www.dossiers-bien-etre.com Open in urlscan Pro
65.9.95.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.prod1.emailing.notretemps.com/r/?id=h8d4ea63b,6283d355,80090d87&p1=bf394d10f88ba25d166a795f5a9d05d6
Effective URL:
https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorig...
Submission: On January 28 via api (January 28th 2024, 5:46:00 am UTC) from BE — Scanned from DE

Summary HTTP 79 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 25 domains to perform 79 HTTP transactions. The main IP is 65.9.95.57, located in United States and belongs to AMAZON-02, US. The main domain is www.dossiers-bien-etre.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 11th 2023. Valid for: a year.

This is the only time www.dossiers-bien-etre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.216.123.12 54.216.123.12	16509 (AMAZON-02) (AMAZON-02)
1 1	34.22.248.172 34.22.248.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	65.9.95.57 65.9.95.57	16509 (AMAZON-02) (AMAZON-02)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.67 65.9.95.67	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	65.9.95.75 65.9.95.75	16509 (AMAZON-02) (AMAZON-02)
5	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
4	151.101.192.217 151.101.192.217	54113 (FASTLY) (FASTLY)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
79	31

1 54.216.123.12 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-123-12.eu-west-1.compute.amazonaws.com

t.prod1.emailing.notretemps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.22.248.172 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.248.22.34.bc.googleusercontent.com

a.pwspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-57.prg50.r.cloudfront.net

www.dossiers-bien-etre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-67.prg50.r.cloudfront.net

cdn.info-contenu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

nutriorigines072.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-75.prg50.r.cloudfront.net

profil.nutriorigines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3581 i.vimeocdn.com — Cisco Umbrella Rank: 3376 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3504	305 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 x.clarity.ms — Cisco Umbrella Rank: 7993 c.clarity.ms — Cisco Umbrella Rank: 1351	28 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 trc.taboola.com — Cisco Umbrella Rank: 646 trc-events.taboola.com — Cisco Umbrella Rank: 2085	43 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	882 B
5	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 40531	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	80 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	88 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	279 B
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2947 tr.outbrain.com — Cisco Umbrella Rank: 2812 wave.outbrain.com — Cisco Umbrella Rank: 2909	9 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	16 KB
4	center.io js.center.io — Cisco Umbrella Rank: 47100	15 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	125 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	273 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1876 vimeo.com — Cisco Umbrella Rank: 1792	22 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 46777	29 KB
2	dossiers-bien-etre.com www.dossiers-bien-etre.com	46 KB
1	nutriorigines.com profil.nutriorigines.com	445 B
1	lpages.co nutriorigines072.lpages.co	17 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 57769	15 KB
1	info-contenu.io cdn.info-contenu.io	2 KB
1	pwspace.com 1 redirects a.pwspace.com — Cisco Umbrella Rank: 295817	568 B
1	notretemps.com 1 redirects t.prod1.emailing.notretemps.com	464 B
79	25

	Domain	Requested by
5	api.leadpages.io	js.center.io embed.lpcontent.net
5	connect.facebook.net	www.dossiers-bien-etre.com connect.facebook.net
4	www.facebook.com	www.dossiers-bien-etre.com
4	i.vimeocdn.com	player.vimeo.com www.dossiers-bien-etre.com f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
4	region1.analytics.google.com	www.googletagmanager.com
4	js.center.io	www.dossiers-bien-etre.com js.center.io nutriorigines072.lpages.co
3	x.clarity.ms	www.clarity.ms
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.dossiers-bien-etre.com
3	lh3.googleusercontent.com	www.dossiers-bien-etre.com nutriorigines072.lpages.co
3	www.googletagmanager.com	www.dossiers-bien-etre.com www.googletagmanager.com
2	trc-events.taboola.com	cdn.taboola.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	tr.outbrain.com	amplify.outbrain.com
2	www.google.de	www.dossiers-bien-etre.com
2	trc.taboola.com	cdn.taboola.com
2	cdn.taboola.com	www.googletagmanager.com www.dossiers-bien-etre.com
2	fonts.gstatic.com	fonts.googleapis.com
2	player.vimeo.com	www.dossiers-bien-etre.com
2	fonts.googleapis.com	www.dossiers-bien-etre.com nutriorigines072.lpages.co
2	static.leadpages.net	www.dossiers-bien-etre.com nutriorigines072.lpages.co
2	www.dossiers-bien-etre.com	www.dossiers-bien-etre.com
1	c.bing.com	1 redirects
1	vimeo.com	f.vimeocdn.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	www.google.com	www.dossiers-bien-etre.com
1	wave.outbrain.com	amplify.outbrain.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	profil.nutriorigines.com	www.dossiers-bien-etre.com
1	amplify.outbrain.com	www.googletagmanager.com
1	nutriorigines072.lpages.co	embed.lpcontent.net
1	embed.lpcontent.net	www.dossiers-bien-etre.com
1	cdn.info-contenu.io	www.dossiers-bien-etre.com
1	a.pwspace.com	1 redirects
1	t.prod1.emailing.notretemps.com	1 redirects
79	38

This site contains links to these domains. Also see Links.

