blog.revue-bien-etre.com Open in urlscan Pro
2600:9000:206f:1600:b:88fe:db00:93a1  Public Scan

Submitted URL: https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2
Effective URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Submission: On November 12 via manual from US — Scanned from DE

Summary

This website contacted 14 IPs in 2 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2600:9000:206f:1600:b:88fe:db00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is blog.revue-bien-etre.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 8th 2024. Valid for: a year.
This is the only time blog.revue-bien-etre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2600:9000:236... 16509 (AMAZON-02)
3 2600:9000:206... 16509 (AMAZON-02)
3 2600:9000:275... 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
5 23.218.209.87 16625 (AKAMAI-AS)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 157.240.253.1 32934 (FACEBOOK)
2 2600:9000:223... 16509 (AMAZON-02)
5 2600:9000:214... 16509 (AMAZON-02)
2 18.172.112.18 16509 (AMAZON-02)
1 2 64.202.112.191 22075 (AS-OUTBRAIN)
1 151.101.130.132 54113 (FASTLY)
2 157.240.253.35 32934 (FACEBOOK)
10 18.172.112.83 16509 (AMAZON-02)
3 172.175.38.6 8075 (MICROSOFT...)
44 14
Apex Domain
Subdomains
Transfer
13 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d33vglzdi1uj1c.cloudfront.net
d3syewzhvzylbl.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
1 MB
12 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1510
217 KB
8 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3713
wave.outbrain.com — Cisco Umbrella Rank: 4615
tr.outbrain.com — Cisco Umbrella Rank: 3598
paid.outbrain.com — Cisco Umbrella Rank: 9422
12 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 722
k.clarity.ms — Cisco Umbrella Rank: 9224
29 KB
3 revue-bien-etre.com
blog.revue-bien-etre.com
38 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
211 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
74 KB
2 prouseum-cheads.xyz
prouseum-cheads.xyz — Cisco Umbrella Rank: 873936
1 KB
44 8
Domain Requested by
12 js.stripe.com d33vglzdi1uj1c.cloudfront.net
js.stripe.com
5 d1yei2z3i6k35z.cloudfront.net blog.revue-bien-etre.com
3 k.clarity.ms d33vglzdi1uj1c.cloudfront.net
3 wave.outbrain.com amplify.outbrain.com
3 d33vglzdi1uj1c.cloudfront.net blog.revue-bien-etre.com
3 d3fit27i5nzkqh.cloudfront.net blog.revue-bien-etre.com
d33vglzdi1uj1c.cloudfront.net
3 blog.revue-bien-etre.com d33vglzdi1uj1c.cloudfront.net
2 www.facebook.com blog.revue-bien-etre.com
2 tr.outbrain.com 1 redirects amplify.outbrain.com
2 d3syewzhvzylbl.cloudfront.net blog.revue-bien-etre.com
2 connect.facebook.net blog.revue-bien-etre.com
connect.facebook.net
2 www.clarity.ms blog.revue-bien-etre.com
www.clarity.ms
2 amplify.outbrain.com blog.revue-bien-etre.com
d33vglzdi1uj1c.cloudfront.net
2 prouseum-cheads.xyz 2 redirects
1 paid.outbrain.com blog.revue-bien-etre.com
44 15

This site contains no links.

Subject Issuer Validity Valid
blog.revue-bien-etre.com
Amazon RSA 2048 M02
2024-05-08 -
2025-06-06
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-14 -
2024-12-14
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-21 -
2024-11-19
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-10-30 -
2025-02-06
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 11 frames:

Primary Page: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Frame ID: C4E16A0A31623350150FE21668BA2845
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-52bb9961886364429336a5e4c538a8fe.html
Frame ID: 33B200123BD5ECEA8929218F134D566D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-express-checkout-7dacf6ebdac57f76cc50761d67123b83.html
Frame ID: 31F80BE3CDE3C708934F065498138EA6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
Frame ID: 258673A2CD36A52058949EC8AE50BBFA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
Frame ID: A5AC06C8C984DA07E6D51200CB565B4C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
Frame ID: F35FC7F467AA989DBD4C34F78203E87E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-43a12a58c041a28a5c491a4f5caa615c.html
Frame ID: 17F6EBF738C49893579C64BC6975D5CC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
Frame ID: 4F991DB8CF78BE38E3DE779082281C88
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
Frame ID: F102DE34694940D12A9D16A10DC52CB1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
Frame ID: 0A9F4D4AFF3C9B5A464E7AA1C38B3027
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 644109FD1C2C10A8C82EDBC3579931AB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Commandez votre TeethCare

