 B 28ms
14ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/basket-provider/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D12C) /
Resource Hash: b43b5da52d958ca790a5b4232e74d439b0aad04d3ce172a13850df62a94035b7

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
content-md5: N/d6U+0l5VjRsj5yylHhVQ==
age: 407
x-cache: HIT
content-length: 403
x-ms-lease-status: unlocked
last-modified: Mon, 06 Feb 2023 09:54:20 GMT
server: ECAcc (nyd/D12C)
etag: 0x8DB08281E6B800B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1ea2f1c6-001e-0074-4d82-54d71a000000
cache-control: max-age=900
x-ms-version: 2009-09-19
expires: Sun, 12 Mar 2023 01:52:29 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/outdated-browser-info/ 1 KB
2 KB 104ms
90ms Script
text/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 589615fe4fb715b83513a7854eab31bd2c05cccfc8988ba72dc336ad2233ef9c

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
last-modified: Thu, 14 Oct 2021 08:15:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D98EEAC96C9DC8
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: c7524321-f01e-002d-4983-545099000000
cache-control: max-age=900
x-ms-version: 2009-09-19
content-length: 1411
expires: Sun, 12 Mar 2023 01:52:29 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/basket-bubble/ 799 B
999 B 98ms
94ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/basket-bubble/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cb535376d9d137b3012a33e799aecf29fee4a2ca17ad70a7cb143668f5882b79

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
last-modified: Tue, 08 Mar 2022 10:44:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: HjTjp8ugysTIJGEgVnBTfA==
etag: 0x8DA00F0ACA827C1
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 333c11b5-601e-005d-3e83-54e96e000000
cache-control: max-age=900
x-ms-version: 2009-09-19
content-length: 799
expires: Sun, 12 Mar 2023 01:52:29 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/mini-shopping-bag/ 819 B
632 B 19ms
15ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/mini-shopping-bag/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D16C) /
Resource Hash: 53d581a08c9b0b030bafba5a2ef6266798aa39a1401f3b367d88efd8e2068b64

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
content-md5: BzHqvbdGKhfndjom40RgOA==
age: 406
x-cache: HIT
content-length: 483
x-ms-lease-status: unlocked
last-modified: Tue, 20 Sep 2022 13:24:51 GMT
server: ECAcc (nyd/D16C)
etag: 0x8DA9B0B7FB84CC5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9d0a601b-d01e-002a-1d82-543cfa000000
cache-control: max-age=900
x-ms-version: 2009-09-19
expires: Sun, 12 Mar 2023 01:52:29 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/product-info-dialog/ 829 B
634 B 21ms
17ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/product-info-dialog/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D12B) /
Resource Hash: d21fde3b696188b5f86126154cdf3169dd866d3bcb97f87e49abe33c1427837b

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
content-md5: PHE6vM3CyAY+u5tYba/TJQ==
age: 407
x-cache: HIT
content-length: 484
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 11:10:37 GMT
server: ECAcc (nyd/D12B)
etag: 0x8DB1657C211DA7E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 782bfff4-401e-004a-3882-544065000000
cache-control: max-age=900
x-ms-version: 2009-09-19
expires: Sun, 12 Mar 2023 01:52:29 GMT

GET
H/1.1 401
Unauthorized GetUserAccessTokenAsync
ma.oriflame.com/system/ajax/ApiGateway/ 2 KB
0 169ms
121ms Fetch
text/html 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/ApiGateway/GetUserAccessTokenAsync

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-requested-with: XMLHttpRequest
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-39ac86de37a14963-01
request-id: |04821a38f6b04de8a1457c6800a99d80.39ac86de37a14963
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-fetch-api: 1

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 01:37:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 788
Expires: -1

GET
H2 200 371.2bf7d562a8d129e6.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 128 KB
36 KB 7ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/371.2bf7d562a8d129e6.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-c9ec00029aa379be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D19D) /

Resource Hash

2c9446034c1f2cc1d718be3089f155beacbea4d54d983f0220ce1a1b0bc51984

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:17 GMT
server: ECAcc (nyd/D19D)
age: 467540
etag: W/"1ff16-186b7833dc8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 37000
request-context: appId=cid-v1:

GET
H2 200 catalogues Show response
api-static.oriflame.com/tenants/Ma/ 9 KB
1 KB 440ms
439ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/catalogues

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12635b36f4543c14524d287ef9e77ed4352cc9175ebaaa98d542c16678088f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAAAKU9zPjs5ET6/v0Cc5orEVTU5aMjIxMDYwNjEyMDM5AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Strict-Transport-Security,Date,Vary,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAAAM6TBvmDZ/SIFxvUKsW4BZTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 1376
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H/1.1 200
OK Translate Show response
ma.oriflame.com/system/ajax/Localization/ 454 B
1 KB 222ms
101ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/Localization/Translate?keys=AreYouSureToLeaveConversation&keys=ChatBot&keys=ChatIsActive&keys=ChatIsNotAvailableDueToOpeningHours&keys=ChatWithUs&keys=Customer&keys=EmailChatHistory&keys=No&keys=PrintChatHistory&keys=Send&keys=Yes&sc_lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-7cbf0409578b4a3b-01
accept-language: en-US,en;q=0.9
Request-Id: |04821a38f6b04de8a1457c6800a99d80.7cbf0409578b4a3b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Sun, 12 Mar 2023 01:37:29 GMT
X-Azure-Ref: 02iwNZAAAAABPHYxWIO5mSKDSsRBnoIZBQU1TMDRFREdFMTkyMQBiNzY5ZDMzYy1jOGYxLTQ5ZDAtODBhMy1jNWM3MWY4NjgyYjM=
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=687441c5ca76aa3a
X-Cache: TCP_HIT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Length: 454
Request-Context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 397 KB
106 KB 364ms
39ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Requested by

Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/analytics-provider/2.0.0/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

902572245ee13e93651f389e19174b4d2d1a0fd6e26eb6cd6e2ac36e74536859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Mar 2023 01:37:30 GMT

OPTIONS
H2 200 catalogues
api-static.oriflame.com/tenants/Ma/ 0
0 417ms
182ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/catalogues
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAABF5g2R/s7uT4hWnREbsorLTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 ShopSection
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 411ms
181ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAADwxfo2u9ajTo7HQTfFUyn/TU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

GET
H2 200 catalogues Show response
api-static.oriflame.com/tenants/Ma/ 9 KB
2 KB 426ms
426ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/catalogues

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12635b36f4543c14524d287ef9e77ed4352cc9175ebaaa98d542c16678088f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAAAKU9zPjs5ET6/v0Cc5orEVTU5aMjIxMDYwNjEyMDM5AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Strict-Transport-Security,Date,Vary,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAACkTXw7r6UrSYb5OFntuvTiTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 1376
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 ShopSection Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 65 KB
9 KB 577ms
577ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3132f26c6737a7d539cee03e022dfae4778e6311d551fe6b3b72bb9346d30b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAABuR9U8YggYR7I/cI9DJgpaTU5aMjIxMDYwNjExMDE3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Date,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAAD/h3phgJZrT4FRd5y8P/YCTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 8870
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H/1.1 200
OK GetSpaTokenAsync Show response
ma.oriflame.com/system/ajax/ApiGateway/ 1002 B
2 KB 96ms
96ms Fetch
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/ApiGateway/GetSpaTokenAsync

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8fbe7f597b3055c6c6b622162e76f86410197f84b1ac375ff4c08bf0498fa0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-requested-with: XMLHttpRequest
traceparent: 00-276f124108254ae283a3319baceb544f-36ab67941c034a2b-01
request-id: |276f124108254ae283a3319baceb544f.36ab67941c034a2b
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-fetch-api: 1

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 01:37:29 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=8e472f501aff2166
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Content-Length: 1002
Expires: -1

POST graphql
graphql-we.oriflame.com/ 0
0

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ 0
0 342ms
95ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sun, 12 Mar 2023 01:37:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/Ma/bazaarvoice/ 553 B
1 KB 127ms
27ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/bazaarvoice/configuration