Domain
paiement-securise.nutriorigines.com
www.nutriorigines.com

Subject Issuer	Validity	Valid
www.dossiers-bien-etre.com Amazon RSA 2048 M02	`2023-05-11` - `2024-06-09`	a year	crt.sh
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.info-contenu.io Amazon RSA 2048 M01	`2023-03-22` - `2024-04-19`	a year	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-12-01` - `2024-02-29`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2024-02-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.nutriorigines.com Amazon RSA 2048 M01	`2023-07-27` - `2024-08-25`	a year	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Frame ID: 25898A707D61D048DAEC25F42C69A76F
Requests: 57 HTTP requests in this frame

Frame: https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Frame ID: 1ADC12A2FCF08821EB7BCD13CF4605E1
Requests: 14 HTTP requests in this frame

Frame: https://nutriorigines072.lpages.co/serve-leadbox/rNRvBxhvYfBk6VBLikBDnn/?bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687&salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com
Frame ID: E08005C6161413645E096F10F44F5F79
Requests: 6 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: FBE2EBEF889DDC9BB8904B8F0D58A62D
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 49D780517852BBBDB3CA9D9DCE21BDF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Finis les crèmes, sérums, liftings : voici le phénomène américain qui arrive en France

Page URL History Show full URLs

https://t.prod1.emailing.notretemps.com/r/?id=h8d4ea63b,6283d355,80090d87&p1=bf394d10f88ba25d166a795f5a9d05d6 HTTP 302
https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=3 HTTP 302
https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiemen... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

79
Requests

99 %
HTTPS

45 %
IPv6

25
Domains

38
Subdomains

31
IPs

6
Countries

1120 kB
Transfer

3416 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://paiement-securise.nutriorigines.com/HYO-20228810508355?salescode=K_202401_VD_HYO_01_NA_PWS_D&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355
Title: Vérifier la disponibilité de Hyalumine 3D (stock limité)

Search URL Search Domain Scan URL

URL: https://www.nutriorigines.com/politique-de-confidentialite/?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Title: Politique de confidentialité

Search URL Search Domain Scan URL

URL: https://www.nutriorigines.com/mentions-legales/?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.nutriorigines.com/contact/?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.prod1.emailing.notretemps.com/r/?id=h8d4ea63b,6283d355,80090d87&p1=bf394d10f88ba25d166a795f5a9d05d6 HTTP 302
https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=3 HTTP 302
https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3ABA189723514EE0B9C06E8A97670475&RedC=c.clarity.ms&MXFR=2E8D752C8F28615B209D61388B286F7C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3ABA189723514EE0B9C06E8A97670475&MUID=2F39365805396D7427C9224C04526CD6

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request video-decouverte-beaute-a Show response
www.dossiers-bien-etre.com/
Redirect Chain

https://t.prod1.emailing.notretemps.com/r/?id=h8d4ea63b,6283d355,80090d87&p1=bf394d10f88ba25d166a795f5a9d05d6
https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=3
https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci...

90 KB
19 KB

121ms
42ms

Document
text/html

65.9.95.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-57.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30c0897b0bddf32fb000c7cd1dab6e515ee7f602c2d83b0bf739061c483fdd7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2054487
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Thu, 04 Jan 2024 11:04:29 GMT
etag: W/"63a08ee000896bc82f72ca2a914bc350"
last-modified: Tue, 10 Oct 2023 13:12:02 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-id: KokcgMesx40EnAQWVWX-5f5uEeCcrpXRumrN0xojk8_mvnxYqkqjDg==
x-amz-cf-pop: PRG50-C1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 4qC0MOAz5VoCsXm3eCVQR3h4c9IzRoB6
x-cache: Hit from cloudfront

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-length: 0
date: Sun, 28 Jan 2024 05:45:55 GMT
etag: 54508c86-78d4-4235-9917-11ba17ae94e2
expires: -1
last-modified: 2024-01-28T05:45:55.139220035Z
location: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
trace-id: 57f46d4d14674644

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 72ms
13ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:36:37 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 803358
etag: "MP3rjQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 6a7e67d2d9a7ce9829ac690b278042e8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 17 Jan 2025 22:36:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,700|Roboto+Condensed:300,400,500,700

Requested by

Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

938a167badf6d5a57844d5619ebf6c1e0c6330d442bdc654c36f7b42386a402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 05:45:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 05:45:55 GMT

GET
H2 200 0_original.png
www.dossiers-bien-etre.com/video-decouverte-beaute-a_assets/img/ 27 KB
27 KB 76ms
75ms Image
image/png 65.9.95.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a_assets/img/0_original.png
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-57.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24cde26cc396de1fd19aa2bebd305385b2ace5a5004eca2368e3ea777e28615f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 15:03:00 GMT
x-amz-version-id: FX4w1s_XB4DfXic3MZ600RYAWU5zP2fK
via: 1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2040176
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 27313
last-modified: Tue, 10 Oct 2023 13:12:01 GMT
server: AmazonS3
etag: "8e4aa30abba268f4b7f251f217568c1e"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: hG_b0YRRSy4MpMCXDcg7CrK6L24vUKhSh0XhAjg0ue3INV3JkxcKcA==

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 54ms
21ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 28 Jan 2024 01:10:28 GMT
Date: Sun, 28 Jan 2024 05:45:55 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish
Age: 327
X-Cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11228
X-Served-By: cache-fra-eddf8230083-FRA
x-player-backend: g
Server: cloudflare
X-Timer: S1706420755.326459,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-bapp-server
Accept-Ranges: bytes
CF-RAY: 84c6ee98be0b9957-FRA
X-Cache-Hits: 79

GET
H2 200 preserveParamsV2.js Show response
cdn.info-contenu.io/assets/ 5 KB
2 KB 85ms
26ms Script
application/javascript 65.9.95.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.info-contenu.io/assets/preserveParamsV2.js
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-67.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b21ef5f944698b476cebea28d628ad623311c3f4b32a26a8b5a332bbf9aade0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:02:46 GMT
content-encoding: gzip
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 09:40:36 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 387790
etag: W/"81f93250e11c2400dc122f8190b00bd3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gYQ9loyCbNqfc8ofMlONmi0Qnkae7JCWj2LEDjr95BS-r13pSrpIsA==

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 57ms
14ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:41:46 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 249
etag: "EqK-AA"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 4bdb419a64ffb24aef84548fbf42c24b
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Sun, 28 Jan 2024 05:46:46 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 59ms
19ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:42:29 GMT
content-encoding: gzip
server: Google Frontend
age: 206
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: dffeefee6c09ea3214295d948229393d
cache-control: public, max-age=300
content-length: 5417
expires: Sun, 28 Jan 2024 05:47:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
98 KB 59ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQ872S7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b677b037949aba1f7544a516877f949d24289acfb2e2922e06016e9f411711cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100386
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 05:45:55 GMT