Page URL History Show full URLs

  1. https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2 HTTP 307
    https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55/2?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2 HTTP 302
    https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

44
Requests

98 %
HTTPS

47 %
IPv6

8
Domains

15
Subdomains

14
IPs

2
Countries

1884 kB
Transfer

4746 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2 HTTP 307
    https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55/2?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2 HTTP 302
    https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://tr.outbrain.com/unifiedPixel?au=false&bust=037550053380977766&referrer=&marketerId=00afcfd5dca4e05225ce825b21d43f50b8%2C00a7223f4641934e3f11537ebbf49e2e37%2C006a02f71ba86085f0356d232b66c8c219&name=PAGE_VIEW&dl=https%3A%2F%2Fblog.revue-bien-etre.com%2Fteethcare-paiement%3Fclick_id%3Dwjkuj98kr1frh9i53sn1fs3v&g=0&zone=euZone1&obApiVersion=1.1&obtpVersion=2.0.5 HTTP 302
  • https://paid.outbrain.com/network/trigger?trigger_data=0

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request teethcare-paiement
blog.revue-bien-etre.com/
Redirect Chain
  • https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2
  • https://prouseum-cheads.xyz/08859e4d-337e-4cdb-8f98-6a7a99f33e55/2?_kx=vCxRLnNApERvrVcSldv2fg.RegkW2
  • https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
177 KB
31 KB
Document
General
Full URL
https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1600:b:88fe:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e83acad1c92b66b20ee9d05bb1dbf94bb7695ab633f82b226ce123aec6adfdfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Nov 2024 17:52:33 GMT
server
nginx/1.24.0
vary
Accept-Encoding
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-id
f_5JMaTfaVPOfItcLLbjGCK6XelY1VbT9bDPDgwydLJcXp1vLXyR0A==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 12 Nov 2024 17:52:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
pragma
no-cache
server
nginx
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-id
wSiTC36y-73RqmXNAcGT9MJ0gmRVbDx4JYK28KaAkK6xlAcfS-CSwA==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/
486 KB
81 KB
Stylesheet
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:f600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