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4797bb7c7f11c7daef73fdcda63295f8d0837d18fbda7f452a0814f5d2b8c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 12 Mar 2023 01:37:29 GMT
x-azure-ref-originshield: 02iwNZAAAAAAgMEA4Jp5wQLITqSAcbhPQTU5aMjIxMDYwNjEyMDM3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Encoding
x-cache: TCP_REMOTE_HIT
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Strict-Transport-Security,Content-Length,Date,Vary
cache-control: public, max-age=3240, stale-while-revalidate=324, stale-if-error=324
x-azure-ref: 02iwNZAAAAADfNXRJOwj1Q442+88KsYYTTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 553
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 contentImage
media-afr-cdn.oriflame.com/ 29 KB
29 KB 343ms
343ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=e910b345-7edc-438e-90f6-47be01a8ab1c&name=17395611_3&inputFormat=jpg&w=599&bc=%23f5f5f5&ib=%23f5f5f5&q=80

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D136) /

Resource Hash

afaa22f2fbe1f333089467760be022b41fc4eca50673662d5aa2e69076d7de33

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
server: ECAcc (nyd/D136)
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=604800
content-length: 29506
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 3 KB
3 KB 11ms
9ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F41107%2F41107.png%3Fversion%3D1652175022&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D15D) /

Resource Hash

4126ee7b0fb6dcc19a8850e444394253d338c9ad9122d92a00d732056f62fe28

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 01 Mar 2023 19:58:07 GMT
server: ECAcc (nyd/D15D)
age: 884363
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 2890
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 3 KB
3 KB 9ms
8ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F42118%2F42118.png%3Fversion%3D1652175025&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D15D) /

Resource Hash

9d8a423b11c09ea9f18b21f040c8220d11ba19b4b58978534a6deaa0506937cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 01 Mar 2023 20:10:45 GMT
server: ECAcc (nyd/D15D)
age: 883605
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3213
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F40952%2F40952.png%3Fversion%3D1656319501&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D15D) /

Resource Hash

15e7b97f40ea7aaff420fed3888b4a4ad8b17dcac4ec16ca0f30ebf983ffad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 01 Mar 2023 14:36:13 GMT
server: ECAcc (nyd/D15D)
age: 903677
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 5975
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/outdated-browser-info/1.2.1/ 60 KB
22 KB 10ms
10ms Script
text/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/1.2.1/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D153) /
Resource Hash: ca43a84357402328702af8b8e5f290dafeeeac4e18cbb5e2a6762e6e4d9ce21f

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
age: 405
x-cache: HIT
content-length: 21971
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 08:15:30 GMT
server: ECAcc (nyd/D153)
etag: 0x8D98EEAC96F370D
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: cf3a8ccb-b01e-003c-6d82-54ca2d000000
cache-control: max-age=900
x-ms-version: 2009-09-19
expires: Sun, 12 Mar 2023 01:52:30 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/ 60 KB
17 KB 10ms
10ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/basket-bubble/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D158) /
Resource Hash: 8843cce33dcc57a234d0e4f419045edb04f91da09ba4b32ae3199e429a4f2e1b

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: hxGwfK3SJz7b8G/pZxSHFg==
age: 29648694
x-cache: HIT
content-length: 17026
x-ms-lease-status: unlocked
last-modified: Tue, 08 Mar 2022 10:34:29 GMT
server: ECAcc (nyd/D158)
etag: 0x8DA00EF39B4D891
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29a7157f-001e-002f-18db-46f079000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 ori_best-offers-component.32fcb9e346927682.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 14 KB
4 KB 8ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ori_best-offers-component.32fcb9e346927682.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-c9ec00029aa379be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D165) /

Resource Hash

109aab3e1a8e6527c5ef5a41db39ff21db45f66230b6e2c44485ac80c393e49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:21:18 GMT
server: ECAcc (nyd/D165)
age: 448453
etag: W/"36d1-186b78341b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 4244
request-context: appId=cid-v1:

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/ 7 KB
3 KB 6ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/mini-shopping-bag/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D152) /
Resource Hash: 73f1966037b3e70127938b9c6d3b6933a4b4505c536c6ebdf6a6958531c577c9

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: qodmv9yLJ6M+yRQdqQFgdw==
age: 14904620
x-cache: HIT
content-length: 3054
x-ms-lease-status: unlocked
last-modified: Tue, 20 Sep 2022 13:23:14 GMT
server: ECAcc (nyd/D152)
etag: 0x8DA9B0B4602DEBB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7b83c49b-a01e-0042-2ff4-cc5a6a000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/ 3 KB
2 KB 6ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/product-info-dialog/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D15C) /
Resource Hash: 1a1834a7b22115296cc5658a12499261595f880172541e9162d398c0ecee6a00

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: XaJgT2EMz61m6p+4muwyOw==
age: 1347705
x-cache: HIT
content-length: 1762
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 11:08:27 GMT
server: ECAcc (nyd/D15C)
etag: 0x8DB16577498E933
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7560526f-b01e-002c-2641-480f45000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/basket-provider/1.18.0/ 31 KB
9 KB 6ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/basket-provider/1.18.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/basket-provider/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D144) /
Resource Hash: 391719edfb1709d07883135f5cd776be4b82c9e5b086cd4316b7cc2164b38c99

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: gdpm7R52AlAEkKImC/52Jg==
age: 2907271
x-cache: HIT
content-length: 8853
x-ms-lease-status: unlocked
last-modified: Mon, 06 Feb 2023 09:52:31 GMT
server: ECAcc (nyd/D144)
etag: 0x8DB0827DD2C6E2B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f4643a80-a01e-007d-4612-3a92c9000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H/1.1 200
OK Translate Show response
ma.oriflame.com/system/ajax/Localization/ 454 B
1 KB 97ms
97ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-cbf886b198884407-01
accept-language: en-US,en;q=0.9
Request-Id: |04821a38f6b04de8a1457c6800a99d80.cbf886b198884407
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Sun, 12 Mar 2023 01:37:30 GMT
X-Azure-Ref: 02iwNZAAAAABKoKSMa6x/TpgrqWNWvjseQU1TMDRFREdFMTkxNQBiNzY5ZDMzYy1jOGYxLTQ5ZDAtODBhMy1jNWM3MWY4NjgyYjM=
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=687441c5ca76aa3a
X-Cache: TCP_HIT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Length: 454
Request-Context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f

GET
H/1.1 200
OK Translate Show response
ma.oriflame.com/system/ajax/Localization/ 454 B
1 KB 87ms
86ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-df5b972a092448ec-01
accept-language: en-US,en;q=0.9
Request-Id: |04821a38f6b04de8a1457c6800a99d80.df5b972a092448ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Sun, 12 Mar 2023 01:37:29 GMT
X-Azure-Ref: 02iwNZAAAAABEXK2wVreWRYjuPGaO4MCcQU1TMDRFREdFMTkyMQBiNzY5ZDMzYy1jOGYxLTQ5ZDAtODBhMy1jNWM3MWY4NjgyYjM=
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=687441c5ca76aa3a
X-Cache: TCP_HIT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Length: 454
Request-Context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f

GET
H/1.1 200
OK Translate Show response
ma.oriflame.com/system/ajax/Localization/ 454 B
1 KB 103ms
102ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-2858f5af1c96428d-01
accept-language: en-US,en;q=0.9
Request-Id: |04821a38f6b04de8a1457c6800a99d80.2858f5af1c96428d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Sun, 12 Mar 2023 01:37:29 GMT
X-Azure-Ref: 02iwNZAAAAAAHar+kVdgtRbtKQh58WHdqQU1TMDRFREdFMTkyMQBiNzY5ZDMzYy1jOGYxLTQ5ZDAtODBhMy1jNWM3MWY4NjgyYjM=
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=687441c5ca76aa3a
X-Cache: TCP_HIT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Length: 454
Request-Context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/Ma/bazaarvoice/ 553 B
714 B 20ms
19ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/bazaarvoice/configuration