GET
H/1.1 200
OK 825363237 Show response
player.vimeo.com/video/ Frame 1ADC 20 KB
10 KB 305ms
304ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe0a5dc04729c0e149e2c370b0665ed72aa183f5c0e49a76faa12633d67f8f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dossiers-bien-etre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84c6ee990e2b9957-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jan 2024 05:45:55 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230083-FRA
X-Timer: S1706420755.370049,VS0,VE279
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-594bd87b44-nnq2r
x-content-type-options: nosniff
x-host: player-backend-594bd87b44-nnq2r
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 200 tOE0bSBGoBrLNpyAd8q67bQFnh6wVKml3_2YRJaqzF1_xzPmdfJO1Z_B0pZ54AE8eYm5Q3UEyaoEkW2N5zs74NY=w16
lh3.googleusercontent.com/ 301 B
597 B 47ms
25ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tOE0bSBGoBrLNpyAd8q67bQFnh6wVKml3_2YRJaqzF1_xzPmdfJO1Z_B0pZ54AE8eYm5Q3UEyaoEkW2N5zs74NY=w16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22666687e2bb5ee2edce6ed9413e9cd8e9b891a07cf6dc6fba02ed344316edef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 29 Jan 2024 05:45:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700|Roboto+Condensed:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dossiers-bien-etre.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options: nosniff
age: 368045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700|Roboto+Condensed:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dossiers-bien-etre.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 19:01:35 GMT
x-content-type-options: nosniff
age: 384260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 19:01:35 GMT

GET
H2 200 / Show response
nutriorigines072.lpages.co/serve-leadbox/rNRvBxhvYfBk6VBLikBDnn/ Frame E080 83 KB
17 KB 584ms
259ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://nutriorigines072.lpages.co/serve-leadbox/rNRvBxhvYfBk6VBLikBDnn/?bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687&salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

c5eb8e387931fea9a69d437c805cabb684693d72673bb92677861566babacaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dossiers-bien-etre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sun, 28 Jan 2024 05:45:55 GMT
etag: W/"1ab8b735480bf07b22bf14c80bbe3893"
last-modified: Fri, 17 Nov 2023 13:13:30 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 identify.html Show response
js.center.io/ Frame FBE2 4 KB
2 KB 19ms
18ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://www.dossiers-bien-etre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sun, 28 Jan 2024 05:44:54 GMT
etag: "OMWYXg"
expires: Sun, 28 Jan 2024 05:49:54 GMT
server: Google Frontend
x-cloud-trace-context: 35afa0fa0434daf076bd6c0017f86f5c

GET
H2 200 tOE0bSBGoBrLNpyAd8q67bQFnh6wVKml3_2YRJaqzF1_xzPmdfJO1Z_B0pZ54AE8eYm5Q3UEyaoEkW2N5zs74NY=w1600
lh3.googleusercontent.com/ 120 KB
120 KB 146ms
146ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tOE0bSBGoBrLNpyAd8q67bQFnh6wVKml3_2YRJaqzF1_xzPmdfJO1Z_B0pZ54AE8eYm5Q3UEyaoEkW2N5zs74NY=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

74172e0e66a91ae31f484c24118bb29fd4a6df75fdff51e2438e90839953be69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122882
x-xss-protection: 0
expires: Mon, 29 Jan 2024 05:45:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
93 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6QN5BG1M4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ872S7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c75119b978a1a251657dc1c55376db3171488ffd9abc964c1027c6f411c60342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 05:45:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 37ms
17ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: wRsMWAgsCL99QGVlx0TMX5+DQgvAs3XDhsrYX9rdS4zf7DS7SI/24lbI4ifMbInV6Oa1c4VrfLcQo+Y9WFcBpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 56ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ872S7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 28 Jan 2024 05:45:55 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6C8A61F3C364AB5B5C0ADEA32CB7763 Ref B: FRAEDGE1107 Ref C: 2024-01-28T05:45:55Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 26 KB
8 KB 49ms
12ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ872S7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 13:05:28 GMT
Server: AkamaiNetStorage
ETag: "928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7779
Expires: Sun, 28 Jan 2024 06:05:55 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1486123/ 66 KB
20 KB 36ms
15ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1486123/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ872S7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0c203a04a5841f6b399677879a9b044ad96f3b130e3ef1e55a38038e5166bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: SvOdoDWO8vPpuCjDBRKw.i53.CKzKycL
content-encoding: gzip
via: 1.1 varnish
date: Sun, 28 Jan 2024 05:45:55 GMT
x-amz-request-id: F2Z789A7B8Z80H7F
age: 19
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 20420
x-amz-id-2: MyK1YGkNAxpV3OpCFqnVUcaYxR02w5APXphLO8ML9gOymzfHMFEfLDsAFVufLJHuhj/eSBAyGi4=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Sun, 21 Jan 2024 11:17:02 GMT
server: AmazonS3
x-timer: S1706420755.480456,VS0,VE1
etag: "0ad0d093b8d6006f358d16a6e2552494"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10936262275