cache-control
max-age=31536000,public
content-encoding
gzip
etag
W/"325672b036bab9b57f6873aed5eccc43"
age
10334103
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
bPUff94iO8MlGWwXDEAIUb1gAYoSNkjZkDavX1YQ3T0LZh2jm4KSqQ==
date
Tue, 16 Jul 2024 03:17:31 GMT
content-type
text/css
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding, Origin
runtime.5b9b08486eb6a6315d39.js
d33vglzdi1uj1c.cloudfront.net/
3 KB
2 KB
Script
General
Full URL
https://d33vglzdi1uj1c.cloudfront.net/runtime.5b9b08486eb6a6315d39.js
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:be00:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5f890d304a41e247309b08aa70cdad3145706151b56059098ca8887094693a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
gzip
x-amz-meta-codebuild-content-md5
296f34c2ed808597075e991027f99006
etag
W/"12d74e7c990c2e277e66b4ae3cf11534"
age
56518
x-cache
Hit from cloudfront
x-amz-cf-id
SO4qxsITcpvpPDd_9zVMA1srnwg9g-0U4FixLSgdt8AJE8sejVurYw==
date
Tue, 12 Nov 2024 02:10:38 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:b18b2c71-a320-45f3-8675-eef6c3c178c8
vary
accept-encoding, Origin
content-type
application/x-javascript
last-modified
Fri, 08 Nov 2024 10:33:09 GMT
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-meta-codebuild-content-sha256
b4357c0106c7aaf506f62e2281bea62ab8aecb24f6b4b4d8f3e4e4895824c4b5
x-amz-server-side-encryption
AES256
page.80b095413cfa945f0a50.js
d33vglzdi1uj1c.cloudfront.net/
1022 KB
174 KB
Script
General
Full URL
https://d33vglzdi1uj1c.cloudfront.net/page.80b095413cfa945f0a50.js
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:be00:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28dc48963268fc6e94ca565784c1d950d2c4e6804333de3e27a8c1644414a09f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
br
x-amz-meta-codebuild-content-md5
701cc2c652c28b2526c467ccb719a027
etag
W/"19714256dcc003fca77f290a2a1569b9"
age
31060
x-cache
Hit from cloudfront
x-amz-cf-id
mnMAbZSg1nTl8R_QCoRr7mtr8DLXwOE2FNyNtyEyI96xIjaUjA4PDQ==
date
Tue, 12 Nov 2024 09:14:54 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:d60a5124-358f-4025-93d1-8c6f25977323
vary
accept-encoding, Origin
content-type
application/x-javascript
last-modified
Tue, 12 Nov 2024 09:08:49 GMT
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-meta-codebuild-content-sha256
fb89dd931556dae539ad2b6c9e37ca901dcb9dbd9e729adfc187348c04d5a7d3
x-amz-server-side-encryption
AES256
vendors~page.1a6e6e90d905f027a993.js
d33vglzdi1uj1c.cloudfront.net/
808 KB
243 KB
Script
General
Full URL
https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:be00:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55b69dbd40c5e9ae07487a0258cdaedb329286d46bda837e8b5ec7b11c11b5f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
gzip
x-amz-meta-codebuild-content-md5
296f34c2ed808597075e991027f99006
etag
W/"dd136cd7aa920e8f9735bdd278033264"
age
56312
x-cache
Hit from cloudfront
x-amz-cf-id
kf8tkh5huugix06VFqojueT3hdhpPcFC7rcsaKawlKy5E4e1HheS5w==
date
Tue, 12 Nov 2024 03:15:44 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:b18b2c71-a320-45f3-8675-eef6c3c178c8
vary
accept-encoding, Origin
content-type
application/x-javascript
last-modified
Fri, 08 Nov 2024 10:33:10 GMT
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-meta-codebuild-content-sha256
b4357c0106c7aaf506f62e2281bea62ab8aecb24f6b4b4d8f3e4e4895824c4b5
x-amz-server-side-encryption
AES256
obtp.js
amplify.outbrain.com/cp/
30 KB
10 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f76bcf5ed9ce17975c95265a4a56ea171b80d6530564b86936ab1da6bdccfd3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"41e730392bc1cbca795ee81659f83e27:1730623230.160237"
Connection
keep-alive
Expires
Tue, 12 Nov 2024 18:12:33 GMT
Accept-Ranges
bytes
X-CC
DE
Content-Length
9303
X-RG
EU
Date
Tue, 12 Nov 2024 17:52:33 GMT
Content-Type
application/x-javascript
Last-Modified
Sun, 03 Nov 2024 08:37:20 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
ed7ldx9sue
www.clarity.ms/tag/
604 B
860 B
Script
General
Full URL
https://www.clarity.ms/tag/ed7ldx9sue
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
779ceb7bd2600957c2c49f47bb8d0495ba921ac0270fc1a6de8912a4b8eacfe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
604
date
Tue, 12 Nov 2024 17:52:33 GMT
content-type
application/x-javascript
x-azure-ref
20241112T175233Z-r1cc785864994zw7hC1FRAqyg400000000kg00000000qddt
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dueAGJIj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 17:52:33 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dueAGJIj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4461, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
NKY8mTXRTBzSdZl79Lfa8A6Ca0zU1Gkk0AdmdjxNZCicSFBcYUyZN5BrnaLRFyMzMgbNOnARuQpt31+D9WJJ9g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/
54 KB
54 KB
Font
General
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/regular.woff2
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://blog.revue-bien-etre.com
Referer
https://blog.revue-bien-etre.com/

Response headers

access-control-max-age
31536000
etag
"39cdece7149132b8bce63dc6e5d36c9a"
age
55575
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
jQa9qZ8T_OG22xIqiUPEpGxyAcKMqYE1LIlTDvvz3W1hLWRYS6deBA==
date
Tue, 12 Nov 2024 02:27:25 GMT
content-type
font/woff2
vary
accept-encoding
last-modified
Fri, 14 Apr 2023 06:24:30 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
55160
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
61add6f8c3cb1_Logo.png
d1yei2z3i6k35z.cloudfront.net/1012525/
155 KB
156 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/61add6f8c3cb1_Logo.png
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6bae987d4d5581316176a7503d88f47fc846fbbf105c905f19dac0df06391a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

x-robots-tag
noindex
cache-control
max-age=31536000
etag
"72085d86530d69228287c95014a07822"
age
4890166
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
158908
x-amz-cf-id
EqavkBGoZvq9Q_3dWgRzzvhOFLZ3i4QJ7leJhhj-k01-GE51MDuuUA==
date
Tue, 17 Sep 2024 03:29:48 GMT
content-type
image/png
last-modified
Mon, 06 Dec 2021 09:25:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Origin
620142e9a6e06_checkouttest1.png
d1yei2z3i6k35z.cloudfront.net/1012525/
452 KB
453 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/620142e9a6e06_checkouttest1.png
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c09d8ea8d7c3f68002d18059295a733a4dcc2e096464d0efbd35b0dfae99cf03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