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4797bb7c7f11c7daef73fdcda63295f8d0837d18fbda7f452a0814f5d2b8c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 12 Mar 2023 01:37:29 GMT
x-azure-ref-originshield: 02iwNZAAAAAAgMEA4Jp5wQLITqSAcbhPQTU5aMjIxMDYwNjEyMDM3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Strict-Transport-Security,Content-Length,Date,Vary
cache-control: public, max-age=3240, stale-while-revalidate=324, stale-if-error=324
x-azure-ref: 02iwNZAAAAACTe3qPuNWcTLSMfTQiIhzlTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 553
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 contentImage
media-afr-cdn.oriflame.com/ 20 KB
20 KB 298ms
297ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=2f722bcd-5ae5-4c5c-9f18-20ea1b993166&name=17395618_2&inputFormat=jpg&w=300&bc=%23f5f5f5&ib=%23f5f5f5&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D184) /

Resource Hash

668eb6c3f1867cfc436b4a3cf60b7c1e569521c2b0b6a097143a2a476aab5364

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
server: ECAcc (nyd/D184)
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=604800
content-length: 20437
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 844.chunk.js Show response
clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/ 100 KB
29 KB 329ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/844.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D16E) /
Resource Hash: 3997c3559b40b1ce6c8cc7335ea92b457881d74aebc5d6366fec2a3c526b4232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: thEGwSDgv44nWJU64r6+3g==
age: 14904616
x-cache: HIT
content-length: 29089
x-ms-lease-status: unlocked
last-modified: Tue, 20 Sep 2022 13:23:14 GMT
server: ECAcc (nyd/D16E)
etag: 0x8DA9B0B45FF6FA4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 666e4dab-501e-001b-5af4-ccdde9000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 143.chunk.js Show response
clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/ 16 KB
5 KB 334ms
12ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/143.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D16E) /
Resource Hash: 45cc94a9503cd16a521eee496cf066ee8bb3fd4e67447b41199f762d98af3227

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: A8PHc2sy3MJK2YhilYJA+g==
age: 14904616
x-cache: HIT
content-length: 4982
x-ms-lease-status: unlocked
last-modified: Tue, 20 Sep 2022 13:23:14 GMT
server: ECAcc (nyd/D16E)
etag: 0x8DA9B0B45FFC820
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 44184c10-d01e-002a-1af4-cc3cfa000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 881.chunk.js Show response
clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/ 9 KB
4 KB 338ms
16ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/881.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D194) /
Resource Hash: beade23bee7d009037d6cdb77fbe6347892684dd77ee8cb41f82396f4a04e62d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: tt/h3MigN9zmF4w4DQ6wJA==
age: 1347704
x-cache: HIT
content-length: 3700
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 11:08:27 GMT
server: ECAcc (nyd/D194)
etag: 0x8DB1657749F2752
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d3620134-001e-0064-2041-481272000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H/1.1 200
OK Translate Show response
ma.oriflame.com/system/ajax/Localization/ 221 B
1 KB 89ms
88ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/Localization/Translate?Keys=UpdateYourBrowser&Keys=YourBrowserIsOutdated&Keys=Update

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

88a6f170934f8089cf0416844cf05233a6f80fd6d8b5276e1745e02ac4a67c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-ae9b8caceb16455b-01
Request-Id: |04821a38f6b04de8a1457c6800a99d80.ae9b8caceb16455b
x-tenant-context: Ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Sun, 12 Mar 2023 01:37:29 GMT
X-Azure-Ref: 02iwNZAAAAACmqFevhF3kQL8NGxsJfPgKQU1TMDRFREdFMTkyMQBiNzY5ZDMzYy1jOGYxLTQ5ZDAtODBhMy1jNWM3MWY4NjgyYjM=
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=0867a3d730bf89fd
X-Cache: TCP_HIT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Length: 221
Request-Context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f

GET
H2 200 432.chunk.js Show response
clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/ 18 KB
7 KB 331ms
20ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/432.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D139) /
Resource Hash: bce9a8a4ccf07527b9524e3e8620d5dc9921f6b17ec92c79e1ff9ecc0459ca8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: 0nnKpelq3o/gR+ygPvy2+g==
age: 29648689
x-cache: HIT
content-length: 6693
x-ms-lease-status: unlocked
last-modified: Tue, 08 Mar 2022 10:34:29 GMT
server: ECAcc (nyd/D139)
etag: 0x8DA00EF39DF168C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 577f33d7-b01e-00ac-03db-46ee1b000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 148.chunk.js Show response
clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/ 6 KB
2 KB 324ms
14ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/148.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/basket-bubble/1.3.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D109) /
Resource Hash: f11a4d55e1a7838b6bcb918b5ccbf9375244508937b6df49a858bd1e078bae33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: 7ejfrVZfQdQJuskgtoFkzg==
age: 29648689
x-cache: HIT
content-length: 2308
x-ms-lease-status: unlocked
last-modified: Tue, 08 Mar 2022 10:34:29 GMT
server: ECAcc (nyd/D109)
etag: 0x8DA00EF39AD389A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f0095055-f01e-0014-3ddb-46b5dd000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 3 KB
3 KB 20ms
14ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F40697%2F40697.png%3Fversion%3D1608135306&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D141) /

Resource Hash

5d469456aed5584b41ee9e39a5297cb8fcafcc8c04ff170eda5453386e83d310

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Sun, 15 May 2022 07:45:39 GMT
server: ECAcc (nyd/D141)
age: 25984311
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3180
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 3 KB
3 KB 21ms
16ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F43908%2F43908.png%3Fversion%3D1655991002&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D11C) /

Resource Hash

52ecbc785d5b5538984e2a5c32d7ccc783fefc6d8770e671ed00e9d5d0ee4608

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Mon, 27 Jun 2022 03:49:34 GMT
server: ECAcc (nyd/D11C)
age: 22283277
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 2766
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 3 KB
3 KB 10ms
5ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F43906%2F43906.png%3Fversion%3D1603287900&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D174) /

Resource Hash

cc9d204ed6442dfe3d6e943967376fa7df8a12f0a8041e94f002cdb46a7e4702

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Sun, 26 Jun 2022 20:37:28 GMT
server: ECAcc (nyd/D174)
age: 22309202
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3070
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

GET
H2 200 /
media-afr-cdn.oriflame.com/productImage/ 3 KB
3 KB 22ms
17ms Image
image/jpeg 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-afr-cdn.oriflame.com/productImage/?externalMediaId=product-management-media%2F35926%2F35926.png%3Fversion%3D1617796800&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D181) /

Resource Hash

1e26ec3ad8c2cd181ba7018e16c04f2f8e3af30601a9419b8e899d66d226f108

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 25 May 2022 21:06:47 GMT
server: ECAcc (nyd/D181)
age: 25072243
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3170
request-context: appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0

OPTIONS
H2 200 localization
api-static.oriflame.com/personalBeautyStore/tenants/Ma/ 0
0 49ms
49ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/personalBeautyStore/tenants/Ma/localization?lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-application,x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: x-client-application,x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAADMDLbKYL09Q4qxV3kGmpeNTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 ShopSection
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 55ms
54ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAADLNqwl9yjjS5Xf74qmq0xCTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 AboutTiles
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 54ms
54ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAADLFk7c0xhOQYpIFmBlwm8FTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 JoinTiles
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 54ms
54ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:29 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAADF06k8ZakyTpFL5Yenfg+GTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 InspirationTiles
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 155ms
154ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:30 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAABu8bV88nMeQJchgG9nnuBqTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 TopNavigation
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 0
0 124ms
124ms Preflight 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=fr-MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-command-name
Access-Control-Request-Method: GET
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-ms-command-name
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 12 Mar 2023 01:37:30 GMT
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a
x-azure-ref: 02iwNZAAAAAAcURDKjd8CRoyhS4Emv+l8TU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
x-cache: CONFIG_NOCACHE

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ 0
0 326ms
145ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sun, 12 Mar 2023 01:37:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 localization Show response
api-static.oriflame.com/personalBeautyStore/tenants/Ma/ 4 KB
2 KB 26ms
25ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/personalBeautyStore/tenants/Ma/localization?lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22b455d81434b3a02d30f9597cbc29656fcbd98d83c701a6328cf50a620b0616

