urlscan.io logo urlscan.io
SecurityTrails logo

ma.oriflame.com Open in urlscan Pro
20.93.235.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ma.oriflame.com/
Effective URL: https://ma.oriflame.com/
Submission: On April 17 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 9 domains to perform 152 HTTP transactions. The main IP is 20.93.235.241, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ma.oriflame.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on July 4th 2023. Valid for: a year.
This is the only time ma.oriflame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 20.93.235.241 8075 (MICROSOFT...)
81 2606:2800:233... 15133 (EDGECAST)
22 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 20.103.99.71 8075 (MICROSOFT...)
10 20.93.237.24 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.72 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
2 142.250.181.238 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:235... 16509 (AMAZON-02)
1 172.217.16.132 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
2 18.198.250.204 16509 (AMAZON-02)
2 65.9.66.35 16509 (AMAZON-02)
1 34.22.171.98 396982 (GOOGLE-CL...)
2 35.157.19.189 16509 (AMAZON-02)
152 19
13    20.93.235.241 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ma.oriflame.com
81    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
static.oriflame.com
assets-we-cdn.oriflame.com
api-static.oriflame.com
media-afr-cdn.oriflame.com
media-cdn.oriflame.com
22    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
clientapp-cdn.oriflame.com
2    20.103.99.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
we-api.oriflame.com
10    20.93.237.24 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
graphql-we.oriflame.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:9000:235a:7200:1f:ae8e:2440:93a1 (United States)

ASN16509 (AMAZON-02, US)
d38knilzwtuys1.cloudfront.net
1    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f4.1e100.net
www.google.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.google.ru
2    18.198.250.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-250-204.eu-central-1.compute.amazonaws.com
apps.mypurecloud.de
2    65.9.66.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-35.fra56.r.cloudfront.net
api-cdn.mypurecloud.de
1    34.22.171.98 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.171.22.34.bc.googleusercontent.com
sst.revieve.com
2    35.157.19.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-19-189.eu-central-1.compute.amazonaws.com
apps.mypurecloud.de
Apex Domain
Subdomains		 Transfer
128 oriflame.com
ma.oriflame.com
static.oriflame.com — Cisco Umbrella Rank: 620942
assets-we-cdn.oriflame.com
clientapp-cdn.oriflame.com — Cisco Umbrella Rank: 544468
we-api.oriflame.com
graphql-we.oriflame.com
api-static.oriflame.com — Cisco Umbrella Rank: 465193
media-afr-cdn.oriflame.com
media-cdn.oriflame.com — Cisco Umbrella Rank: 723289
2 MB
6 mypurecloud.de
apps.mypurecloud.de — Cisco Umbrella Rank: 55279
api-cdn.mypurecloud.de — Cisco Umbrella Rank: 116139
81 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
442 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
22 KB
3 cloudfront.net
d38knilzwtuys1.cloudfront.net
31 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
1 revieve.com
sst.revieve.com — Cisco Umbrella Rank: 359632
481 B
1 google.ru
www.google.ru — Cisco Umbrella Rank: 11347
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
356 B
152 9
Domain Requested by
40 api-static.oriflame.com assets-we-cdn.oriflame.com
24 assets-we-cdn.oriflame.com ma.oriflame.com
assets-we-cdn.oriflame.com
22 clientapp-cdn.oriflame.com ma.oriflame.com
clientapp-cdn.oriflame.com
assets-we-cdn.oriflame.com
13 ma.oriflame.com assets-we-cdn.oriflame.com
10 graphql-we.oriflame.com assets-we-cdn.oriflame.com
6 media-cdn.oriflame.com ma.oriflame.com
6 static.oriflame.com ma.oriflame.com
static.oriflame.com
5 media-afr-cdn.oriflame.com ma.oriflame.com
5 www.googletagmanager.com clientapp-cdn.oriflame.com
www.googletagmanager.com
ma.oriflame.com
4 apps.mypurecloud.de clientapp-cdn.oriflame.com
apps.mypurecloud.de
4 www.google-analytics.com ma.oriflame.com
www.google-analytics.com
www.googletagmanager.com
3 d38knilzwtuys1.cloudfront.net assets-we-cdn.oriflame.com
2 api-cdn.mypurecloud.de assets-we-cdn.oriflame.com
2 we-api.oriflame.com assets-we-cdn.oriflame.com
1 sst.revieve.com www.googletagmanager.com
1 www.google.ru ma.oriflame.com
1 www.google.com ma.oriflame.com
1 stats.g.doubleclick.net assets-we-cdn.oriflame.com
1 googleads.g.doubleclick.net www.googletagmanager.com
152 19

This site contains no links.

Subject Issuer Validity Valid
*.oriflame.com
Trusted Secure Certificate Authority 5		 2023-07-04 -
2024-07-16		 a year crt.sh
sni358c2gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-22 -
2025-02-25		 a year crt.sh
sni2a484gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-20 -
2024-06-19		 a year crt.sh
clientapp-cdn.oriflame.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-30 -
2024-10-30		 a year crt.sh
sni33490gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-11-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sni55cbgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-25 -
2025-02-24		 a year crt.sh
sni135a0gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-07-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com.ru
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
mypurecloud.de
Amazon RSA 2048 M02		 2023-08-20 -
2024-09-16		 a year crt.sh
*.revieve.com
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ma.oriflame.com/
Frame ID: 3505755641B5CE374F2EE67C9F59F902
Requests: 134 HTTP requests in this frame

Frame: https://apps.mypurecloud.de/messenger/messenger.html
Frame ID: 657B95605CAA848DF7EACD2F9AFC5389
Requests: 1 HTTP requests in this frame

Frame: https://apps.mypurecloud.de/messenger/messenger-renderer.html
Frame ID: A75289FB34E347A430A66C7B5C25B18F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Oriflame Cosmetics | Oriflame Cosmetics

Page URL History Show full URLs

  1. http://ma.oriflame.com/ HTTP 307
    https://ma.oriflame.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • apps\.mypurecloud\.\w+
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

152
Requests

99 %
HTTPS

33 %
IPv6

9
Domains

19
Subdomains

19
IPs

4
Countries

2817 kB
Transfer

6974 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ma.oriflame.com/ HTTP 307
    https://ma.oriflame.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

152 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ma.oriflame.com/
Redirect Chain
  • http://ma.oriflame.com/
  • https://ma.oriflame.com/
92 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e1902bbfc99185970c00b726dd7d93ca930e073b80bba42c7f981e74ee63930
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control
s-maxage=1200, stale-while-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 17 Apr 2024 21:28:55 GMT
ETag
"vxgzxufgzb205i"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
request-context
appId=cid-v1:
x-nextjs-cache
HIT