x-robots-tag
noindex
cache-control
max-age=31536000
etag
"139a2ac4d0146da510b366e3380643e9"
age
2447292
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
462671
x-amz-cf-id
_nhfBSXrsxXaM4ddg1HwAl55_S4VyDJJn5JoaoXzRNNkOqmtwAAYzQ==
date
Tue, 15 Oct 2024 10:04:22 GMT
content-type
image/png
last-modified
Mon, 07 Feb 2022 16:03:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Origin
6068ba7cb11c8_badge_50off.png
d1yei2z3i6k35z.cloudfront.net/893893/
2 KB
3 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/893893/6068ba7cb11c8_badge_50off.png
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26bbce462a88585993ead0f33bcbef4c421ade8c386ed1096dde646808eaec55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

x-robots-tag
noindex
cache-control
max-age=31536000
etag
"51ea33b30dfa6938935ca12a7f2c53ec"
age
1239227
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2231
x-amz-cf-id
VqfKwYj2vGTPKxZRKLdP0ZFiehwTVsnrQ0v3IzOnixQnjuUjYqqWDg==
date
Tue, 29 Oct 2024 09:38:47 GMT
content-type
image/png
last-modified
Sat, 03 Apr 2021 18:57:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Origin
61add364b7003_product1.png
d1yei2z3i6k35z.cloudfront.net/1012525/
327 KB
328 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/61add364b7003_product1.png
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef2144c1546be86d52d2fcc091abb38356a2e1c149dc15db103f7ba579842ede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

x-robots-tag
noindex
cache-control
max-age=31536000
etag
"a8e95fc8945a8d2bc911dd31561c33dd"
age
461891
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
335055
x-amz-cf-id
d6rFOWkTtWZFqt1WHWDILl0ODiMLEBJ3-wAcCix9QPibCkt5ryOQDw==
date
Thu, 07 Nov 2024 09:34:23 GMT
content-type
image/png
last-modified
Mon, 06 Dec 2021 09:09:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Origin
606ef86dc5a17_security-logos.png
d1yei2z3i6k35z.cloudfront.net/893893/
3 KB
4 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/893893/606ef86dc5a17_security-logos.png
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7143d34ebb2eaeda71b1957a9517b4a555f617b60bacb600aa63608e55d0176

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

x-robots-tag
noindex
cache-control
max-age=31536000
etag
"f89a11d9f0a8f547176140fca32b0063"
age
4873068
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3532
x-amz-cf-id
a0jJ11BtB2zLgDm-PlhMJGKTYZA8fUcyijXZ_rMRJC1vXDLPDINrww==
date
Tue, 17 Sep 2024 08:14:46 GMT
content-type
image/png
last-modified
Thu, 08 Apr 2021 12:34:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Origin
208992485486094
connect.facebook.net/signals/config/
68 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/208992485486094?v=2.9.176&r=stable&domain=blog.revue-bien-etre.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
17c1d60a8673c85f62aca80fdd9b0c14ad23f00629d214c92457b3e482356a5c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2p4kD9Eq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 17:52:33 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2p4kD9Eq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=77, mss=1232, tbw=70913, tp=67, tpl=0, uplat=118, ullat=0
pragma
public
x-fb-debug
9nSTLRCL6q8aKa3T10VASpsPMdg3uFb0ufcbZjagKvBru8ezxAsNVuQC1R2naiFdTf8F/lDXIOUjf0PCLF3GlQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
v3
js.stripe.com/
684 KB
180 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-18.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
12c36a25e1d34c128839e6020f8bbabfc7c313852d1b6d23e5e9550fb98e9191
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
br
etag
W/"d67caab47663a660a3445da2aea34af2"
age
55
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
919bu6eTtpo7MJ6iI84EnEwmZTPZUujwYAZCh8xeu_OX2MK2qRr8aw==
date
Tue, 12 Nov 2024 17:52:32 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 22:15:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P8
server
Cloudfront
calculate-price
blog.revue-bien-etre.com/api/payment/
465 B
496 B
XHR
General
Full URL
https://blog.revue-bien-etre.com/api/payment/calculate-price
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1600:b:88fe:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
040169d915520b3bbf4df23d08f6d7a0c77fd964d7ee6289189d604e06129769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cache-control
no-cache, private
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
OKO6ImE_3ddH5Bn3kuQxhcCNz2NwUipP55kFZ0rSvOUqMXhR2vKHug==
date
Tue, 12 Nov 2024 17:52:34 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Accept-Encoding
server
nginx/1.24.0
x-amz-cf-pop
FRA56-C1
stripe.css
d3fit27i5nzkqh.cloudfront.net/assets/css/
591 B
964 B
Stylesheet
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/stripe.css?ver=1.1
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:f600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b8142e6bddc486aceb60f08e01fca23ac364c4c7ff2ab37e3fc2400a0686ccf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