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
x-tenant-context: Ma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-client-application: @ori/personal-beauty-store

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:29 GMT
x-azure-ref-originshield: 02iwNZAAAAABLDkv8of+jR4wthTJR+exQTU5aMjIxMDYwNjExMDMxAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Encoding
x-cache: TCP_REMOTE_HIT
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Strict-Transport-Security,Date,Vary,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=3240, stale-while-revalidate=324, stale-if-error=324
x-azure-ref: 02iwNZAAAAAB3tiII7qYbSZmIYnH+/67xTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 1286
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET VipAccessJson
ma.oriflame.com/system/ajax/stickybar/ 0
0

POST
H/1.1 200
OK GetShoppingContext Show response
ma.oriflame.com/system/ajax/ShoppingBag/ 2 KB
2 KB 655ms
655ms Fetch
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/ShoppingBag/GetShoppingContext

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

76f3c5511397bd4c072a7086da9095aaa586456765368bb242a849cad0698aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
traceparent: 00-276f124108254ae283a3319baceb544f-0b562f42cce04d64-01
request-id: |276f124108254ae283a3319baceb544f.0b562f42cce04d64
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 12 Mar 2023 01:37:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=169a24f518c4d3bc
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 988

GET
H2 200 ShopSection Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 65 KB
9 KB 449ms
448ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3132f26c6737a7d539cee03e022dfae4778e6311d551fe6b3b72bb9346d30b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAABuR9U8YggYR7I/cI9DJgpaTU5aMjIxMDYwNjExMDE3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Date,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAAAVZQxTdusvQ69NwxSZasuDTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 8870
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 AboutTiles Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 2 KB
1 KB 691ms
690ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5f469e028a947468e8e914d041f3a5137b98a1dec4e3bca934a43ea4c27b924a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAABYvRuLOTCLRLb59OROJGRpTU5aMjIxMDYwNjEyMDUxAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Date,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAABh1Yhuxq3hTLBSsrOarnoaTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 905
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 JoinTiles Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 34 B
317 B 612ms
611ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAAAmvoONm2/qSqv2jmgTn7iITU5aMjIxMDYwNjEyMDQ3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Content-Length,Date
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAAC2t2d7HOnfTILTKKVOUZBpTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 34
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 InspirationTiles Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 34 B
277 B 555ms
553ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAAB+ZoCK+MenQq/RqvOgsHENTU5aMjIxMDYwNjExMDI3AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Content-Length,Date
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAADGLawWkD5wRoN9ugrnPuFfTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 34
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 TopNavigation Show response
api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/ 899 B
1 KB 698ms
698ms XHR
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=fr-MA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

83e659612703eb7f32f791caa4f46393acf05a69a93937cdfcf651ea89da1207

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
x-ms-command-name: @ori/static-api-client/2.0.259 ms-rest-js/2.6.4 OS/Win32
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02iwNZAAAAABotCh5b0S4QqKjNjem5d24TU5aMjIxMDYwNjEyMDUxAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Language,Accept-Encoding
x-cache: TCP_MISS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Vary,Strict-Transport-Security,Content-Length,Date
cache-control: public, max-age=540, stale-while-revalidate=54, stale-if-error=54
x-azure-ref: 02iwNZAAAAAAxE+k1AumSTaBnqwb1zUy+TU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 899
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 28 KB
7 KB 287ms
282ms Fetch
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e4f428ec24b0703be0cdf398a404a08912b42bdaa6787242456d44594c4b3f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept: */*
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
x-tenant-context: Ma
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ0eXAiOiJhdCtqd3QiLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMifQ.eyJuYmYiOjE2Nzg1ODE5MTMsImV4cCI6MTY3ODU4NTUxMywiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS5vcmlmbGFtZS5jb20iLCJhdWQiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbS9yZXNvdXJjZXMiLCJjbGllbnRfaWQiOiJFQ29tbWVyY2VTcGFDbGllbnQiLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJVblRydXN0ZWQiLCJqdGkiOiJGNkZFMjU2QzY0QTI4MjlGODNFRDA4NEM4RTdDMzM0MiIsImlhdCI6MTY3ODU4MTkxMywic2NvcGUiOlsib25saW5lX2FwaSJdfQ.blx2v4bwhKfe-yk7DovtMEWI-j4T7MKyR13CQAW93rbXoOpMQ81-3fMjGh7GgWgXTp7VdzltCn7xX83_7ZGIXbfJ97XMR0OTEZC7MbkkHY2HtAln39PR1P7BPlgIkaR4MtaMbj-c9RFHgAHjbZuLLNw4xFpxZsqFGJIuln7hqht9418eI3nNP4sTds4sBDliCNeO4i2tM3Mxqxi3Zn7AlXqVpOiZBcZX0EowJuPhkOM6jl5c_hxpU0_CRExQmthrlMGP46VI_SHQYdPNf24y8R6WGsZtr_D9K5r3Foexd7z12ZZMNnBNq42F9I5lIWDs-GSmrXNyQfbGbv5N6OGlyQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 12 Mar 2023 01:37:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"6e80-IZ5IsjJylh4wzuzVNfPZrMxlNiA"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H/1.1 200
OK VipAccessJson Show response
ma.oriflame.com/system/ajax/stickybar/ 2 B
606 B 104ms
104ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/stickybar/VipAccessJson

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://ma.oriflame.com/
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-b38d0bc6b2e44dc8-01
Accept-Language: en-US,en;q=0.9
Request-Id: |04821a38f6b04de8a1457c6800a99d80.b38d0bc6b2e44dc8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 01:37:30 GMT
Cache-Control: private
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Length: 2
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=76c82f998b76d1b9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 322ms
5ms Script
text/javascript 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: login.oriflame.one
URL: http://login.oriflame.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 00:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3007
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Mar 2023 02:47:24 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/971661115/ 2 KB
2 KB 405ms
78ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971661115/?random=1678585050784&cv=11&fst=1678585050784&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fma.oriflame.com%2F&ref=http%3A%2F%2Flogin.oriflame.one%2F&tiba=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&auid=297402007.1678585051&uamb=0&uaw=0&data=market_code%3DMA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

b59404971cead7534aea23a88a7ab16dcb72bd8e7c087b7da82fa91b6ede4b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-757216.js Show response
static.hotjar.com/c/ 11 KB
5 KB 99ms
84ms Script
application/javascript 108.138.106.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-757216.js?sv=5

Requested by

Host: login.oriflame.one
URL: http://login.oriflame.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-101.jfk50.r.cloudfront.net

Software

Resource Hash

64d1df5dddd4445f28bd5ee8b9c49bf4532beb4150d8a9e5fbdb7563e2dcae1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/48c122ce84db73cf0deb9096890d3a5e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: yLFPKUaD2_AIKu5pYEE6DX_VMi7q-PDNuUS3DhNihUPKU7OBRh28Iw==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 112 KB
44 KB 354ms
35ms Script
application/javascript 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P89M3WV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

9b0adf3807ad5db0d6f07c835953c37dfbef7a744be33fb45e5b418ec6342e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45001
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 01:37:31 GMT

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 554 B
2 KB 135ms
134ms Fetch
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bafeb6a4051bb94b15bd121c8cf1dc57221f2ca2d3384961ceaeac5c1af2ba04