Redirect headers

Location
https://ma.oriflame.com/
Non-Authoritative-Reason
HttpsUpgrades
font-sans-ori.css
static.oriflame.com/fonts/v2/ 		1 KB
386 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.oriflame.com/fonts/v2/font-sans-ori.css
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AC) /
Resource Hash
a2aac6320b1399d98e193000ee859ebcfbb4c29b72939e5770487e385d711101

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
content-md5
o3NyudBIIqumAmcnkaTB4A==
age
326445
x-cache
HIT
content-length
261
x-ms-lease-status
unlocked
last-modified
Wed, 10 Apr 2024 13:38:55 GMT
server
ECAcc (ama/48AC)
etag
0x8DC5963915191BD
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
93e25027-501e-0034-6f16-8e53f4000000
cache-control
max-age=604800
x-ms-version
2009-09-19
expires
Wed, 24 Apr 2024 21:28:55 GMT
sans-regular.woff2
static.oriflame.com/fonts/v2/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.oriflame.com/fonts/v2/fonts/sans-regular.woff2
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CF) /
Resource Hash
376b936162580acef2fb006d53dfb5be47031613e2b373411e6f3bf35baab7bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-md5
7gly7J4j6fNmUCw4ga6ckg==
age
325907
x-cache
HIT
content-length
48876
x-ms-lease-status
unlocked
last-modified
Wed, 10 Apr 2024 13:38:55 GMT
server
ECAcc (ama/48CF)
etag
0x8DC5963914CB062
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
07adfc6d-001e-0006-7717-8e5383000000
cache-control
max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 24 Apr 2024 21:28:55 GMT
font-sans-condensed-ori.css
static.oriflame.com/fonts/v2/ 		1 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
a150bb5483cb315d11a809402e98626d9e66a7d2aa1be6afe6cacb55895e4aa6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
content-md5
m8TKYxcl8oGnwcXVvsTPWg==
age
326428
x-cache
HIT
content-length
269
x-ms-lease-status
unlocked
last-modified
Wed, 10 Apr 2024 13:38:55 GMT
server
ECAcc (ama/489D)
etag
0x8DC59639154EC8D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3fd33c6f-901e-0092-4016-8ee4ea000000
cache-control
max-age=604800
x-ms-version
2009-09-19
expires
Wed, 24 Apr 2024 21:28:55 GMT
0bf69f48bfa7bea4.css
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/css/ 		979 B
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/css/0bf69f48bfa7bea4.css
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489B) /
Resource Hash
69c640fc7411481ddfce3e87f9c8d4bfc121c5bbeee048c40e457baa0778e2b7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/489B)
age
1767885
etag
W/"3d3-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
288
request-context
appId=cid-v1:
webpack-87ef72fb46c4c35b.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F5) /
Resource Hash
9aec408f11dbf01d65968b0b6ac966385783b2022bea87dac54894979219c76a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/48F5)
age
1767734
etag
W/"1af5-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
3091
request-context
appId=cid-v1:
framework-71f103e42fd5fcc2.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		147 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/framework-71f103e42fd5fcc2.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48FD) /
Resource Hash
44a3c1b04217cc5427e85f1b2cd5840396e4862ecd76c4c999920e00cec8d442
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Wed, 20 Mar 2024 07:51:40 GMT
server
ECAcc (ama/48FD)
age
2140261
etag
W/"24b8f-18e5ad82ae0"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
47795
request-context
appId=cid-v1:
main-9f556ff80afb4a17.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-9f556ff80afb4a17.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E3) /
Resource Hash
8c9de0958940a236b21de58b5d4060f36b0d9f85dba9cf4abfb9068fdd01ca9d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Wed, 20 Mar 2024 07:51:41 GMT
server
ECAcc (ama/48E3)
age
2140261
etag
W/"1d8bb-18e5ad82ec8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
34665
request-context
appId=cid-v1:
_app-26ae3dd2296770e8.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/ 		295 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AF) /
Resource Hash
81dfdcd201a18edc118a4a57fa07bbdd1da94c525131ac161a9d3c6358694d82
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:56 GMT
server
ECAcc (ama/48AF)
age
1768029
etag
W/"49d30-18e848b75e0"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
97559
request-context
appId=cid-v1:
d49f66ef-58f443a34a63847f.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/d49f66ef-58f443a34a63847f.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488A) /
Resource Hash
1d9a91b98c4d61a2c0d89919072a718fd2cf282df9a3e433b7742d97d27e01b5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Wed, 20 Mar 2024 07:51:39 GMT
server
ECAcc (ama/488A)
age
2140386
etag
W/"1719-18e5ad826f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
1133
request-context
appId=cid-v1:
b146a4c1-4d8c4d09c87a5927.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/b146a4c1-4d8c4d09c87a5927.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D5) /
Resource Hash
c56ef88f573697a7f1942be9714c3a3d0bbed32501f3bd814e3ab6c07f657f5c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/48D5)
age
1767988
etag
W/"18da-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
1311
request-context
appId=cid-v1:
2416-020340acba5bdbb4.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		159 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
824ba8df70d2602971ac123675a4d02311c1158e69d4597963f979833ee4c77d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/489D)
age
1767885
etag
W/"27b1c-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
45800
request-context
appId=cid-v1:
853-9fac0a37077b6e7c.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/853-9fac0a37077b6e7c.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DF) /
Resource Hash
88b6fab9476eff09a650dd87d9f8d8571605336e28cc3a244e2179072013ac66
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48DF)
age
1767730
etag
W/"9e32-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
12630
request-context
appId=cid-v1:
7708-ecf945753d25a439.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		1 MB
363 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/7708-ecf945753d25a439.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C1) /
Resource Hash
a1fd186daf9c21430d06435ffd2ca8f96e43702b2d6aebd0523a1429c3f77f5a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:56 GMT
server
ECAcc (ama/48C1)
age
1767816
etag
W/"12f322-18e848b75e0"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
371025
request-context
appId=cid-v1:
3009-9631ca6a2dbd380e.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/3009-9631ca6a2dbd380e.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488A) /
Resource Hash
476414fa1315ab3614857a4a4acff8f112667bf97bc8106e83bf5add09345006
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:56 GMT
server
ECAcc (ama/488A)
age
1629539
etag
W/"12ac4-18e848b75e0"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
25817
request-context
appId=cid-v1:
%5Blanguage%5D-bd7ed135b0f971ba.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/internal/%5Btenant%5D/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/internal/%5Btenant%5D/%5Blanguage%5D-bd7ed135b0f971ba.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DD) /
Resource Hash
9f1fadf61f30a3aadd8ea1c876ccfcff4ca193d2a5e58ae716b81e457557fb89
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/48DD)
age
1767988
etag
W/"e08d-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
13856
request-context
appId=cid-v1:
_buildManifest.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/sgpzdN3zuDb04m7mYOATl/ 		1 KB
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/sgpzdN3zuDb04m7mYOATl/_buildManifest.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A5) /
Resource Hash
02a2f300d1711ef31b742b54e38dc4777ca7bc8b65fc77bdac0b0a2ae32fc5d3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/48A5)
age
1767885
etag
W/"4ea-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
538
request-context
appId=cid-v1:
_ssgManifest.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/sgpzdN3zuDb04m7mYOATl/ 		138 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/sgpzdN3zuDb04m7mYOATl/_ssgManifest.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489E) /
Resource Hash
a63ededc02db05692509d12688ace4b334aeee7d6f0cc6c43adfe2b3fb7fcd4b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/489E)
age
1767988
etag
W/"8a-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="{}"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
content-length
107
request-context
appId=cid-v1:
index.js
clientapp-cdn.oriflame.com/analytics-provider/ 		630 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/analytics-provider/index.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47e8bf09cd6d76b9e46274c04450f4ebbb0732705ff71bb1347e6256c630b580