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ872S7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f56ddd8dafec1c5b307b9313fdeb3a25769556bcc38e342d04aec28147a6c0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82778
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 05:45:55 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1477080/ 66 KB
20 KB 137ms
117ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1477080/tfa.js
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 479b8b3d4149c22bc32a2f48439620c9cb605505d59741aa693380eec7ae299a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 3fN1RC96NI2ufNZCWOxa.Yl3Zv_zQs5P
content-encoding: gzip
via: 1.1 varnish
date: Sun, 28 Jan 2024 05:45:55 GMT
x-amz-request-id: VWP09GNN0NTRFW9Q
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 20421
x-amz-id-2: M7S50mSB3Dv/5RlQL6Tibec16/ix7Sw7J0xdCkPPH5xHlfBC6TPaichRYsayR5QVftYJsWOAZv8=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Sun, 21 Jan 2024 11:03:23 GMT
server: AmazonS3
x-timer: S1706420755.480458,VS0,VE109
etag: "399e08e9f9a136cd151f7b44f71f84e7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 salescode.gif
profil.nutriorigines.com/ 0
445 B 247ms
145ms Image
image/gif 65.9.95.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profil.nutriorigines.com/salescode.gif?salescode=K_202401_VD_HYO_01_NA_PWS_D&gtmcb=1206761886
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-75.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amzn-trace-id: Root=1-65b5ea13-6a34fd190f412d2f1932342e;Sampled=0;lineage=911fbb0c:0
x-amzn-requestid: 41c010ca-c9a2-4ce7-b6ad-30f319b4d12d
x-cache: Miss from cloudfront
content-type: image/gif
x-amz-apigw-id: SPGDHFT-joEEiPA=
content-length: 0
x-amz-cf-id: 9N-7zl4FttqTHuoLR2rhHNCSxIytp0yVPROTSTDvARDY0spaVRAF9A==

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
686 B 408ms
140ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=m9L7izjdULsBFtnVLkYfFX&v=&e=&st=&lc=en-US&pid=bVHnivHeudQvsRuMnDoiH5-default-prop&uid=6CJMUUPqeMzzgpkRDQEbS7&sid=9wonDWbmkigd8yLSLKqvc6&cid=lp-m9L7izjdULsBFtnVLkYfFX&uri=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:55 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.dossiers-bien-etre.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 010avhu4ojoo3te2i0sg

GET
H2 200 json Show response
trc.taboola.com/1486123/trc/3/ 3 KB
2 KB 33ms
27ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1486123/trc/3/json?tim=1706420755503&data=%7B%22id%22%3A775%2C%22ii%22%3A%22%2Fvideo-decouverte-beaute-a%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1706420755494%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnutriorigines-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1706420755502%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1486123/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58cb52af6d3baa234d7af38e71f7c9a958f4642e342833c11ea44cede2c32b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.1228125
x-fastly-to-nlb-rtt: 7535
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230091-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1706420756.515278,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 unip Show response
trc.taboola.com/1477080/log/3/ 0
311 B 21ms
15ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1477080/log/3/unip?en=page_view_hyo&tim=1706420755505&mrir=u&vi=1706420755494&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&tos=9&ssd=1&scd=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1486123/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 28 Jan 2024 05:45:55 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7424
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
server: nginx
x-timer: S1706420756.515137,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.dossiers-bien-etre.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6QN5BG1M4&gtm=45je41o0v881637661z8861022989&_p=1706420755355&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1755280004.1706420756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1706420755&sct=1&seg=0&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&dt=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=670
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6QN5BG1M4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dossiers-bien-etre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 58ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H6QN5BG1M4&cid=1755280004.1706420756&gtm=45je41o0v881637661z8861022989&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6QN5BG1M4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dossiers-bien-etre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 71ms
27ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H6QN5BG1M4&cid=1755280004.1706420756&gtm=45je41o0v881637661z8861022989&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1834414773

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10936262275/ 3 KB
2 KB 68ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10936262275/?random=1706420755551&cv=11&fst=1706420755551&bg=ffffff&guid=ON&async=1&gtm=45be41o0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&hn=www.googleadservices.com&frm=0&tiba=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&pscdl=noapi&auid=1585570180.1706420755&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10936262275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2add6436b4db900a7af6d661985a3e8b23c1063fdbb506cc2d00af1ecf08143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1488
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6QN5BG1M4&gtm=45je41o0v881637661&_p=1706420755355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1755280004.1706420756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1706420755&sct=1&seg=0&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&dt=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&en=origine_PWS&_et=1&tfd=700
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6QN5BG1M4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dossiers-bien-etre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 13ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6QN5BG1M4&gtm=45je41o0v881637661&_p=1706420755355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1755280004.1706420756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AkA&_s=3&sid=1706420755&sct=1&seg=0&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&dt=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&en=scroll&epn.percent_scrolled=90&_et=19&tfd=702
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6QN5BG1M4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dossiers-bien-etre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 362ms
88ms Ping
image/gif 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06284526654137945&referrer=&cht=gtm&marketerId=001ef9cf620acf47f936dc5a62abdd4717&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:55 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 23506b4d8f44af03e316630021df525d
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 360ms
88ms Script
application/javascript 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=001ef9cf620acf47f936dc5a62abdd4717
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
X-TraceId: 97c8688e91cd27212b1c6dcb52fe8dec
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 001ef9cf620acf47f936dc5a62abdd4717 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 30ms
7ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/001ef9cf620acf47f936dc5a62abdd4717
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:55 GMT
Content-Encoding: gzip
ob-sent-time: 1706359466069
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 5c6b16c7a1bb2dfdf9c5b7fa42e6189f
Content-Length: 22
Expires: Sun, 28 Jan 2024 05:46:55 GMT

GET
H2 200 964086087604526 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/964086087604526?v=2.9.143&r=stable&domain=www.dossiers-bien-etre.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8da67f3e04c7509b773e6c9ebf0fc38b728d29f8e2c50983ac8002c2d2f74c8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: x0YgfsDD1FMW5ToO2WmSz3XsO3SprNeeM0g2XN7rffhmYVrMrClS5jw2g8f63wFKN5wB51D0O0zYJMAP501x4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27022720.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 36ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27022720.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e2e9253f380f2367ceb6ca2bd3090bcff80b1ae2a832f9a34b793edc6bb4d0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 28 Jan 2024 05:45:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28FBCA9FD772440EA7A7F0E1FB252DCD Ref B: FRAEDGE1107 Ref C: 2024-01-28T05:45:55Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27022720&tm=gtm002&Ver=2&mid=d3dae4a2-d300-40be-a8ba-336dc1194f82&sid=813f2760bda011ee84a3376da950a78e&vid=813f51c0bda011ee99305bd57aabc9a9&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Finis%20les%20cr%C3%A8mes,%20s%C3%A9rums,%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&p=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&r=&lt=558&evt=pageLoad&sv=1&rn=590048