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept: */*
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
x-tenant-context: Ma
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ0eXAiOiJhdCtqd3QiLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMifQ.eyJuYmYiOjE2Nzg1ODM3NDUsImV4cCI6MTY3ODU4NzM0NSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS5vcmlmbGFtZS5jb20iLCJhdWQiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbS9yZXNvdXJjZXMiLCJjbGllbnRfaWQiOiJBcHBTaGVsbEZyb250ZW5kIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiVW5UcnVzdGVkIiwianRpIjoiMzlCQzFFMzI3NUM0MzNCRjlGNDNCODQ1QTJFMThBOTIiLCJpYXQiOjE2Nzg1ODM3NDUsInNjb3BlIjpbIm9ubGluZV9hcGkiXX0.rm6XPhPIogc2AjE9W00wMC-KdgSV-5P4QV0FXMVzowyoVKJNFl6fTF7K6mojV6ld7ocFctk0J5DHDv_sA-6SNDjIiSOuWrnEhYvth6PvzK7TmtPq8nFL2t6sTxprrdBQsmH75Qwp-Wke10WmaHMHDnBfslTJnpqGooPqlJSF2yAX53VNTXIuxqg5jmfUaazSkkVupzRCMFkiFnctcN6iN1TFeHC_P1YXZb-Nj1YHi8M6QeY5zvQX8aV-T41EtWm808Xb7LlE_Dgz6_FwzcWbATEy_h0tcOiD0Y7rnjtl2Is0Yj4TULucUxzA1L-7OA9Jec-1N3tRDvp5M6WaUNWKBg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 12 Mar 2023 01:37:31 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"22a-TyDVVAD5Pg4OWnoAln9YT6CjpOo"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 554
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ 0
0 245ms
84ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sun, 12 Mar 2023 01:37:31 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 745.chunk.js Show response
clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/ 278 B
336 B 7ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/745.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D140) /
Resource Hash: 225af1883058502a7c6583a572116c25677e2c423266f14af527ba2563a37cd3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:30 GMT
content-encoding: gzip
content-md5: ARB2zLKL15afgPeI8iTL6Q==
age: 1347616
x-cache: HIT
content-length: 210
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 11:08:27 GMT
server: ECAcc (nyd/D140)
etag: 0x8DB1657749BE7E6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1151b5b7-001e-0074-5a41-48d71a000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:30 GMT

GET
H2 200 8.chunk.js Show response
clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/ 166 B
308 B 6ms
5ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/8.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/mini-shopping-bag/1.6.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D16E) /
Resource Hash: 7d165cd82bda344d740d30ffd856256f7b5d80285be10c7623693b11b34986da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: Xm0yWxhinoMdmhAF91bsWg==
age: 14904578
x-cache: HIT
content-length: 148
x-ms-lease-status: unlocked
last-modified: Tue, 20 Sep 2022 13:23:14 GMT
server: ECAcc (nyd/D16E)
etag: 0x8DA9B0B45FFC51F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bcad055e-301e-0032-48f4-cce39d000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H/1.1 200
OK Translate Show response
ma.oriflame.com/system/ajax/Localization/ 24 B
1 KB 104ms
97ms XHR
application/json 20.93.235.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ma.oriflame.com/system/ajax/Localization/Translate?keys=Quantity

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c2e226b8874dcb55d50abadf5a7af8ceee38715144652c10236197945e57b768

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://ma.oriflame.com/
X-Requested-With: XMLHttpRequest
traceparent: 00-04821a38f6b04de8a1457c6800a99d80-0cadc1faa47c4766-01
Request-Id: |04821a38f6b04de8a1457c6800a99d80.0cadc1faa47c4766
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Sun, 12 Mar 2023 01:37:30 GMT
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=bc685680c7f45bd3
X-Cache: TCP_HIT
Content-Length: 24
Request-Context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
Pragma: no-cache
X-Azure-Ref: 02ywNZAAAAAD8iq3zVN1UQq1pZsV4QoXLQU1TMDRFREdFMTgxNABiNzY5ZDMzYy1jOGYxLTQ5ZDAtODBhMy1jNWM3MWY4NjgyYjM=
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Expires: -1

GET
H2 200 modules.852546d062cf06f9f7e6.js Show response
script.hotjar.com/ 262 KB
67 KB 25ms
6ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.852546d062cf06f9f7e6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-757216.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

8d4fe10cf655413f3ce01bbabb88e8f9a06ee75bb8ea60c9d33f7af308e9947d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 13:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 131485
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68427
last-modified: Fri, 10 Mar 2023 13:05:24 GMT
etag: "3c6849d4a399798b2f288e24d54e8ae1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: mYy-PvOwQtw17rhJ8wWEY48_yHo2jRQrrXLofeXIecmLSfpEoPGMGA==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
4ms Script
text/javascript 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Mar 2023 01:47:04 GMT

GET
H2 200 culture Show response
api-static.oriflame.com/tenants/Ma/ 3 KB
1 KB 29ms
27ms Fetch
application/json 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/Ma/culture

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

71bedf926dba78b4f84af1ff3a5adf30571849a0d0c9f613075908709467c8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
date: Sun, 12 Mar 2023 01:37:30 GMT
x-azure-ref-originshield: 02ywNZAAAAACbbQjQ4uvrR4rwc42MZAHzTU5aMjIxMDYwNjEyMDM1AGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
vary: Accept-Encoding
x-cache: TCP_REMOTE_HIT
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Strict-Transport-Security,Date,Vary,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=3240, stale-while-revalidate=324, stale-if-error=324
x-azure-ref: 02ywNZAAAAAC3Fgxi//zSRawNZC0qdo8bTU5aMjIxMDYwNjE0MDExAGI3NjlkMzNjLWM4ZjEtNDlkMC04MGEzLWM1YzcxZjg2ODJiMw==
content-length: 967
request-context: appId=cid-v1:d2ac0972-9e4f-42f9-a665-84720665181a

GET
H2 200 189.chunk.js Show response
clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/ 116 KB
32 KB 7ms
5ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/189.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D183) /
Resource Hash: f5e654fc5bf0595b9ed68b8cbb67e942d5e5b07f4467d0e9b3771f4e631cc9ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: B5ps4SKKLmv4i/8wRrYG9A==
age: 1347610
x-cache: HIT
content-length: 32377
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 11:08:27 GMT
server: ECAcc (nyd/D183)
etag: 0x8DB1657749F3F25
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7bc15b0a-101e-001a-5441-488235000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H2 200 601.chunk.js Show response
clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/ 1 KB
916 B 9ms
7ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/601.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/product-info-dialog/3.1.1/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D10F) /
Resource Hash: 12311f25970761f016f479ff1284c8e6c8bf98a20606c0da0521bfdafb3a848d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: XPn8KBfF5bGgXwSXn/Mkxg==
age: 1347609
x-cache: HIT
content-length: 787
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 11:08:27 GMT
server: ECAcc (nyd/D10F)
etag: 0x8DB1657749B03FC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4bb61c9e-101e-0068-5d41-48857a000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H2 204 757216 Show response
vc.hotjar.io/sessions/ 0
258 B 95ms
75ms XHR
text/plain 18.164.96.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/757216?s=0.25&r=0.12152736597851876
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-52.jfk50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:31 GMT
via: 1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 7dlJmnQVRemDgB12I7ugvwPvnmaU8I72dueRLFI1hZOVHVnxIjHu6A==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/757216/ 147 B
322 B 269ms
89ms XHR
application/json 52.212.98.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/757216/visit-data?sv=5
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.98.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-98-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3

Request headers

Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/971661115/ 42 B
455 B 166ms
54ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/971661115/?random=1678585050784&cv=11&fst=1678582800000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fma.oriflame.com%2F&ref=http%3A%2F%2Flogin.oriflame.one%2F&tiba=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&data=market_code%3DMA&fmt=3&is_vtc=1&random=3797523630&rmt_tld=0&ipr=y

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 01:37:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
241 B 18ms
18ms Ping
image/gif 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 01:37:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://ma.oriflame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 98ms
17ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-61098026-1&cid=490902988.1678585051&jid=1305735327&gjid=1205786877&_gid=576644775.1678585051&_u=aGBAiEAjBAAAAEAAIC~&z=1731284186

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Mar 2023 01:37:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ma.oriflame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 62ms
56ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-61098026-1&cid=490902988.1678585051&jid=1305735327&_u=aGBAiEAjBAAAAEAAIC~&z=249915228

Requested by

Host: ma.oriflame.com
URL: https://ma.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 01:37:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 554 B
2 KB 190ms
190ms Fetch
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bafeb6a4051bb94b15bd121c8cf1dc57221f2ca2d3384961ceaeac5c1af2ba04