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
630
x-ms-lease-status
unlocked
last-modified
Thu, 08 Feb 2024 10:32:45 GMT
etag
0x8DC289149AA9AC2
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpg
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1c2ab67f-801e-0037-218f-8d3146000000
cache-control
public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
sans-bold.woff2
static.oriflame.com/fonts/v2/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.oriflame.com/fonts/v2/fonts/sans-bold.woff2
Requested by
Host: static.oriflame.com
URL: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DC) /
Resource Hash
4c18728afd784259d9f58cb89e53a1a9de32a13096a6507ea8662337c40a842d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://static.oriflame.com/fonts/v2/font-sans-ori.css
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-md5
lqYUnDoO1x2RJ1n+GwJ5mg==
age
325907
x-cache
HIT
content-length
51124
x-ms-lease-status
unlocked
last-modified
Wed, 10 Apr 2024 13:38:55 GMT
server
ECAcc (ama/48DC)
etag
0x8DC5963915561B6
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
c8b97eb3-a01e-006d-6e17-8ed477000000
cache-control
max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 24 Apr 2024 21:28:55 GMT
index.js
clientapp-cdn.oriflame.com/static/analytics-provider/2.2.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/analytics-provider/2.2.0/index.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/analytics-provider/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8665666021c96cea85a8e428955679cc38706a90ab218a093d1d1f72ff6db777