vary
accept-encoding, Origin
etag
"be1e501effe7eaf777a718cf530e0223"
age
49910
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
591
x-amz-cf-id
yY7cP_RNBUiJhPzFpzpHXk4boU2pUQOZCUReTdhaOy80mow499YxeA==
date
Tue, 12 Nov 2024 04:01:10 GMT
content-type
text/css
last-modified
Mon, 16 Sep 2024 14:03:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
credit_cards.png
d3fit27i5nzkqh.cloudfront.net/assets/images/payment/
15 KB
16 KB
Image
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/images/payment/credit_cards.png
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:f600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc7931372af8604a96437bad96198101780fc547b3abc4926fa73261cba59fcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

cache-control
max-age=31536000,public
etag
"f1c4d2eb4d0285d37aa387cf115e8f0e"
age
25752459
via
1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15845
x-amz-cf-id
HWXohg49PM1UIEQtLQMN31HRHobLiNzfmhxFEiTB0MuN9IpAuqa5dg==
date
Fri, 19 Jan 2024 16:24:56 GMT
content-type
image/png
last-modified
Wed, 08 Dec 2021 12:39:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
de.svg
d3syewzhvzylbl.cloudfront.net/images/flag-icons/
271 B
712 B
Image
General
Full URL
https://d3syewzhvzylbl.cloudfront.net/images/flag-icons/de.svg
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

access-control-max-age
31536000
etag
"939afd91bea7074f84f4a328ca095295"
age
41312
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
5dcv0HiVZFsoQOLytSIXnBCGMeLx-Gse3JVbZQEEEXKjO0aiM9loHQ==
date
Tue, 12 Nov 2024 06:24:03 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 28 Sep 2023 09:00:50 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
271
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
00afcfd5dca4e05225ce825b21d43f50b8
wave.outbrain.com/mtWavesBundler/handler/
2 B
516 B
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00afcfd5dca4e05225ce825b21d43f50b8
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1731420253632
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Tue, 12 Nov 2024 17:53:34 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
22
X-RG
EU
Date
Tue, 12 Nov 2024 17:52:34 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
96372c1565e7ebef67538b9462d376ec
00a7223f4641934e3f11537ebbf49e2e37
wave.outbrain.com/mtWavesBundler/handler/
2 B
516 B
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00a7223f4641934e3f11537ebbf49e2e37
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1731385753419
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Tue, 12 Nov 2024 17:53:34 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
22
X-RG
EU
Date
Tue, 12 Nov 2024 17:52:34 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
17f73023c1b0cd63b43713d563178496
006a02f71ba86085f0356d232b66c8c219
wave.outbrain.com/mtWavesBundler/handler/
2 B
516 B
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/006a02f71ba86085f0356d232b66c8c219
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1731396466415
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Tue, 12 Nov 2024 17:53:34 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
22
X-RG
EU
Date
Tue, 12 Nov 2024 17:52:34 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
9505cea3f53bf08a21e0e49ea6b7f805
topics
amplify.outbrain.com/
26 B
301 B
Fetch
General
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Tue, 12 Nov 2024 18:12:34 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
26
X-RG
EU
Date
Tue, 12 Nov 2024 17:52:34 GMT
Content-Type
text/html
trigger
paid.outbrain.com/network/
Redirect Chain
  • https://tr.outbrain.com/unifiedPixel?au=false&bust=037550053380977766&referrer=&marketerId=00afcfd5dca4e05225ce825b21d43f50b8%2C00a7223f4641934e3f11537ebbf49e2e37%2C006a02f71ba86085f0356d232b66c8c2...
  • https://paid.outbrain.com/network/trigger?trigger_data=0
43 B
465 B
Fetch
General
Full URL
https://paid.outbrain.com/network/trigger?trigger_data=0
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H2
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-encoding
br
x-timer
S1731433955.758879,VS0,VE90
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, MISS
content-length
49
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"2478679248406830321"}]}
date
Tue, 12 Nov 2024 17:52:34 GMT
content-type
image/gif
x-served-by
cache-lga21955-LGA, cache-fra-etou8220091-FRA
x-cache-hits
0, 0
x-traceid
6ea04552b2984cb9a78df3004a71ccfe
traffic-path
NYDC1, LGA, FRA, Europe1