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept: */*
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
x-tenant-context: Ma
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ0eXAiOiJhdCtqd3QiLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMifQ.eyJuYmYiOjE2Nzg1ODE5MTMsImV4cCI6MTY3ODU4NTUxMywiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS5vcmlmbGFtZS5jb20iLCJhdWQiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbS9yZXNvdXJjZXMiLCJjbGllbnRfaWQiOiJFQ29tbWVyY2VTcGFDbGllbnQiLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJVblRydXN0ZWQiLCJqdGkiOiJGNkZFMjU2QzY0QTI4MjlGODNFRDA4NEM4RTdDMzM0MiIsImlhdCI6MTY3ODU4MTkxMywic2NvcGUiOlsib25saW5lX2FwaSJdfQ.blx2v4bwhKfe-yk7DovtMEWI-j4T7MKyR13CQAW93rbXoOpMQ81-3fMjGh7GgWgXTp7VdzltCn7xX83_7ZGIXbfJ97XMR0OTEZC7MbkkHY2HtAln39PR1P7BPlgIkaR4MtaMbj-c9RFHgAHjbZuLLNw4xFpxZsqFGJIuln7hqht9418eI3nNP4sTds4sBDliCNeO4i2tM3Mxqxi3Zn7AlXqVpOiZBcZX0EowJuPhkOM6jl5c_hxpU0_CRExQmthrlMGP46VI_SHQYdPNf24y8R6WGsZtr_D9K5r3Foexd7z12ZZMNnBNq42F9I5lIWDs-GSmrXNyQfbGbv5N6OGlyQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 12 Mar 2023 01:37:31 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"22a-TyDVVAD5Pg4OWnoAln9YT6CjpOo"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 554
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ 0
0 81ms
81ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sun, 12 Mar 2023 01:37:31 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 622ms
165ms XHR
application/json 34.253.152.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.152.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-152-182.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1df9985aa1260c8f8984787f1f037a9c0fab650e5a11c190707a95d50fc76ccb

Request headers

Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 01:37:32 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 140ms
139ms XHR
application/json 20.42.73.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7b5efea0df6cdace7cb04d74a5c974c5da3c4771778fff57f1f374eae9fccae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 98258043-6F56-4707-8EFF-6A8D3BB9C193
strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 01:37:31 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 222ms
11ms Preflight 20.42.73.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://ma.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Sun, 12 Mar 2023 01:37:31 GMT
x-content-type-options: nosniff

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/genesys-widget/ 804 B
674 B 8ms
7ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/genesys-widget/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-dd59dcd25eda1aee.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D117) /
Resource Hash: 74cc4d06798c7ff29e12b8b24f24087ad26afeb91458ffd80608082d202da7ae

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: 8yw19E4fgUN53iQt7pc/Iw==
age: 334
x-cache: HIT
content-length: 480
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 14:46:21 GMT
server: ECAcc (nyd/D117)
etag: 0x8DB199A8F11871E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6f959047-f01e-0060-5482-549f75000000
cache-control: max-age=900
x-ms-version: 2009-09-19
expires: Sun, 12 Mar 2023 01:52:31 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/ 3 KB
2 KB 5ms
4ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/genesys-widget/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D179) /
Resource Hash: 21bc9575921a18e65a108073831bdedf06a1e8d119b0e8059d90723ef4c48d3c

Request headers

Referer: https://ma.oriflame.com/
Origin: https://ma.oriflame.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: Vr9ghW6oqwtnBN+RKexNdA==
age: 988973
x-cache: HIT
content-length: 1546
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 14:44:13 GMT
server: ECAcc (nyd/D179)
etag: 0x8DB199A42AD8500
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 323d2f82-b01e-0061-1984-4bc0a9000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H2 200 403.chunk.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/ 14 KB
6 KB 9ms
6ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/403.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D159) /
Resource Hash: 92d930db38faca1ba4034683ebdae008c8582e6b31fca5572c6008872bd5475b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: qGdWGZJzMAulbA18SR0ddQ==
age: 988972
x-cache: HIT
content-length: 5602
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 14:44:13 GMT
server: ECAcc (nyd/D159)
etag: 0x8DB199A42A5DD54
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ab1cd509-501e-0079-7984-4b1fce000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H2 200 249.chunk.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/ 16 KB
6 KB 6ms
4ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/249.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D178) /
Resource Hash: fcc448820d7fe84879f5cd6117ffabef1618870efe0697cb6ff8a4ab1ff15718

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: R53xaglqw6ukM7MXUfZ9eg==
age: 988972
x-cache: HIT
content-length: 5953
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 14:44:13 GMT
server: ECAcc (nyd/D178)
etag: 0x8DB199A42A2BD9F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c70d3e6c-801e-0037-6b84-4b3146000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H2 200 347.chunk.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/ 32 KB
7 KB 5ms
4ms Script
application/javascript 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/347.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D115) /
Resource Hash: 48b4c9be436ea6f2d4be2cf296bdf82c92ad3db5c7a42e303d2030bfc80c1712

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:31 GMT
content-encoding: gzip
content-md5: diACb2ZeilbKM51loZL/Bw==
age: 988971
x-cache: HIT
content-length: 6677
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 14:44:13 GMT
server: ECAcc (nyd/D115)
etag: 0x8DB199A42A3110A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9362d73c-f01e-005f-6f84-4b57d6000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:31 GMT

GET
H2 200 cxbus.min.js Show response
apps.mypurecloud.de/widgets/9.0/ 20 KB
7 KB 323ms
85ms Script
text/javascript 35.156.40.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/widgets/9.0/cxbus.min.js

Requested by

Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/249.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.40.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-40-242.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:32 GMT
content-encoding: gzip
x-amz-version-id: zw33oHqEQcJY46kB6kOqkACDGiyRxMHj
last-modified: Mon, 06 Feb 2023 11:43:45 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-amz-request-id: XASKCT976AENRT15
etag: "15e290c6392b7f9f12f9d72ed3a6506a"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 6977
x-amz-id-2: rhiJda7aeX1JpKYBIQzFye/rZKzOmGV65ZQTKUeW5I4Qu1jg97fc3UBxAnyjZO4MObD9kuTmWmM=

GET
H2 200 widgets-core.min.js Show response
apps.mypurecloud.de/widgets/9.0/plugins/ 376 KB
114 KB 87ms
87ms Script
text/javascript 35.156.40.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/widgets/9.0/plugins/widgets-core.min.js

Requested by

Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/widgets/9.0/cxbus.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.40.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-40-242.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3093a3b66ab66b86012d43ba5571f79706e32636f52a0e4ffcc10eefaea71762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ma.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:37:32 GMT
content-encoding: gzip
x-amz-version-id: vLW3GHGDffiG3zBc78xKD6DzgoqO7A5C
last-modified: Mon, 06 Feb 2023 11:43:45 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-amz-request-id: GNRGT7QV59QW9E62
etag: "e538246decda4d0203152efeaf5caae6"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 116266
x-amz-id-2: iAKLLo4MurIXkijLN3aUSm6bRLEM57PjwqR0p2mxB3W04BkwHVS4ySSfqKsd4eYib5Ge+jufxaM=

GET
H2 200 widgets-fr.i18n.json Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/assets/ 27 KB
7 KB 7ms
6ms XHR
application/json 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.8.0/assets/widgets-fr.i18n.json
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D123) /
Resource Hash: 3f1bc42f20821a928c84583bc80fc8b50b1e434cce327cadfda4ba8448b803ac

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ma.oriflame.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Mar 2023 01:37:32 GMT
content-encoding: gzip
content-md5: 9z+JHoYVGBma5KCQnOqdRA==
age: 987323
x-cache: HIT
content-length: 6835
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 14:44:13 GMT
server: ECAcc (nyd/D123)
etag: 0x8DB199A42AA91C2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d688107f-c01e-007b-1788-4ba176000000
cache-control: max-age=31536000
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 01:37:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media-afr-cdn.oriflame.com
URL: https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=b612d13d-4d2c-4047-af6e-eb7f84d81d09&name=17395596_2&inputFormat=jpg&w=480&bc=%23f5f5f5&ib=%23f5f5f5&q=80