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
br
last-modified
Thu, 08 Feb 2024 10:31:15 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpk
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
de8127e8-701e-0051-2e81-8d7e66000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
atpClusters
we-api.oriflame.com/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://we-api.oriflame.com/live/atpClusters?customerId=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.103.99.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,x-tenant-context
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://ma.oriflame.com
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Apr 2024 21:28:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Origin
graphql
graphql-we.oriflame.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-client-application,x-tenant-context
Access-Control-Request-Method
POST
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-client-application,x-tenant-context
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Apr 2024 21:28:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Access-Control-Request-Headers
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
9681.7392ac0f455a114a.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/9681.7392ac0f455a114a.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
ede56e45a1aaf07e7e0d0ddfffea0e7f88e1543f156fe49d235cb6435b5b3234
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48CC)
age
1766846
etag
W/"578d-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
8345
request-context
appId=cid-v1:
5871.2a440fbbc600b187.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/5871.2a440fbbc600b187.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48FB) /
Resource Hash
ccdc303bca1ab049dcf7770ef10119acb549dd918751ec33ea5e8641bd5e2244
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48FB)
age
1766846
etag
W/"5038-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
6746
request-context
appId=cid-v1:
ori_whats-new-component.bc941e03fc6aba93.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ori_whats-new-component.bc941e03fc6aba93.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F7) /
Resource Hash
3e55e9264cb946bfc827cebf1d1f7085c8268b38ef51d18f84d1c4a10be87b51
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48F7)
age
1766846
etag
W/"b488-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
12552
request-context
appId=cid-v1:
3904.348eba2189d82b1c.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/3904.348eba2189d82b1c.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A0) /
Resource Hash
06d46fbb7a9ec8a6db527c54acc5151fc40328ff3efdb2eb2e8ab2eb41b46ba2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48A0)
age
1766846
etag
W/"89a4-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
10751
request-context
appId=cid-v1:
8806.9281d6b5717a9c63.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/8806.9281d6b5717a9c63.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
35210f60f9b183a4b50509cfac68b13208e670453f85c22a9e344f226facb67b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:55 GMT
server
ECAcc (ama/48B6)
age
1766846
etag
W/"2020-18e848b71f8"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
3287
request-context
appId=cid-v1:
3615.9a87ccad2d835443.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/3615.9a87ccad2d835443.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C6) /
Resource Hash
a806795d78fa709d99d9fe068429b06ac47b6411f7693b721adf17521f8a6de2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48C6)
age
1766846
etag
W/"1e16-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
3213
request-context
appId=cid-v1:
1074.6bf8bec0fbef7f26.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/1074.6bf8bec0fbef7f26.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4895) /
Resource Hash
5388cfb833c6626e5185d691c8fa701a94ec5e8259a23d351a2a3f039258a711
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/4895)
age
1766843
etag
W/"dc14-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
19580
request-context
appId=cid-v1:
3760.9041525a00076343.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/3760.9041525a00076343.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488E) /
Resource Hash
38e8c9dd606feaa5db66532f640c6386c860a649c85ff51ce38f9284333d1fef
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/488E)
age
1766843
etag
W/"f38-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
1630
request-context
appId=cid-v1:
6268.29824f8e637e067a.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/6268.29824f8e637e067a.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
701a2a768e0b69237e169bd9cc615aee20452482d029fd22b7aa2ac79a28ce51
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48D0)
age
1766843
etag
W/"7c56-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
9789
request-context
appId=cid-v1:
catalogues
api-static.oriflame.com/tenants/ma/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/catalogues
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E4) /
Resource Hash
bbaad56399d1645d5d61578f506e550d2d6a6ffc83e0c790acd19cb5263469ed
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48E4)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Strict-Transport-Security,Vary,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
1457
expires
Wed, 17 Apr 2024 21:29:00 GMT
atpClusters
we-api.oriflame.com/live/ 		97 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://we-api.oriflame.com/live/atpClusters?customerId=-1
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.103.99.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
684b076cb88fa022fe37879ad46be4bbc71864f9c054156ffa6bcd972520fd94
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
Authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4NjQ2MSwiaWF0IjoxNzEzMzg2NDYxLCJleHAiOjE3MTMzOTAwNjEsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IjM0MzQ1QjAzOTY3MTAyMzcwN0UxQzJGNDAwMDdBRTI1In0.TPj0W8nUZpxr28w8O3jhzFU2t1-LCqEQwQsf7ehzn8Uq0GxyOjMMnxm_-u53JuioFUp5iFGCz--LSmnQ6eHVP9nyrfnO_sE1CSPNr-K2-xEcm2RaZJKSk_tKUMtN1FTBWF89tu95BAJLNkbVs5weupzcofEr-C1UcN9gURAQNrh4BEeyvr_BKgEpd7kqYWWfeHqSe-mXLQRUlyGOEfpKHmAk68vSCNaT79_EB_SuLBEl_AVAD00sMYhqjjW3xCxv--EHKB1Dy8NfIpBTyTnnn5T3ePzK76MdcRKrqkUQQiue4vmWe4FnMdRxO84pDD92ltlwknwsS6Y_bIKoa9RnXQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 17 Apr 2024 21:28:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding,Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ma.oriflame.com
Access-Control-Expose-Headers
Date,Content-Length,Strict-Transport-Security,Vary
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
97
Expires
-1
graphql
graphql-we.oriflame.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63d4da719124efb9e1dae853f86f568927a39f36498e422752faae592440dbdb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept-language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4NjQ2MSwiaWF0IjoxNzEzMzg2NDYxLCJleHAiOjE3MTMzOTAwNjEsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IjM0MzQ1QjAzOTY3MTAyMzcwN0UxQzJGNDAwMDdBRTI1In0.TPj0W8nUZpxr28w8O3jhzFU2t1-LCqEQwQsf7ehzn8Uq0GxyOjMMnxm_-u53JuioFUp5iFGCz--LSmnQ6eHVP9nyrfnO_sE1CSPNr-K2-xEcm2RaZJKSk_tKUMtN1FTBWF89tu95BAJLNkbVs5weupzcofEr-C1UcN9gURAQNrh4BEeyvr_BKgEpd7kqYWWfeHqSe-mXLQRUlyGOEfpKHmAk68vSCNaT79_EB_SuLBEl_AVAD00sMYhqjjW3xCxv--EHKB1Dy8NfIpBTyTnnn5T3ePzK76MdcRKrqkUQQiue4vmWe4FnMdRxO84pDD92ltlwknwsS6Y_bIKoa9RnXQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
x-client-application
@ori/frontpage
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
W/"788-NaGvJzl17OKbUkuh7ZsjcO3XfAc"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
SuggestionsAndResults
ma.oriflame.com/system/ajax/Search/ 		159 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
accept-language
fr-MA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 17 Apr 2024 21:28:54 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=3d6ec07eef80cdab
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
159
Expires
-1
SuggestionsAndResults
ma.oriflame.com/system/ajax/Search/ 		159 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
accept-language
fr-MA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 17 Apr 2024 21:28:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=63013e6650f0a7e5
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
159
Expires
-1
AboutTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E9) /
Resource Hash
5f469e028a947468e8e914d041f3a5137b98a1dec4e3bca934a43ea4c27b924a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48E9)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
905
expires
Wed, 17 Apr 2024 21:29:00 GMT
InspirationTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		2 KB
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
598f6a6df3d2cfa5858528c9726108f7c3b855e888f7434797cb183992214849
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/489A)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
841
expires
Wed, 17 Apr 2024 21:29:00 GMT
JoinTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		34 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48CC)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Content-Length,Strict-Transport-Security
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
34
expires
Wed, 17 Apr 2024 21:29:00 GMT
ShopSection
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		64 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4903) /
Resource Hash
f5a18a1f176ca9920c41fb8e84017aecb71fe2ca48e8974f7a009f46e80dc6e0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
age
412
x-cache
HIT
content-length
9176
last-modified
Wed, 17 Apr 2024 21:22:03 GMT
server
ECAcc (ama/4903)
access-control-max-age
600
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
expires
Wed, 17 Apr 2024 21:29:00 GMT
TopNavigation
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		917 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D6) /
Resource Hash
1282b9e861880ebbaf602cd9e62f94e1e8ffb268c7cc79acc355daf93ddaabb3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Apr 2024 21:29:00 GMT
date
Wed, 17 Apr 2024 21:28:55 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48D6)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Content-Length,Strict-Transport-Security
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
917
request-context
appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
VipAccessJson
ma.oriflame.com/system/ajax/stickybar/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/stickybar/VipAccessJson
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/2416-020340acba5bdbb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 17 Apr 2024 21:28:54 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=4b6dbfcbb3edab73
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
2
Expires
-1
index.js
clientapp-cdn.oriflame.com/basket-provider/ 		622 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/basket-provider/index.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
303e1954f32dec5fbf23b5a2827c64fdc6422b7afd54a8691d95ee953c9f5f1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
622
x-ms-lease-status
unlocked
last-modified
Wed, 10 Apr 2024 07:31:29 GMT
etag
0x8DC59303D272C65
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpp
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1c2b7318-801e-0037-7090-8d3146000000
cache-control
public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
index.js
clientapp-cdn.oriflame.com/outdated-browser-info/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/outdated-browser-info/index.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
589615fe4fb715b83513a7854eab31bd2c05cccfc8988ba72dc336ad2233ef9c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
br
last-modified
Thu, 14 Oct 2021 08:15:30 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpq
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
87b88acc-f01e-0002-020e-915d52000000
cache-control
private, no-cache, no-store
x-cache
PRIVATE_NOSTORE
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
index.js
clientapp-cdn.oriflame.com/subscription-wizard/ 		830 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/subscription-wizard/index.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f262c93918e12be57fab092bd9f097e3771bfd97781847555b75f65a6654edc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
830
x-ms-lease-status
unlocked
last-modified
Wed, 13 Mar 2024 10:04:09 GMT
etag
0x8DC4344ED171FD9
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpr
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ed506a7f-801e-007a-5ba5-8dfeaa000000
cache-control
public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
index.js
clientapp-cdn.oriflame.com/web-messenger/ 		799 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/web-messenger/index.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56cf28c459f6d029e8262cd8cf87e6dedf330afff3742e729953576c94aab494