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 05:45:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 293C17DA67E64095A96B41E06AF96DAF Ref B: FRAEDGE1107 Ref C: 2024-01-28T05:45:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 27022720 Show response
www.clarity.ms/tag/uet/ 828 B
1 KB 178ms
153ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/27022720
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/27022720.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4bc0d265e79f610e41f5e1fe0e0b2fc1b6e3ede2eddc36f47423d0da461249e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
date: Sun, 28 Jan 2024 05:45:55 GMT
x-azure-ref: 20240128T054555Z-uvvrzwfbtx3wxd8xp5yhzhwmz000000005v000000000d47u
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 828
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 /
www.google.com/pagead/1p-user-list/10936262275/ 42 B
456 B 73ms
29ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10936262275/?random=1706420755551&cv=11&fst=1706418000000&bg=ffffff&guid=ON&async=1&gtm=45be41o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&frm=0&tiba=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_jgKEoBfkuZ_iKS3SomqnD3sWD9VddA&random=2241860420&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10936262275/ 42 B
155 B 29ms
28ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10936262275/?random=1706420755551&cv=11&fst=1706418000000&bg=ffffff&guid=ON&async=1&gtm=45be41o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&frm=0&tiba=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_jgKEoBfkuZ_iKS3SomqnD3sWD9VddA&random=2241860420&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1189514885192173 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1189514885192173?v=2.9.143&r=stable&domain=www.dossiers-bien-etre.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98%2C171%2C170%2C172%2C177%2C178%2C179%2C175%2C167%2C114%2C166%2C168%2C105%2C133%2C127%2C130%2C111%2C162%2C202%2C99%2C203%2C140%2C103%2C125%2C118%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a68cec33e03c7091446f0dfa07432167d713144061efd8a6c1df1a7c517b79c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: BhE6h5y9RkSJNu+4WI4JpoSh5dgvXKcppoqomJ7ytsUNwPIGx8RiPl0d3sB4pcYnobtSCXqubrqjiKxt8Rzz1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 675798597051754 Show response
connect.facebook.net/signals/config/ 29 KB
5 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/675798597051754?v=2.9.143&r=stable&domain=www.dossiers-bien-etre.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98%2C171%2C170%2C172%2C177%2C178%2C179%2C175%2C167%2C114%2C166%2C168%2C105%2C133%2C127%2C130%2C111%2C162%2C202%2C99%2C203%2C140%2C103%2C125%2C118%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3adf63fc4f7e3967e211fd27f1bb1fed3708b599e0f6145680d6f2303631281b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: mVuLJ8rObAtRMkwlGf+lLZlTVM3/rTAhqQ4LSWKD24/q+yFCmjVVTfrHTfwEl4a/XLdujBoJ+kzUP//DGkd2Dw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.27.3/js/ Frame 1ADC 548 KB
133 KB 36ms
7ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.3/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1588176e2e6569d6ee5f2e72ef3b540b765be8f100e541e8c2f851079537a5fa

Request headers

Referer
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000067-IAD, cache-fra-etou8220087-FRA
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 288617
x-timer: S1706420756.784926,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135575
x-cache-hits: 10, 3972

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.27.3/js/ Frame 1ADC 413 KB
99 KB 38ms
9ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.3/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74c8268a1a83bab2696362300fb2f7754a3696e143b550c707d7fd7656dfe301

Request headers

Referer
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100111-IAD, cache-fra-etou8220087-FRA
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 288618
x-timer: S1706420756.784994,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101566
x-cache-hits: 7, 78754

GET
H2 200 player.css
f.vimeocdn.com/p/4.27.3/css/ Frame 1ADC 207 KB
22 KB 36ms
8ms Stylesheet
text/css 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.3/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ea0f4f0a68acff16582e5a22d07f5585256223522da465127e9c1a28de593e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220093-FRA
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 288617
x-timer: S1706420756.785014,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21830
x-cache-hits: 7, 82795

GET
H2 200 1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d
i.vimeocdn.com/video/ Frame 1ADC 2 KB
2 KB 38ms
10ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4faa551d5574fa31c14910df0ed2e11bd4b887914085ef4ee8779e63b37f468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 427992
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1697
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210079-DFW, cache-fra-eddf8230072-FRA
x-timer: S1706420756.785494,VS0,VE1
etag: "acbd899cd8599d8e05efed918cc3477f"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 39, 1

GET
H3 200 767272818351911 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/767272818351911?v=2.9.143&r=stable&domain=www.dossiers-bien-etre.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98%2C171%2C170%2C172%2C177%2C178%2C179%2C175%2C167%2C114%2C166%2C168%2C105%2C133%2C127%2C130%2C111%2C162%2C202%2C99%2C203%2C140%2C103%2C125%2C118%2C106%2C116%2C109

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

065c329311e6774e8a2ecdaf9a94defdccebb11c5a26f0885b58b026539315dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 1ULVTvzSbD8dSILUtf+mmRrF13G7v+bi3JUrYVl25JCrQ8WeP8LohOFNJmEfHODc+wdUytkc9QD2UAu4fakfcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 37ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=964086087604526&ev=PageView&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&rl=&if=false&ts=1706420755805&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706420755803.1003186854&ler=empty&cdl=API_unavailable&it=1706420755582&coo=false&exp=d1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 37ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1189514885192173&ev=PageView&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&rl=&if=false&ts=1706420755806&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706420755803.1003186854&ler=empty&cdl=API_unavailable&it=1706420755582&coo=false&exp=d1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 37ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=675798597051754&ev=PageView&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&rl=&if=false&ts=1706420755807&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706420755803.1003186854&ler=empty&cdl=API_unavailable&cs_est=true&it=1706420755582&coo=false&exp=d1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 18ms
17ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/27022720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240128T054555Z-uvvrzwfbtx3wxd8xp5yhzhwmz000000005v000000000d484
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f75c1a7b-c01e-0082-2c1a-4f6f65000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 1ADC 2 KB
1 KB 10ms
10ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/825363237?h=f034f91ad0&badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220093-FRA
date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 608369
x-timer: S1706420756.894849,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 8, 142469