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
location
https://paid.outbrain.com/network/trigger?trigger_data=0
content-length
0
date
Tue, 12 Nov 2024 17:52:34 GMT
x-traceid
0daaab1bf2e39cd6ce54dc10f29ad08c
cachedClickId
tr.outbrain.com/
35 B
293 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00afcfd5dca4e05225ce825b21d43f50b8,00a7223f4641934e3f11537ebbf49e2e37,006a02f71ba86085f0356d232b66c8c219
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Tue, 12 Nov 2024 17:52:34 GMT
content-type
application/javascript
x-traceid
48dde93472ad17a1b83e666a59dda7bd
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=208992485486094&ev=PageView&dl=https%3A%2F%2Fblog.revue-bien-etre.com%2Fteethcare-paiement%3Fclick_id%3Dwjkuj98kr1frh9i53sn1fs3v&rl=&if=false&ts=1731433954217&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731433954215.375858661764323920&ler=empty&cdl=API_unavailable&it=1731433953468&coo=false&rqm=GET
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4506, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 12 Nov 2024 17:52:34 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
195 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=208992485486094&ev=PageView&dl=https%3A%2F%2Fblog.revue-bien-etre.com%2Fteethcare-paiement%3Fclick_id%3Dwjkuj98kr1frh9i53sn1fs3v&rl=&if=false&ts=1731433954217&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731433954215.375858661764323920&ler=empty&cdl=API_unavailable&it=1731433953468&coo=false&rqm=FGET
Requested by
Host: blog.revue-bien-etre.com
URL: https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436452208214862307"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 17:52:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
lh8ts50IilsXIYabhQRS1N3aFS4GPllYybeGLmXFa/ON1SqX7p8gt4Kic+KHzyvuHR047/hHl1zL07hCAKTAdA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436452208214862307", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4874, tp=13, tpl=0, uplat=138, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
clarity.js
www.clarity.ms/s/0.7.49/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed7ldx9sue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

x-azure-ref
20241112T175234Z-r1cc785864994zw7hC1FRAqyg400000000kg00000000qdgt
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
60713550-a01e-0002-0cf9-349063000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 12 Nov 2024 17:52:34 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
controller-with-preconnect-52bb9961886364429336a5e4c538a8fe.html
js.stripe.com/v3/ Frame 33B2
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-52bb9961886364429336a5e4c538a8fe.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
48
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:51:49 GMT
etag
"52bb9961886364429336a5e4c538a8fe"
last-modified
Mon, 11 Nov 2024 21:31:20 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
x-amz-cf-id
X0k7i5S83Vsqk23Nbh3XQ1e-4kX_HfZrU4h5KmXFwoUVZUaaoiOvwg==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-express-checkout-7dacf6ebdac57f76cc50761d67123b83.html
js.stripe.com/v3/ Frame 31F8
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-express-checkout-7dacf6ebdac57f76cc50761d67123b83.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3459
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
577
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 16:54:56 GMT
etag
"7dacf6ebdac57f76cc50761d67123b83"
last-modified
Mon, 11 Nov 2024 21:31:20 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
x-amz-cf-id
4oxZXOTN3x0VpCW63w9PjTU31A6u0oZpcwm4RxEPfBAWUpHmOq4mHA==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
js.stripe.com/v3/ Frame 2586
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
966
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:31 GMT
etag
W/"f1426df3fbe6bab522615e155332a65a"
last-modified
Mon, 11 Nov 2024 21:31:20 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
x-amz-cf-id
CLGeocni21OA-8jhrSkrDjnSYiOD1I1UXDiplYHQlBGlUV507hTvqg==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
js.stripe.com/v3/ Frame A5AC
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
966
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:31 GMT
etag
W/"f1426df3fbe6bab522615e155332a65a"
last-modified
Mon, 11 Nov 2024 21:31:20 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
x-amz-cf-id
CLGeocni21OA-8jhrSkrDjnSYiOD1I1UXDiplYHQlBGlUV507hTvqg==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
js.stripe.com/v3/ Frame F35F
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-f1426df3fbe6bab522615e155332a65a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
966
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:31 GMT
etag
W/"f1426df3fbe6bab522615e155332a65a"
last-modified
Mon, 11 Nov 2024 21:31:20 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
x-amz-cf-id
CLGeocni21OA-8jhrSkrDjnSYiOD1I1UXDiplYHQlBGlUV507hTvqg==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
k.clarity.ms/
0
288 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://blog.revue-bien-etre.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://blog.revue-bien-etre.com
Date
Tue, 12 Nov 2024 17:52:35 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
k.clarity.ms/
0
288 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://blog.revue-bien-etre.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://blog.revue-bien-etre.com
Date
Tue, 12 Nov 2024 17:52:35 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
610e99b0bb6a7_faviconrevue.png
blog.revue-bien-etre.com/1012525/
6 KB
6 KB
Other
General
Full URL
https://blog.revue-bien-etre.com/1012525/610e99b0bb6a7_faviconrevue.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1600:b:88fe:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b6d03d5a66d298ebf02223ac8296ce952808cae7c2af992692101610b616ecd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/teethcare-paiement?click_id=wjkuj98kr1frh9i53sn1fs3v