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
799
x-ms-lease-status
unlocked
last-modified
Tue, 19 Dec 2023 19:31:11 GMT
etag
0x8DC00C90EF7964A
x-azure-ref
20240417T212855Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3yh
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dfe0b6ff-c01e-0036-0a90-8d6e9a000000
cache-control
public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
GetSpaTokenAsync
ma.oriflame.com/system/ajax/ApiGateway/ 		1004 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/ApiGateway/GetSpaTokenAsync
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c3339066769c1ab8cff3e6419b1cf66d967385e9067b93ae05f7cc442adfdba
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-441c3479dc214754-01
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://ma.oriflame.com/
request-id
|066763ed03e048208bd6751c1bdfefba.441c3479dc214754
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
Cache-Control
private
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Length
1004
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=e8f6774dc3da35e9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Translate
ma.oriflame.com/system/ajax/Localization/ 		454 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/Localization/Translate?keys=AreYouSureToLeaveConversation&keys=ChatBot&keys=ChatIsActive&keys=ChatIsNotAvailableDueToOpeningHours&keys=ChatWithUs&keys=Customer&keys=EmailChatHistory&keys=No&keys=PrintChatHistory&keys=Send&keys=Yes&sc_lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
pragma
no-cache
expires
0
traceparent
00-066763ed03e048208bd6751c1bdfefba-c1ff18a55fe040bd-01
accept-language
fr-MA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
cache-control
no-cache
Referer
https://ma.oriflame.com/
Request-Id
|066763ed03e048208bd6751c1bdfefba.c1ff18a55fe040bd
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Age
517
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=353cdc452741117d
X-Cache
HIT
Content-Length
300
Last-Modified
Wed, 17 Apr 2024 21:20:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
*
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Expires
Wed, 17 Apr 2024 21:29:00 GMT
index.json
ma.oriflame.com/_next/data/sgpzdN3zuDb04m7mYOATl/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/_next/data/sgpzdN3zuDb04m7mYOATl/index.json?tenant=ma&language=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-nextjs-data
1
traceparent
00-066763ed03e048208bd6751c1bdfefba-91642470ea284f24-01
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://ma.oriflame.com/
request-id
|066763ed03e048208bd6751c1bdfefba.91642470ea284f24
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
x-nextjs-matched-path
/internal/[tenant]/[language]
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
"10ya8g9tzkdsjh"
Vary
Accept-Encoding
Content-Type
application/json
x-nextjs-cache
HIT
Cache-Control
s-maxage=1200, stale-while-revalidate
Connection
keep-alive
x-nextjs-rewrite
/internal/ma/fr-MA/?tenant=ma&language=fr-MA
Content-Length
37621
request-context
appId=cid-v1:
graphql
graphql-we.oriflame.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-client-application,x-tenant-context
Access-Control-Request-Method
POST
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-client-application,x-tenant-context
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Apr 2024 21:28:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Access-Control-Request-Headers
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
graphql
graphql-we.oriflame.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63d4da719124efb9e1dae853f86f568927a39f36498e422752faae592440dbdb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept-language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4NjQ2MSwiaWF0IjoxNzEzMzg2NDYxLCJleHAiOjE3MTMzOTAwNjEsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IjM0MzQ1QjAzOTY3MTAyMzcwN0UxQzJGNDAwMDdBRTI1In0.TPj0W8nUZpxr28w8O3jhzFU2t1-LCqEQwQsf7ehzn8Uq0GxyOjMMnxm_-u53JuioFUp5iFGCz--LSmnQ6eHVP9nyrfnO_sE1CSPNr-K2-xEcm2RaZJKSk_tKUMtN1FTBWF89tu95BAJLNkbVs5weupzcofEr-C1UcN9gURAQNrh4BEeyvr_BKgEpd7kqYWWfeHqSe-mXLQRUlyGOEfpKHmAk68vSCNaT79_EB_SuLBEl_AVAD00sMYhqjjW3xCxv--EHKB1Dy8NfIpBTyTnnn5T3ePzK76MdcRKrqkUQQiue4vmWe4FnMdRxO84pDD92ltlwknwsS6Y_bIKoa9RnXQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
x-client-application
@ori/frontpage
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
W/"788-NaGvJzl17OKbUkuh7ZsjcO3XfAc"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
SuggestionsAndResults
ma.oriflame.com/system/ajax/Search/ 		159 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-e8c16d06142242c9-01
accept-language
fr-MA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Request-Id
|066763ed03e048208bd6751c1bdfefba.e8c16d06142242c9
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
Cache-Control
private
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Length
159
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=3da57ed669865ac8
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
SuggestionsAndResults
ma.oriflame.com/system/ajax/Search/ 		159 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-dcb4650837de4833-01
accept-language
fr-MA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Request-Id
|066763ed03e048208bd6751c1bdfefba.dcb4650837de4833
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:55 GMT
Cache-Control
private
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Length
159
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=40b201e24ff470a8
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
AboutTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E9) /
Resource Hash
5f469e028a947468e8e914d041f3a5137b98a1dec4e3bca934a43ea4c27b924a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
server
ECAcc (ama/48E9)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
905
expires
Wed, 17 Apr 2024 21:29:00 GMT
InspirationTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
598f6a6df3d2cfa5858528c9726108f7c3b855e888f7434797cb183992214849

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
server
ECAcc (ama/489A)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
841
expires
Wed, 17 Apr 2024 21:29:00 GMT
JoinTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		34 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
server
ECAcc (ama/48CC)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Content-Length,Strict-Transport-Security
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
34
expires
Wed, 17 Apr 2024 21:29:00 GMT
ShopSection
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		64 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4903) /
Resource Hash
f5a18a1f176ca9920c41fb8e84017aecb71fe2ca48e8974f7a009f46e80dc6e0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
age
412
x-cache
HIT
content-length
9176
last-modified
Wed, 17 Apr 2024 21:22:03 GMT
server
ECAcc (ama/4903)
access-control-max-age
600
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
expires
Wed, 17 Apr 2024 21:29:00 GMT
TopNavigation
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		917 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D6) /
Resource Hash
1282b9e861880ebbaf602cd9e62f94e1e8ffb268c7cc79acc355daf93ddaabb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Apr 2024 21:29:00 GMT
date
Wed, 17 Apr 2024 21:28:55 GMT
server
ECAcc (ama/48D6)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Content-Length,Strict-Transport-Security
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
917
request-context
appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
VipAccessJson
ma.oriflame.com/system/ajax/stickybar/ 		2 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/stickybar/VipAccessJson
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-fa6d4c514307482e-01
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Request-Id
|066763ed03e048208bd6751c1bdfefba.fa6d4c514307482e
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 17 Apr 2024 21:28:55 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=303d02d0abf32974
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
2
Expires
-1
gtm.js
www.googletagmanager.com/ 		382 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/analytics-provider/2.2.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
717806500918cf18bc5f98b9b62cab7e3d684917f06ede27c752fb14a2b7c3be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113730
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Apr 2024 21:28:56 GMT
basket-bubble
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/basket-bubble?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:55 GMT
expires
Wed, 17 Apr 2024 21:29:00 GMT
request-context
appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
server
ECAcc (ama/48B2)
strict-transport-security
max-age=16070400; includeSubDomains
basket-bubble
api-static.oriflame.com/tenants/ma/localizations/ 		45 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/basket-bubble?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
404ceb31fffdd082e9b052909987492f7ab2cc16071d5d3b74988eedaf983866
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48B2)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
45
expires
Wed, 17 Apr 2024 21:29:01 GMT
olapic
api-static.oriflame.com/tenants/ma/localizations/ 		191 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/olapic?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F3) /
Resource Hash
315f92161780c8dee1cba4137db09bde9b2d3cdfa62e66bd3f35492cdb0661c7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48F3)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
191
expires
Wed, 17 Apr 2024 21:29:00 GMT
olapic
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/olapic?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F3) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:55 GMT
expires
Wed, 17 Apr 2024 21:29:00 GMT
server
ECAcc (ama/48F3)
strict-transport-security
max-age=16070400; includeSubDomains
product-info-dialog
api-static.oriflame.com/tenants/ma/localizations/ 		306 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/product-info-dialog?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A7) /
Resource Hash
002aa09e939390bb36f155e05c6d0a4888578573159fe6bbab1ea1dbd49a9c0a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48A7)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
306
expires
Wed, 17 Apr 2024 21:29:00 GMT
index.js
clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/index.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/basket-provider/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f28a9b383157335bf74d3e03893b573d60a67a2e49766e9215d6c3c4cd96dbb7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
br
last-modified
Wed, 10 Apr 2024 07:30:56 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpv
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d317017d-e01e-0021-0581-8dc791000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
index.js
clientapp-cdn.oriflame.com/outdated-browser-info/1.2.1/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/outdated-browser-info/1.2.1/index.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca43a84357402328702af8b8e5f290dafeeeac4e18cbb5e2a6762e6e4d9ce21f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
br
last-modified
Thu, 14 Oct 2021 08:15:30 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpw
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
05398f90-101e-0035-6f97-8d8ffe000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
product-info-dialog
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/product-info-dialog?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A7) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:55 GMT
expires
Wed, 17 Apr 2024 21:29:00 GMT
server
ECAcc (ama/48A7)
strict-transport-security
max-age=16070400; includeSubDomains
index.js
clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/index.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/subscription-wizard/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17642e2219e0fdf3143e1bff790c32bc067586ea4f13e0f511e1696d0dd71214