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1ADC 4 KB
2 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.3/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Jan 2024 05:45:55 GMT

GET
H2 200 1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d
i.vimeocdn.com/video/ Frame 1ADC 23 KB
23 KB 573ms
573ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d?mw=1100&mh=619
Requested by: Host: www.dossiers-bien-etre.com
URL: https://www.dossiers-bien-etre.com/video-decouverte-beaute-a?salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com&bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3bc6c4247f1806e1809a005cca968eb8576c4ae288c3623784a2b2b1d59789a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:56 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 23388
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210150-DFW, cache-fra-eddf8230072-FRA
x-timer: S1706420756.917788,VS0,VE562
etag: "5bdfb1fc6ecd07907bba447408e72d9e"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 1ADC 0
143 B 152ms
115ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ee207cb273880162263e7c19668406de108f202b1706420755
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.3/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Sun, 28 Jan 2024 05:45:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=767272818351911&ev=PageView&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&rl=&if=false&ts=1706420755918&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706420755803.1003186854&ler=empty&cdl=API_unavailable&it=1706420755582&coo=false&exp=d1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 05:45:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 1ADC 0
926 B 162ms
141ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=ee207cb273880162263e7c19668406de108f202b1706420755

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 27 Jan 2024 17:45:56 GMT
Date: Sun, 28 Jan 2024 05:45:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200146-IAD, cache-fra-etou8220062-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1706420756.955573,VS0,VE121
x-backend-proxy: webproxy11
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-69c564c5f4-4kdp7
Accept-Ranges: bytes
CF-RAY: 84c6ee9ca96430d8-FRA
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
448 B 400ms
134ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=XWdEUHa7uLKCH7QEGAzwUR&kind=text,timer&label=lb_embed_leadbox_embedded,lb_embed_embed_script_load&value=rNRvBxhvYfBk6VBLikBDnn,140.60000038146973
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:56 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.dossiers-bien-etre.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 010avi1ne40p3fu559p0

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 1ADC 35 KB
12 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Sun, 28 Jan 2024 05:45:55 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 1ADC 50 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 10:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 28 Jan 2024 10:06:08 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
306 B 407ms
201ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dossiers-bien-etre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.dossiers-bien-etre.com
Date: Sun, 28 Jan 2024 05:45:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame E080 58 KB
14 KB 13ms
12ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: nutriorigines072.lpages.co
URL: https://nutriorigines072.lpages.co/serve-leadbox/rNRvBxhvYfBk6VBLikBDnn/?bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687&salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:36:37 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 803359
etag: "MP3rjQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 6a7e67d2d9a7ce9829ac690b278042e8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 17 Jan 2025 22:36:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E080 13 KB
1013 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,700|Roboto+Condensed:300,400,500,700

Requested by

Host: nutriorigines072.lpages.co
URL: https://nutriorigines072.lpages.co/serve-leadbox/rNRvBxhvYfBk6VBLikBDnn/?bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687&salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

938a167badf6d5a57844d5619ebf6c1e0c6330d442bdc654c36f7b42386a402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nutriorigines072.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 05:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 05:45:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 05:45:56 GMT

GET
H3 200 DRdZjySV-aLVSTX2Jld4AiwQEf-bK9ziYQPzJbOk-g3HNyyGuS1gAQUD5rP-6cI3-Uw1N-doHP5AgXHN8hNnvGmdJ1zks1qgBfw=w16
lh3.googleusercontent.com/ Frame E080 4 KB
4 KB 127ms
127ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/DRdZjySV-aLVSTX2Jld4AiwQEf-bK9ziYQPzJbOk-g3HNyyGuS1gAQUD5rP-6cI3-Uw1N-doHP5AgXHN8hNnvGmdJ1zks1qgBfw=w16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8069b0c58836836ac39bcfadaf677fad05fdf283d7d065d818f66a339bd7d144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nutriorigines072.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:56 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4506
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 29 Jan 2024 05:45:56 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame E080 12 KB
5 KB 17ms
17ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: nutriorigines072.lpages.co
URL: https://nutriorigines072.lpages.co/serve-leadbox/rNRvBxhvYfBk6VBLikBDnn/?bdc2=HYO-20228810508355&ci=2URFGBU1&e=mefum9hnqgd8l7z&qci=80c3033d-c7e6-40a5-8dd4-bb037fbd9687&salescode=K_202401_VD_HYO_01_NA_PWS_D&url2=paiement-securise.nutriorigines.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nutriorigines072.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:41:43 GMT
content-encoding: gzip
server: Google Frontend
age: 253
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 830c5fa0c130d6225fad25a156e4b46d
cache-control: public, max-age=300
content-length: 5417
expires: Sun, 28 Jan 2024 05:46:43 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 49D7 4 KB
2 KB 18ms
18ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://nutriorigines072.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 118
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sun, 28 Jan 2024 05:43:58 GMT
etag: "OMWYXg"
expires: Sun, 28 Jan 2024 05:48:58 GMT
server: Google Frontend
x-cloud-trace-context: fb1486b275a6bedeef8391293358a479

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3ABA189723514EE0B9C06E8A97670475&RedC=c.clarity.ms&MXFR=2E8D752C8F28615B209D61388B286F7C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3ABA189723514EE0B9C06E8A97670475&MUID=2F39365805396D7427C9224C04526CD6