Response headers

etag
"ca8d4ba893510ff15fb8a27b5b18f54e"
age
54690
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
6164
x-amz-cf-id
uH7JkKTukQtwd-LkYgk5Hrq3SqQw6s8oD_ICTyMEob32GVxHkuuIZQ==
date
Tue, 12 Nov 2024 02:41:05 GMT
content-type
image/png
last-modified
Sat, 07 Aug 2021 14:33:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
vary
accept-encoding
hcaptcha-invisible-43a12a58c041a28a5c491a4f5caa615c.html
js.stripe.com/v3/ Frame 17F6
0
0
Document
General
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-43a12a58c041a28a5c491a4f5caa615c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-LBcElbsxhqEzHCNoZT7W17jEJblUrli5JLkm2iAG3tk='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
967
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-LBcElbsxhqEzHCNoZT7W17jEJblUrli5JLkm2iAG3tk='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:29 GMT
etag
W/"3cd6113a6b5cfe59f79dca33662a9b47"
last-modified
Mon, 11 Nov 2024 21:31:35 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-cf-id
cQHMi2kTdJKhHwYf7pDBzJ0hpwRU50fE0f2s8rdYFNMuk10MKAkhEQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
phone-numbers-lib-83d27e42ca1e315a3645d261b1fa8bae.js
js.stripe.com/v3/fingerprinted/js/
148 KB
37 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-83d27e42ca1e315a3645d261b1fa8bae.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-18.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7c871ac22da030c8700eeb06ea407294892b75299cf07fb29a1f5b900e45401a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://blog.revue-bien-etre.com/

Response headers

content-encoding
gzip
etag
W/"cb56b5378e094a41f5f71dbea0291836"
age
1656
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KO9KSIfVMCs7njpC86xXnOErU6I8OWd9NzeM7gpLzFvwMYI2ohgRiA==
date
Tue, 12 Nov 2024 17:25:23 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 21:02:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P8
server
Cloudfront
elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
js.stripe.com/v3/ Frame 4F99
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
960
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:44 GMT
etag
W/"d3733fc5ffb42d8002d275bf78ed3668"
last-modified
Mon, 11 Nov 2024 21:31:21 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-cf-id
VncNsdL_dAa0zNdI30fISIO4Ki2Lyx_LU6TdhfZXoFtiRQxgvGjVKQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
js.stripe.com/v3/ Frame F102
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
960
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:44 GMT
etag
W/"d3733fc5ffb42d8002d275bf78ed3668"
last-modified
Mon, 11 Nov 2024 21:31:21 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-cf-id
VncNsdL_dAa0zNdI30fISIO4Ki2Lyx_LU6TdhfZXoFtiRQxgvGjVKQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
js.stripe.com/v3/ Frame 0A9F
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-d3733fc5ffb42d8002d275bf78ed3668.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
960
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:36:44 GMT
etag
W/"d3733fc5ffb42d8002d275bf78ed3668"
last-modified
Mon, 11 Nov 2024 21:31:21 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-cf-id
VncNsdL_dAa0zNdI30fISIO4Ki2Lyx_LU6TdhfZXoFtiRQxgvGjVKQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
k.clarity.ms/
0
288 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://blog.revue-bien-etre.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://blog.revue-bien-etre.com
Date
Tue, 12 Nov 2024 17:52:37 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 6441
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.revue-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1720
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 17:34:02 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 08 Nov 2024 21:02:59 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-cf-id
Y09roKz4rdDzXDHWufFr3FKoP3KgQqFb4xY6G9gekhbZsKq5kyfh7w==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| obApi function| clarity function| fbq function| _fbq object| initialI18nStore string| initialLanguage string| email_input_id string| sms_input_id string| product string| language string| proxy_API string| track_API function| print_infos function| create_profile function| send_tracking object| webpackChunkeditor object| scCGSHMRCache object| regeneratorRuntime number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| apiObj object| webpackChunkStripeJSouter function| noop function| Stripe