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
br
last-modified
Wed, 13 Mar 2024 10:03:39 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212855Z-156d66696994glg7b48csdeh6800000002c0000000002wpx
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0b4f7d12-b01e-0003-508b-8d028e000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
novage-skincare-advisor
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/novage-skincare-advisor?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:55 GMT
expires
Wed, 17 Apr 2024 21:29:00 GMT
server
ECAcc (ama/48F2)
strict-transport-security
max-age=16070400; includeSubDomains
novage-skincare-advisor
api-static.oriflame.com/tenants/ma/localizations/ 		23 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/novage-skincare-advisor?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
397fdb58d6d74b365a3f7b8b2818b83cd3ed98c73dfad0159d5077050cdf95ce
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48F2)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
23
expires
Wed, 17 Apr 2024 21:29:01 GMT
mini-shopping-bag
api-static.oriflame.com/tenants/ma/localizations/ 		372 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/mini-shopping-bag?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BE) /
Resource Hash
d0487df2d251dc66677fad178f71859a9eaadef0999b576e7aca842b829a4275
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48BE)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
372
expires
Wed, 17 Apr 2024 21:29:01 GMT
mini-shopping-bag
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/mini-shopping-bag?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BE) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:56 GMT
expires
Wed, 17 Apr 2024 21:29:01 GMT
server
ECAcc (ama/48BE)
strict-transport-security
max-age=16070400; includeSubDomains
graphql
graphql-we.oriflame.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Request-Method
POST
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Apr 2024 21:28:56 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Access-Control-Request-Headers
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
graphql
graphql-we.oriflame.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Request-Method
POST
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 17 Apr 2024 21:28:56 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Access-Control-Request-Headers
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
graphql
graphql-we.oriflame.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44631280c5efa920ae3ce373e543d989d9c5baa75b4b2bebf65916bd5b5c9829
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-use-product-data-caching
true
accept-language
fr-MA
x-tenant-context
ma
x-use-products-service
true
authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4NjQ2MSwiaWF0IjoxNzEzMzg2NDYxLCJleHAiOjE3MTMzOTAwNjEsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IjM0MzQ1QjAzOTY3MTAyMzcwN0UxQzJGNDAwMDdBRTI1In0.TPj0W8nUZpxr28w8O3jhzFU2t1-LCqEQwQsf7ehzn8Uq0GxyOjMMnxm_-u53JuioFUp5iFGCz--LSmnQ6eHVP9nyrfnO_sE1CSPNr-K2-xEcm2RaZJKSk_tKUMtN1FTBWF89tu95BAJLNkbVs5weupzcofEr-C1UcN9gURAQNrh4BEeyvr_BKgEpd7kqYWWfeHqSe-mXLQRUlyGOEfpKHmAk68vSCNaT79_EB_SuLBEl_AVAD00sMYhqjjW3xCxv--EHKB1Dy8NfIpBTyTnnn5T3ePzK76MdcRKrqkUQQiue4vmWe4FnMdRxO84pDD92ltlwknwsS6Y_bIKoa9RnXQ
sec-ch-ua-mobile
?0
x-client-application
@ori/frontpage
Content-Type
application/json
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
W/"f34-95VBw00XZFBeGoH7h4yfIs0YTw0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
graphql
graphql-we.oriflame.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7608686174ae08ee6f13822c8354394bdf5dc4cd4e26e05bafcd086f17894a6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-use-product-data-caching
true
accept-language
fr-MA
x-tenant-context
ma
x-use-products-service
true
authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4NjQ2MSwiaWF0IjoxNzEzMzg2NDYxLCJleHAiOjE3MTMzOTAwNjEsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IjM0MzQ1QjAzOTY3MTAyMzcwN0UxQzJGNDAwMDdBRTI1In0.TPj0W8nUZpxr28w8O3jhzFU2t1-LCqEQwQsf7ehzn8Uq0GxyOjMMnxm_-u53JuioFUp5iFGCz--LSmnQ6eHVP9nyrfnO_sE1CSPNr-K2-xEcm2RaZJKSk_tKUMtN1FTBWF89tu95BAJLNkbVs5weupzcofEr-C1UcN9gURAQNrh4BEeyvr_BKgEpd7kqYWWfeHqSe-mXLQRUlyGOEfpKHmAk68vSCNaT79_EB_SuLBEl_AVAD00sMYhqjjW3xCxv--EHKB1Dy8NfIpBTyTnnn5T3ePzK76MdcRKrqkUQQiue4vmWe4FnMdRxO84pDD92ltlwknwsS6Y_bIKoa9RnXQ
sec-ch-ua-mobile
?0
x-client-application
@ori/frontpage
Content-Type
application/json
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
W/"119d-D4+no4+DjinEFJkigvVvAvdUz9E"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
index.js
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/web-messenger/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86b0885b77280ea96e164e8edb7bdb293771fb6f4eeec5de073edd6a1a976550