Domain: graphql-we.oriflame.com
URL: https://graphql-we.oriflame.com/graphql

Domain: ma.oriflame.com
URL: https://ma.oriflame.com/system/ajax/stickybar/VipAccessJson

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ma.oriflame.com/	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: BKJFKCLOAMIDIBIFKOLNJJKPBKNPDKOHADKAENEMGPBJGNFEJAIFCDGJAPOFPMLKEGMDKMNLNMDEDILDHOJAECGFICEHOBIBJAHNNLJDKKMAICPNDBMFECPFCNKCKGLE
ma.oriflame.com/	1969-12-31 23:59:59	Name: TS01f0493b Value: 014b5de84127e894f0140cc8860aea604a81c4c080025df57cfd7effd9cf1fd2f02dece73a9472b9f1bf0b7c8cd89105adc70972f7
media-afr-cdn.oriflame.com/	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: COOCIBFJJOGAOJGLOGHKLPHPGJBGHOICHCEMABOPGFMIDPKNAIELBMMGAEGHDGMMKFEDMNNFOMINICJBOLAALOOCICIGOCDJOIBPJPOPEKIHKCDMIHLJDHADMHLPOIAE
ma.oriflame.com/	1970-01-20 19:02:01	Name: ai_user Value: XRdGNfhTPnBrKAWJVK0YUH\|2023-03-12T01:37:29.789Z
ma.oriflame.com/	1969-12-31 23:59:59	Name: TS0118af44 Value: 014b5de8412ee980ec66f7fcccd83f4d18cacff228d3ed0b72318d8fb8b689f22dbfa81e8c594d75570820719dc4e7889b1c9acbb9
ma.oriflame.com/	1969-12-31 23:59:59	Name: TSc726feed027 Value: 08afc1cc77ab20006680844217d962d89f26c8062aaefcc27b2bd5b844d57d2a63f9b1c00599e155088804217b11300017af623e4c05b96266506949b24751237adf7a9d873c4562c520a02f1f853c83c6f5aafc8cc6adf63656f1d5b1780fa3
ma.oriflame.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wormpptdzreidrarkvc0ktvd
ma.oriflame.com/	1969-12-31 23:59:59	Name: UserKey Value: default-Anonymous
ma.oriflame.com/	1970-01-20 19:52:25	Name: OriTracking Value: 9901da66-1941-45fe-b321-8fdfb2fd319d
media-afr-cdn.oriflame.com/	1969-12-31 23:59:59	Name: TSb51d2775027 Value: 08afc1cc77ab2000b4924cdc4b0e798bd97b1d074ee98be1ad7bb8f90600f068e4106dfdc7928e0708342e2d941130008de3d3f7294fd415c9b934d917b79f62c3a4fce1f469c97cea553d8a50421b93e1284df9a0c481761994c056074257ec
ma.oriflame.com/	1969-12-31 23:59:59	Name: ShoppingKey Value: -1
.oriflame.com/	1970-01-20 12:26:01	Name: _gcl_au Value: 1.1.297402007.1678585051
.oriflame.com/	1970-01-20 19:52:25	Name: _ga Value: GA1.2.490902988.1678585051
.oriflame.com/	1970-01-20 10:17:51	Name: _gid Value: GA1.2.576644775.1678585051
.doubleclick.net/	1970-01-20 10:16:25	Name: test_cookie Value: CheckForPermission
.oriflame.com/	1970-01-20 19:02:01	Name: _hjSessionUser_757216 Value: eyJpZCI6ImMzMzkxOTRkLWY2OWQtNTNkYi1iMjVhLWJjNjAxYTU5MzMwMyIsImNyZWF0ZWQiOjE2Nzg1ODUwNTEyOTMsImV4aXN0aW5nIjpmYWxzZX0=
.oriflame.com/	1970-01-20 10:16:26	Name: _hjFirstSeen Value: 1
.oriflame.com/	1970-01-20 10:16:25	Name: _hjIncludedInSessionSample_757216 Value: 1
.oriflame.com/	1970-01-20 10:16:26	Name: _hjSession_757216 Value: eyJpZCI6IjFkOTY1ZGJjLThiY2EtNGIyNC1hYTllLWE0YzZlZDlhNTViYiIsImNyZWF0ZWQiOjE2Nzg1ODUwNTEzMDIsImluU2FtcGxlIjp0cnVlfQ==
.oriflame.com/	1970-01-20 10:16:26	Name: _hjAbsoluteSessionInProgress Value: 1
.oriflame.com/	1970-01-20 10:16:25	Name: _gat Value: 1
ma.oriflame.com/	1970-01-20 10:16:26	Name: ai_session Value: /f0eKpIsU/Em1OVSzsrTmG\|1678585049797\|1678585051830