7 Cookies

Domain/Path Name / Value
.prouseum-cheads.xyz/ Name: 08859e4d-337e-4cdb-8f98-6a7a99f33e55-v4
Value: cIw6nbaa_s50beR9cyUGerw2u9cnp0ur2wuuYk32xUg
.prouseum-cheads.xyz/ Name: cc-v4
Value: AFM%2F8xMLxPyu69Oq9UNA%2FMTi5UtjVSCGf7lpcKRvMVysF6tgNYBCfWrl5KUjHf%2Bz71ukT7EAbYd9a4c2e%2BiihqM%2FcIeB2cgn0TNEenar7i1zluonpE1YiMpkJDocw2830LZCj%2FluazRMqxxGgQE4lA%3D%3D
blog.revue-bien-etre.com/ Name: purchase_process_id_711079
Value: 835f20fdc7cee1c8
blog.revue-bien-etre.com/ Name: v
Value: 01JCGR2XP321T5Z60CTWMRD7P4
.revue-bien-etre.com/ Name: _fbp
Value: fb.1.1731433954215.375858661764323920
blog.revue-bien-etre.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1731433954637%7D
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRD3X9VpyxxxRT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
blog.revue-bien-etre.com
connect.facebook.net
d1yei2z3i6k35z.cloudfront.net
d33vglzdi1uj1c.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
js.stripe.com
k.clarity.ms
paid.outbrain.com
prouseum-cheads.xyz
tr.outbrain.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
151.101.130.132
157.240.253.1
157.240.253.35
172.175.38.6
18.172.112.18
18.172.112.83
23.218.209.87
2600:9000:206f:1600:b:88fe:db00:93a1
2600:9000:214f:7c00:f:a462:c1c0:93a1
2600:9000:223f:2e00:f:e793:dc40:21
2600:9000:2240:be00:2:5a9d:3800:21
2600:9000:236e:cc00:11:3836:cf00:93a1
2600:9000:275b:f600:1c:d937:ae40:93a1
2620:1ec:bdf::45
64.202.112.191
040169d915520b3bbf4df23d08f6d7a0c77fd964d7ee6289189d604e06129769
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0b8142e6bddc486aceb60f08e01fca23ac364c4c7ff2ab37e3fc2400a0686ccf
12c36a25e1d34c128839e6020f8bbabfc7c313852d1b6d23e5e9550fb98e9191
17c1d60a8673c85f62aca80fdd9b0c14ad23f00629d214c92457b3e482356a5c
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
26bbce462a88585993ead0f33bcbef4c421ade8c386ed1096dde646808eaec55
28dc48963268fc6e94ca565784c1d950d2c4e6804333de3e27a8c1644414a09f
2b6d03d5a66d298ebf02223ac8296ce952808cae7c2af992692101610b616ecd
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
55b69dbd40c5e9ae07487a0258cdaedb329286d46bda837e8b5ec7b11c11b5f5
6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
779ceb7bd2600957c2c49f47bb8d0495ba921ac0270fc1a6de8912a4b8eacfe1
7c871ac22da030c8700eeb06ea407294892b75299cf07fb29a1f5b900e45401a
8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a6bae987d4d5581316176a7503d88f47fc846fbbf105c905f19dac0df06391a4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c09d8ea8d7c3f68002d18059295a733a4dcc2e096464d0efbd35b0dfae99cf03
dc7931372af8604a96437bad96198101780fc547b3abc4926fa73261cba59fcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83acad1c92b66b20ee9d05bb1dbf94bb7695ab633f82b226ce123aec6adfdfa
ef2144c1546be86d52d2fcc091abb38356a2e1c149dc15db103f7ba579842ede
f5f890d304a41e247309b08aa70cdad3145706151b56059098ca8887094693a0
f7143d34ebb2eaeda71b1957a9517b4a555f617b60bacb600aa63608e55d0176
f76bcf5ed9ce17975c95265a4a56ea171b80d6530564b86936ab1da6bdccfd3b