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Tue, 19 Dec 2023 19:30:35 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-156d66696994glg7b48csdeh6800000002c0000000002wpz
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
253d5196-a01e-000f-168b-8d9586000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
AboutTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E9) /
Resource Hash
5f469e028a947468e8e914d041f3a5137b98a1dec4e3bca934a43ea4c27b924a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
server
ECAcc (ama/48E9)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
905
expires
Wed, 17 Apr 2024 21:29:00 GMT
InspirationTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
598f6a6df3d2cfa5858528c9726108f7c3b855e888f7434797cb183992214849

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
server
ECAcc (ama/489A)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
841
expires
Wed, 17 Apr 2024 21:29:00 GMT
JoinTiles
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		34 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
server
ECAcc (ama/48CC)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Content-Length,Strict-Transport-Security
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
34
expires
Wed, 17 Apr 2024 21:29:00 GMT
ShopSection
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		64 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4903) /
Resource Hash
f5a18a1f176ca9920c41fb8e84017aecb71fe2ca48e8974f7a009f46e80dc6e0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:55 GMT
content-encoding
gzip
age
412
x-cache
HIT
content-length
9176
last-modified
Wed, 17 Apr 2024 21:22:03 GMT
server
ECAcc (ama/4903)
access-control-max-age
600
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
expires
Wed, 17 Apr 2024 21:29:00 GMT
TopNavigation
api-static.oriflame.com/tenants/ma/applications/navigation/navigations/ 		917 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D6) /
Resource Hash
1282b9e861880ebbaf602cd9e62f94e1e8ffb268c7cc79acc355daf93ddaabb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Apr 2024 21:29:00 GMT
date
Wed, 17 Apr 2024 21:28:55 GMT
server
ECAcc (ama/48D6)
vary
Accept-Language,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Vary,Date,Content-Length,Strict-Transport-Security
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
917
request-context
appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
configuration
api-static.oriflame.com/tenants/ma/bazaarvoice/ 		553 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/bazaarvoice/configuration
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4897) /
Resource Hash
d4797bb7c7f11c7daef73fdcda63295f8d0837d18fbda7f452a0814f5d2b8c17
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Wed, 17 Apr 2024 20:38:25 GMT
server
ECAcc (ama/4897)
age
3031
vary
Accept-Encoding
x-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Content-Length,Strict-Transport-Security,Vary
cache-control
public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
content-length
314
expires
Wed, 17 Apr 2024 21:29:01 GMT
configuration
api-static.oriflame.com/tenants/ma/bazaarvoice/ 		553 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/bazaarvoice/configuration
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4897) /
Resource Hash
d4797bb7c7f11c7daef73fdcda63295f8d0837d18fbda7f452a0814f5d2b8c17

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 20:38:25 GMT
server
ECAcc (ama/4897)
age
3031
vary
Accept-Encoding
x-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Content-Length,Strict-Transport-Security,Vary
cache-control
public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
content-length
314
expires
Wed, 17 Apr 2024 21:29:01 GMT
contentImage
media-afr-cdn.oriflame.com/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=d4082fa6-43ab-402b-a12f-c0635a6f16b6&name=18866015_3&inputFormat=jpg&w=1920&bc=%23f5f5f5&ib=%23f5f5f5&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
99b8a1f7be671f546b0b78cf5353633f09f2a4ce742d1eaceb70c08d25d5c97a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 15 Apr 2024 07:07:28 GMT
server
ECAcc (ama/4893)
age
224488
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
bytes
content-length
165817
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
contentImage
media-afr-cdn.oriflame.com/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=dd5a3c72-658a-4762-8a8f-07555c1b4f5d&name=18866020_2&inputFormat=jpg&w=1920&bc=%23f5f5f5&ib=%23f5f5f5&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
80230f7d2b7b85cd7b85e9333acf54d7ddadb1b433f654347e825334aff18f71
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Wed, 17 Apr 2024 09:07:03 GMT
server
ECAcc (ama/4893)
age
44513
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
bytes
content-length
144401
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
contentImage
media-afr-cdn.oriflame.com/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=70822d3a-3fcf-4722-86fd-eff4a27d2472&name=18866025_2&inputFormat=jpg&w=1920&bc=%23f5f5f5&ib=%23f5f5f5&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
a8984fb76a594c44d1566068d1dc8ec1163ffc9409841e05f7c1e48afdc2f3ef
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 15 Apr 2024 09:15:54 GMT
server
ECAcc (ama/4893)
age
216782
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
bytes
content-length
76831
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
104.chunk.js
clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/ 		210 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/104.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a28cbd5e83a77cdf13192f355ccc96341e5eb0db5d5f122d0ed0221240855f31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Wed, 10 Apr 2024 07:30:56 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3yw
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9f9a777a-b01e-004e-2296-8dcd62000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
317.chunk.js
clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/317.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/basket-provider/v1.0.1/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
830bae4aad821582706cd12ef64c1d5dfd8b03da280213002cf8914fdb372277

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Wed, 10 Apr 2024 07:30:56 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3yx
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bf522eab-d01e-003a-2e96-8df992000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
182.chunk.js
clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/ 		581 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/182.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f5c56e6fccc44cda4927612bec3bc88df567e55805707e4d53ea302665b7067