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js(Line 1) Message: Refused to set unsafe header "Accept-Encoding"
network	error	URL: https://ma.oriflame.com/system/ajax/ApiGateway/GetUserAccessTokenAsync Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
javascript	error	URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js(Line 1) Message: Refused to set unsafe header "Accept-Encoding"
javascript	error	URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js(Line 1) Message: Refused to set unsafe header "Accept-Encoding"
javascript	error	URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-fa6caa4d232934b2.js(Line 1) Message: Refused to set unsafe header "Accept-Encoding"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-static.oriflame.com
apps.mypurecloud.de
assets-we-cdn.oriflame.com
clientapp-cdn.oriflame.com
content.hotjar.io
dc.services.visualstudio.com
googleads.g.doubleclick.net
graphql-we.oriflame.com
in.hotjar.com
login.oriflame.one
ma.oriflame.com
media-afr-cdn.oriflame.com
script.hotjar.com
static.hotjar.com
static.oriflame.com
stats.g.doubleclick.net
vc.hotjar.io
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
graphql-we.oriflame.com
ma.oriflame.com
media-afr-cdn.oriflame.com
108.138.106.101
13.107.226.40
142.250.176.194
142.250.65.174
142.250.65.238
142.251.40.232
152.195.19.97
163.172.150.143
18.164.96.46
18.164.96.52
20.42.73.140
20.93.235.241
20.93.237.24
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:81d::2004
34.253.152.182
35.156.40.242
52.212.98.141
01ae8382b2a46fe9eb0a33d9e099ea940d4d9065c84867830b9ab7e0010e5a2b
061e885209a0666a01ae075f9cfcb9ef5e1c7f38b631cb53687984d9b37c2866
0a3c82636f224e6520e2429fc09db2a72138eacf08ed724ef48b75c1f150c229
109aab3e1a8e6527c5ef5a41db39ff21db45f66230b6e2c44485ac80c393e49a
12311f25970761f016f479ff1284c8e6c8bf98a20606c0da0521bfdafb3a848d
12635b36f4543c14524d287ef9e77ed4352cc9175ebaaa98d542c16678088f79
155d76829f7fe4e9458c5de93bc98745fb3e1a36b0d0c1f32f398a63ffeed838
15e7b97f40ea7aaff420fed3888b4a4ad8b17dcac4ec16ca0f30ebf983ffad4f
1a1834a7b22115296cc5658a12499261595f880172541e9162d398c0ecee6a00
1bb169f5cff3dd4ef90ef1aa26f80e0719dfa840b2daf1bf78b0689cebc432b0
1df9985aa1260c8f8984787f1f037a9c0fab650e5a11c190707a95d50fc76ccb
1e26ec3ad8c2cd181ba7018e16c04f2f8e3af30601a9419b8e899d66d226f108
1f215cd6e0916d64f3100cac183856c309a07be689211398d86a3c4c55dc73d0
21bc9575921a18e65a108073831bdedf06a1e8d119b0e8059d90723ef4c48d3c
225af1883058502a7c6583a572116c25677e2c423266f14af527ba2563a37cd3
22b455d81434b3a02d30f9597cbc29656fcbd98d83c701a6328cf50a620b0616
2c9446034c1f2cc1d718be3089f155beacbea4d54d983f0220ce1a1b0bc51984
3093a3b66ab66b86012d43ba5571f79706e32636f52a0e4ffcc10eefaea71762
376b936162580acef2fb006d53dfb5be47031613e2b373411e6f3bf35baab7bd
391719edfb1709d07883135f5cd776be4b82c9e5b086cd4316b7cc2164b38c99
3997c3559b40b1ce6c8cc7335ea92b457881d74aebc5d6366fec2a3c526b4232
3a8080d4606aa9e31ec0b0bf73a0f7be29586829120a9ce9f05fd841a2bba305
3b81df53f185414ed2c08a864144ad7c47f2e2bf76187fbee8eb9db48411d855
3f1bc42f20821a928c84583bc80fc8b50b1e434cce327cadfda4ba8448b803ac
4126ee7b0fb6dcc19a8850e444394253d338c9ad9122d92a00d732056f62fe28
42cb425670ea3c8f3f4b3eed6593741b3d054a3e5f5eb0d06900458eb5b37315
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45cc94a9503cd16a521eee496cf066ee8bb3fd4e67447b41199f762d98af3227
46bee27500c0e6c078c0b99bcd935f7dc16e67ed83f7e56f3a466a915fdf0485
48b4c9be436ea6f2d4be2cf296bdf82c92ad3db5c7a42e303d2030bfc80c1712
4c18728afd784259d9f58cb89e53a1a9de32a13096a6507ea8662337c40a842d
52ecbc785d5b5538984e2a5c32d7ccc783fefc6d8770e671ed00e9d5d0ee4608
53d581a08c9b0b030bafba5a2ef6266798aa39a1401f3b367d88efd8e2068b64
589615fe4fb715b83513a7854eab31bd2c05cccfc8988ba72dc336ad2233ef9c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d3c33c67e17636af522847e85720e419ebd1274fc7fcd4f3667a805f7762a70
5d469456aed5584b41ee9e39a5297cb8fcafcc8c04ff170eda5453386e83d310
5f469e028a947468e8e914d041f3a5137b98a1dec4e3bca934a43ea4c27b924a
5f4cf8472e9ede122c057aff621af5793ca0081a332ede419a92ad20bdef64c9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453
64d1df5dddd4445f28bd5ee8b9c49bf4532beb4150d8a9e5fbdb7563e2dcae1a
6568a9652e76dc2d908d7cc024314929746e9afd5476dc057a23a5872e9dd5ca
668eb6c3f1867cfc436b4a3cf60b7c1e569521c2b0b6a097143a2a476aab5364
71550096cffbca95bc3e191bfc63799522dfaa67e12f6eb91183918672966d72
71bedf926dba78b4f84af1ff3a5adf30571849a0d0c9f613075908709467c8c8
73f1966037b3e70127938b9c6d3b6933a4b4505c536c6ebdf6a6958531c577c9
74cc4d06798c7ff29e12b8b24f24087ad26afeb91458ffd80608082d202da7ae
76f3c5511397bd4c072a7086da9095aaa586456765368bb242a849cad0698aae
786131c7336f090016f4b1d451fcf5f9c423dba8961f7a63f3c655c3f2ed69aa
7d165cd82bda344d740d30ffd856256f7b5d80285be10c7623693b11b34986da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e659612703eb7f32f791caa4f46393acf05a69a93937cdfcf651ea89da1207
8843cce33dcc57a234d0e4f419045edb04f91da09ba4b32ae3199e429a4f2e1b
88a6f170934f8089cf0416844cf05233a6f80fd6d8b5276e1745e02ac4a67c15
8d4fe10cf655413f3ce01bbabb88e8f9a06ee75bb8ea60c9d33f7af308e9947d
8fbe7f597b3055c6c6b622162e76f86410197f84b1ac375ff4c08bf0498fa0b3
902572245ee13e93651f389e19174b4d2d1a0fd6e26eb6cd6e2ac36e74536859
92d930db38faca1ba4034683ebdae008c8582e6b31fca5572c6008872bd5475b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97c49384cde976ceabe09955cad609335deac11a6b299bc623b019ff8135de7d
9b0adf3807ad5db0d6f07c835953c37dfbef7a744be33fb45e5b418ec6342e45
9d8a423b11c09ea9f18b21f040c8220d11ba19b4b58978534a6deaa0506937cc
a07a12e751744365b68a24da14d6e4eda83e988bb9395eb80b9a854f9ab5ac34
a129c69dac6c7b8f672a45ddec1d579a69512d6bb96a037c6130b8f8735f0a40
a150bb5483cb315d11a809402e98626d9e66a7d2aa1be6afe6cacb55895e4aa6
a2aac6320b1399d98e193000ee859ebcfbb4c29b72939e5770487e385d711101
a63ededc02db05692509d12688ace4b334aeee7d6f0cc6c43adfe2b3fb7fcd4b
afaa22f2fbe1f333089467760be022b41fc4eca50673662d5aa2e69076d7de33
b43b5da52d958ca790a5b4232e74d439b0aad04d3ce172a13850df62a94035b7
b499b857821b02d551c429ca6608c4172f6f17e6bd27f13ee0897421e6faf52a
b59404971cead7534aea23a88a7ab16dcb72bd8e7c087b7da82fa91b6ede4b17
bafeb6a4051bb94b15bd121c8cf1dc57221f2ca2d3384961ceaeac5c1af2ba04
bce9a8a4ccf07527b9524e3e8620d5dc9921f6b17ec92c79e1ff9ecc0459ca8d
be78f13b5e6d01ce87c79f88121656f253231b798563d1fe5ef0828aedadcc34
beade23bee7d009037d6cdb77fbe6347892684dd77ee8cb41f82396f4a04e62d
c2e226b8874dcb55d50abadf5a7af8ceee38715144652c10236197945e57b768
c3132f26c6737a7d539cee03e022dfae4778e6311d551fe6b3b72bb9346d30b5
c39939d932456cca600fed9b48ea2f82d22afab763697d54d2cd4f91e722ffad
c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
c8bdfe80d5b8b1c3de37d85a2e657a6e259fec8df45da4922092c8294ad3a427
ca43a84357402328702af8b8e5f290dafeeeac4e18cbb5e2a6762e6e4d9ce21f
cb535376d9d137b3012a33e799aecf29fee4a2ca17ad70a7cb143668f5882b79
cc9d204ed6442dfe3d6e943967376fa7df8a12f0a8041e94f002cdb46a7e4702
d215af6c9785751714c32d4beb1a6b918fdd825865d18c50ea235bb0f8b57982
d21fde3b696188b5f86126154cdf3169dd866d3bcb97f87e49abe33c1427837b
d4797bb7c7f11c7daef73fdcda63295f8d0837d18fbda7f452a0814f5d2b8c17
d83db43447682c15de679d9ec4c04140dcc3180168c219d9110015db5bd7016f
dc20a98002068ab0b26304e26f056c9a576f8817d67fbba17ebdacb215377db8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f428ec24b0703be0cdf398a404a08912b42bdaa6787242456d44594c4b3f1f
e71b3f33cc08689579be391f67ae92dbd5bf3d649c0d90cf215e9f084d7389f8
e7b5efea0df6cdace7cb04d74a5c974c5da3c4771778fff57f1f374eae9fccae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3
f11a4d55e1a7838b6bcb918b5ccbf9375244508937b6df49a858bd1e078bae33
f5e654fc5bf0595b9ed68b8cbb67e942d5e5b07f4467d0e9b3771f4e631cc9ce
fcc448820d7fe84879f5cd6117ffabef1618870efe0697cb6ff8a4ab1ff15718

ma.oriflame.com Open in urlscan Pro 20.93.235.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

97 %HTTPS

11 %IPv6

11 Domains

21 Subdomains

19 IPs

5 Countries

2495 kBTransfer

8398 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ma.oriflame.com Open in urlscan Pro
20.93.235.241 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

97 %
HTTPS

11 %
IPv6

11
Domains

21
Subdomains

19
IPs

5
Countries

2495 kB
Transfer

8398 kB
Size

22
Cookies

130 HTTP transactions
0 data transactions