42 B
441 B

30ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3ABA189723514EE0B9C06E8A97670475&MUID=2F39365805396D7427C9224C04526CD6
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:55 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:45:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C43097C8E1E461A8C07296A147E9648 Ref B: FRAEDGE1107 Ref C: 2024-01-28T05:45:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3ABA189723514EE0B9C06E8A97670475&MUID=2F39365805396D7427C9224C04526CD6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d
i.vimeocdn.com/video/ Frame 1ADC 23 KB
23 KB 7ms
7ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d?mw=1100&mh=619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3bc6c4247f1806e1809a005cca968eb8576c4ae288c3623784a2b2b1d59789a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:56 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 23388
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210150-DFW, cache-fra-eddf8230072-FRA
x-timer: S1706420757.505568,VS0,VE0
etag: "5bdfb1fc6ecd07907bba447408e72d9e"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d
i.vimeocdn.com/video/ Frame 1ADC 2 KB
2 KB 13ms
13ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1755265733-68c720145cafb5577b13f64408480d25cc46894a9314c66dd16f522791c203ea-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.3/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4faa551d5574fa31c14910df0ed2e11bd4b887914085ef4ee8779e63b37f468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:45:56 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 427993
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1697
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210079-DFW, cache-fra-eddf8230072-FRA
x-timer: S1706420757.520649,VS0,VE0
etag: "acbd899cd8599d8e05efed918cc3477f"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 39, 2

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
448 B 137ms
137ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=XWdEUHa7uLKCH7QEGAzwUR&kind=timer&label=lb_embed_leadbox_load&value=721.8000001907349
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:56 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.dossiers-bien-etre.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 010avi58i44eq5fgp2r0

GET
H2 204 unip Show response
trc-events.taboola.com/1486123/log/3/ 0
255 B 69ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1486123/log/3/unip?en=pre_d_eng_tb&tos=1578&scd=0&ssd=1&est=1706420755496&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1706420757074&vi=1706420755494&ri=bba368ea6c94419c5c467d0e9be3ad78&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1477080/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.dossiers-bien-etre.com
pragma: no-cache
date: Sun, 28 Jan 2024 05:45:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
306 B 98ms
98ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dossiers-bien-etre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.dossiers-bien-etre.com
Date: Sun, 28 Jan 2024 05:45:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
306 B 98ms
97ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dossiers-bien-etre.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.dossiers-bien-etre.com
Date: Sun, 28 Jan 2024 05:45:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
448 B 131ms
131ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=aBSTkp6X7tWiKuLxtsXA8C&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=65.70000076293945,36.59999942779541,1,408.8999996185303
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:45:59 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.dossiers-bien-etre.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 010aviups09j2frvtvsg

GET
H2 204 unip Show response
trc-events.taboola.com/1486123/log/3/ 0
253 B 15ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1486123/log/3/unip?en=pre_d_eng_tb&tos=4579&scd=0&ssd=1&est=1706420755496&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1706420760075&vi=1706420755494&ri=bba368ea6c94419c5c467d0e9be3ad78&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1477080/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.dossiers-bien-etre.com
pragma: no-cache
date: Sun, 28 Jan 2024 05:46:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame E080 35 B
448 B 130ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=AbmeLvCsh26ZjUbca2jpCH&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=19.100000381469727,28.90000057220459,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nutriorigines072.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 05:46:00 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://nutriorigines072.lpages.co
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 010avj04ons1aps453cg

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 21ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6QN5BG1M4&gtm=45je41o0v881637661&_p=1706420755355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1755280004.1706420756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=4&sid=1706420755&sct=1&seg=0&dl=https%3A%2F%2Fwww.dossiers-bien-etre.com%2Fvideo-decouverte-beaute-a%3Fsalescode%3DK_202401_VD_HYO_01_NA_PWS_D%26url2%3Dpaiement-securise.nutriorigines.com%26bdc2%3DHYO-20228810508355%26ci%3D2URFGBU1%26e%3Dmefum9hnqgd8l7z%26qci%3D80c3033d-c7e6-40a5-8dd4-bb037fbd9687&dt=Finis%20les%20cr%C3%A8mes%2C%20s%C3%A9rums%2C%20liftings%C2%A0%3A%20voici%20le%20ph%C3%A9nom%C3%A8ne%20am%C3%A9ricain%20qui%20arrive%20en%20France&en=origine_PWS&epn.percent_scrolled=90&_et=1&tfd=5702
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6QN5BG1M4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dossiers-bien-etre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 05:46:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dossiers-bien-etre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 18:01:47	Name: view.bVHnivHeudQvsRuMnDoiH5-default-prop.m9L7izjdULsBFtnVLkYfFX Value: 1706420756000
.notretemps.com/	1970-01-21 03:21:56	Name: AMCV_551310525D816F350A495C48%40AdobeOrg Value: MCMID%7C35831036022913761272500333387667996671
.notretemps.com/	1969-12-31 23:59:59	Name: nlid Value: 8d4ea63b\|6283d355
.notretemps.com/	1970-01-21 03:21:56	Name: nllastdelid Value: 6283d355
.pwspace.com/	1970-01-21 02:45:56	Name: pstuid Value: 06e72f51-9ddb-4af6-b252-adea22a6e5ec
.vimeo.com/	1970-01-20 18:00:22	Name: __cf_bm Value: N7tu9sqmfju7qIHO8V6x7rliQxZ.X1gb1fFLLJGyn3w-1706420755-1-AYPJefmUOR68xhJ7NrymUkp8HBYQ7r5+nvecDZPjT3gLhE1vfSGdGjQRI0pNqUjbuER83GywpjG0MhutGNVQxwY=
.dossiers-bien-etre.com/	1970-01-20 20:09:56	Name: _gcl_au Value: 1.1.1585570180.1706420755
js.center.io/	1970-01-21 03:36:20	Name: centerVisitorId Value: 6CJMUUPqeMzzgpkRDQEbS7
.dossiers-bien-etre.com/	1970-01-21 03:36:20	Name: _ga Value: GA1.1.1755280004.1706420756
.dossiers-bien-etre.com/	1970-01-21 03:36:20	Name: _ga_H6QN5BG1M4 Value: GS1.1.1706420755.1.0.1706420755.60.0.0
.dossiers-bien-etre.com/	1970-01-20 18:01:47	Name: _uetsid Value: 813f2760bda011ee84a3376da950a78e
.dossiers-bien-etre.com/	1970-01-21 03:21:56	Name: _uetvid Value: 813f51c0bda011ee99305bd57aabc9a9
.doubleclick.net/	1970-01-20 18:00:21	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 03:21:56	Name: MUID Value: 2F39365805396D7427C9224C04526CD6
.nutriorigines.com/	1970-01-20 18:01:47	Name: salescode Value: K_202401_VD_HYO_01_NA_PWS_D
www.clarity.ms/	1970-01-21 02:45:56	Name: CLID Value: f0626f2f2f224b5c976bc4a6ee7bf0f9.20240128.20250127
.dossiers-bien-etre.com/	1970-01-20 20:09:56	Name: _fbp Value: fb.1.1706420755803.1003186854
.dossiers-bien-etre.com/	1970-01-21 02:45:56	Name: _clck Value: 1pzwqgk%7C2%7Cfis%7C0%7C1488
.vimeo.com/	1970-01-21 03:36:20	Name: vuid Value: pl546219467.1392098708
www.dossiers-bien-etre.com/	1970-01-20 18:00:21	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1706420755939%7D
.c.bing.com/	1970-01-20 18:10:25	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:21:56	Name: SRM_B Value: 2F39365805396D7427C9224C04526CD6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:21:56	Name: MUID Value: 2F39365805396D7427C9224C04526CD6
.c.clarity.ms/	1970-01-20 18:10:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:00:21	Name: ANONCHK Value: 0
.dossiers-bien-etre.com/	1970-01-20 18:01:47	Name: _clsk Value: 1pfbir2%7C1706420756380%7C1%7C1%7Cx.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/964086087604526?v=2.9.143&r=stable&domain=www.dossiers-bien-etre.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pwspace.com
amplify.outbrain.com
api.leadpages.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.info-contenu.io
cdn.taboola.com
connect.facebook.net
embed.lpcontent.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
js.center.io
lh3.googleusercontent.com
nutriorigines072.lpages.co
player.vimeo.com
profil.nutriorigines.com
region1.analytics.google.com
static.leadpages.net
stats.g.doubleclick.net
t.prod1.emailing.notretemps.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
vimeo.com
wave.outbrain.com
www.clarity.ms
www.dossiers-bien-etre.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.clarity.ms
141.226.228.48
146.75.122.109
151.101.192.217
151.101.65.44
162.159.138.60
184.30.17.67
20.114.190.119
2001:4860:4802:34::36
2001:4860:4802:36::15
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.107.203.240
34.120.202.204
34.22.248.172
35.192.151.63
35.202.21.90
54.216.123.12
64.202.112.255
65.9.95.57
65.9.95.67
65.9.95.75
68.219.88.97
065c329311e6774e8a2ecdaf9a94defdccebb11c5a26f0885b58b026539315dd
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1588176e2e6569d6ee5f2e72ef3b540b765be8f100e541e8c2f851079537a5fa
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22666687e2bb5ee2edce6ed9413e9cd8e9b891a07cf6dc6fba02ed344316edef
24cde26cc396de1fd19aa2bebd305385b2ace5a5004eca2368e3ea777e28615f
30c0897b0bddf32fb000c7cd1dab6e515ee7f602c2d83b0bf739061c483fdd7c
3adf63fc4f7e3967e211fd27f1bb1fed3708b599e0f6145680d6f2303631281b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479b8b3d4149c22bc32a2f48439620c9cb605505d59741aa693380eec7ae299a
4bc0d265e79f610e41f5e1fe0e0b2fc1b6e3ede2eddc36f47423d0da461249e1
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
58cb52af6d3baa234d7af38e71f7c9a958f4642e342833c11ea44cede2c32b17
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74172e0e66a91ae31f484c24118bb29fd4a6df75fdff51e2438e90839953be69
74c8268a1a83bab2696362300fb2f7754a3696e143b550c707d7fd7656dfe301
8069b0c58836836ac39bcfadaf677fad05fdf283d7d065d818f66a339bd7d144
8da67f3e04c7509b773e6c9ebf0fc38b728d29f8e2c50983ac8002c2d2f74c8e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
938a167badf6d5a57844d5619ebf6c1e0c6330d442bdc654c36f7b42386a402a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a68cec33e03c7091446f0dfa07432167d713144061efd8a6c1df1a7c517b79c3
b21ef5f944698b476cebea28d628ad623311c3f4b32a26a8b5a332bbf9aade0a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b677b037949aba1f7544a516877f949d24289acfb2e2922e06016e9f411711cd
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c4faa551d5574fa31c14910df0ed2e11bd4b887914085ef4ee8779e63b37f468
c5eb8e387931fea9a69d437c805cabb684693d72673bb92677861566babacaf5
c75119b978a1a251657dc1c55376db3171488ffd9abc964c1027c6f411c60342
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d0c203a04a5841f6b399677879a9b044ad96f3b130e3ef1e55a38038e5166bed
dbe0a5dc04729c0e149e2c370b0665ed72aa183f5c0e49a76faa12633d67f8f5
e2add6436b4db900a7af6d661985a3e8b23c1063fdbb506cc2d00af1ecf08143
e2e9253f380f2367ceb6ca2bd3090bcff80b1ae2a832f9a34b793edc6bb4d0c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc6c4247f1806e1809a005cca968eb8576c4ae288c3623784a2b2b1d59789a
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
ea0f4f0a68acff16582e5a22d07f5585256223522da465127e9c1a28de593e80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f56ddd8dafec1c5b307b9313fdeb3a25769556bcc38e342d04aec28147a6c0b3

www.dossiers-bien-etre.com Open in urlscan Pro 65.9.95.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

45 %IPv6

25 Domains

38 Subdomains

31 IPs

6 Countries

1120 kBTransfer

3416 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dossiers-bien-etre.com Open in urlscan Pro
65.9.95.57 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

45 %
IPv6

25
Domains

38
Subdomains

31
IPs

6
Countries

1120 kB
Transfer

3416 kB
Size

27
Cookies

79 HTTP transactions
0 data transactions