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Wed, 13 Mar 2024 10:03:39 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3yy
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e997fa63-c01e-006b-2970-8f641e000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
966.chunk.js
clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/966.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f7a5363b6358b78151290c37fdb2f90ba18553cc1e87ce22ddb8ada626303b1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Wed, 13 Mar 2024 10:03:39 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3yz
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f9e76239-601e-0010-338b-8d2682000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
Translate
ma.oriflame.com/system/ajax/Localization/ 		221 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/Localization/Translate?Keys=UpdateYourBrowser&Keys=YourBrowserIsOutdated&Keys=Update
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88a6f170934f8089cf0416844cf05233a6f80fd6d8b5276e1745e02ac4a67c15
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-045055781ff646cd-01
Accept-Language
nl-NL,nl;q=0.9;q=0.9
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://ma.oriflame.com/
Request-Id
|066763ed03e048208bd6751c1bdfefba.045055781ff646cd
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Age
1557
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=33f156351e51cc6e
X-Cache
HIT
Content-Length
170
Last-Modified
Wed, 17 Apr 2024 21:02:59 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
*
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Expires
Wed, 17 Apr 2024 21:29:01 GMT
398.chunk.js
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 		452 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/398.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c14d28b61cfdd67f9f52a361e57331b379f22fd3388c353e250ad3aac9b899e0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Tue, 19 Dec 2023 19:30:35 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3z2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
99733de5-901e-0059-0a2d-8c6469000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
37.chunk.js
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/37.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f55cfc8980a763ff5b9e6b28c54349247a5392c5a33a801bf354d2ec3ad5f36c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
last-modified
Tue, 19 Dec 2023 19:30:35 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3z3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fee334be-001e-0006-6086-8dd055000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
contentImage
media-afr-cdn.oriflame.com/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=4091baa3-2951-44e1-8094-84f52c82933d&name=18866041_2&inputFormat=jpg
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
ba1af44b38fe68d35c3a7f2f259edf4a3ae97613e8b4eb795a9bd6bed93e3455
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 15 Apr 2024 06:50:38 GMT
server
ECAcc (ama/4893)
age
225498
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
bytes
content-length
56327
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
contentImage
media-afr-cdn.oriflame.com/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-afr-cdn.oriflame.com/contentImage?externalMediaId=e173ff5f-c77e-4384-8e5e-c2f05fd4dcc6&name=18866028_2&inputFormat=jpg
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
a357366982569cafed756ddd7f8ea319416aee6b514c88fdc15736d82c0f6291
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 15 Apr 2024 18:56:54 GMT
server
ECAcc (ama/4893)
age
181923
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
accept-ranges
bytes
content-length
113483
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Apr 2024 19:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6574
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Apr 2024 21:39:22 GMT
destination
www.googletagmanager.com/gtag/ 		161 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-971661115&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e135805ebe6577028fb25b09a297b7d313379ad079c52b4374f258f31188f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62612
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Apr 2024 21:28:56 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9GY49MXMY
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9b5b199b1b931e0444d148281a445ac390cba7a34b2124f4427165220e686f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87017
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 21:28:56 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9GY49MXMY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ea75e221f18e4b6cff48126e857d536260b6adfdcdfa1ef0991500a554768106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87092
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 21:28:56 GMT
configuration
api-static.oriflame.com/tenants/ma/applications/miniBag/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/miniBag/configuration
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489C) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:56 GMT
expires
Wed, 17 Apr 2024 21:29:01 GMT
server
ECAcc (ama/489C)
strict-transport-security
max-age=16070400; includeSubDomains
novAgeSkincareConfiguration
api-static.oriflame.com/tenants/ma/applications/advisor/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/advisor/novAgeSkincareConfiguration?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-application,x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-client-application,x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:56 GMT
expires
Wed, 17 Apr 2024 21:29:01 GMT
server
ECAcc (ama/48CB)
strict-transport-security
max-age=16070400; includeSubDomains
configuration
api-static.oriflame.com/tenants/ma/applications/miniBag/ 		79 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/miniBag/configuration
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489C) /
Resource Hash
93d3f266ef0f03d2cef0b5f5297851a2fc9eb5c5ef9e7e45bb04014f58679ac6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/489C)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Content-Length,Strict-Transport-Security,Vary
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
79
expires
Wed, 17 Apr 2024 21:29:01 GMT
novAgeSkincareConfiguration
api-static.oriflame.com/tenants/ma/applications/advisor/ 		98 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/advisor/novAgeSkincareConfiguration?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
c7acb928d90bd0c40eebfc1f403c9daed952b1a10c0251435a6484398303bf66
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-client-application
novage-skincare-advisor
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48CB)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Content-Length,Strict-Transport-Security,Vary
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
98
expires
Wed, 17 Apr 2024 21:29:01 GMT
sans-condensed-bold.woff2
static.oriflame.com/fonts/v2/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.oriflame.com/fonts/v2/fonts/sans-condensed-bold.woff2
Requested by
Host: static.oriflame.com
URL: https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
786131c7336f090016f4b1d451fcf5f9c423dba8961f7a63f3c655c3f2ed69aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-md5
Re1FYWahJI/Zo1a8EFQV/g==
age
322776
x-cache
HIT
content-length
46708
x-ms-lease-status
unlocked
last-modified
Wed, 10 Apr 2024 13:38:55 GMT
server
ECAcc (ama/48B2)
etag
0x8DC596391553AA0
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
3b424fb5-701e-00a5-521e-8e3646000000
cache-control
max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 24 Apr 2024 21:28:56 GMT
configuration
api-static.oriflame.com/tenants/ma/applications/olapic/ 		4 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/olapic/configuration?olapicType=FrontPage&lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C3) /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48C3)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Content-Length,Strict-Transport-Security,Vary
cache-control
public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
content-length
4
expires
Wed, 17 Apr 2024 21:29:01 GMT
culture
api-static.oriflame.com/tenants/ma/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/culture
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DF) /
Resource Hash
57ab0e44fd46bda5b175dad72d6d2eb4efc5b817275a0f346aea7b45a711b95d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
age
1724
x-cache
HIT
content-length
1495
last-modified
Wed, 17 Apr 2024 21:00:12 GMT
server
ECAcc (ama/48DF)
access-control-max-age
600
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
expires
Wed, 17 Apr 2024 21:29:01 GMT
productImage
media-cdn.oriflame.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2FProducts%2F41827%2FMA%2F41827_1.png&id=19156231&version=1&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
e7643d8a8de12ace3b2513fd2c40b77ce9704faccda007d6ec0fdaaefd093f33
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 04 Apr 2024 11:14:41 GMT
server
ECAcc (ama/48BB)
age
1160055
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
5012
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
productImage
media-cdn.oriflame.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2FProducts%2F30888%2F30888_1.png&id=11536877&version=1&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
d03955f43ba4e03ce378d6d6d3354bbd44e3e0b17a976a4734f29b8d4b09f2ff
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Sun, 24 Mar 2024 08:18:05 GMT
server
ECAcc (ama/48BB)
age
2121051
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
12501
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
productImage
media-cdn.oriflame.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2FProducts%2F43123%2F43123_1.png&id=16805642&version=3&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
bac0f833ae608b89e790c43565163939e0b7202b7ae9d3dade7a01ae84fe4143
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Sun, 24 Mar 2024 12:53:06 GMT
server
ECAcc (ama/48BB)
age
2104550
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
4876
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
productImage
media-cdn.oriflame.com/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2FProducts%2F33142%2F33142_1.png&id=12451997&version=2&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
b6c2a124ee727d27cafbc836ed1de6e2464d5c95f50a31ef1f780b1e09f60ab7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Sun, 24 Mar 2024 09:47:31 GMT
server
ECAcc (ama/48BB)
age
2115685
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
29475
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
productImage
media-cdn.oriflame.com/ 		0
0
productImage
media-cdn.oriflame.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2FProducts%2F42417%2F42417_1.png&id=2024-03-11T10-25-27-845Z_MediaMigration&version=1663794000&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
221a572436931ffad5f1f2e83443cdcb3e3e3c50253c227b8edac4a522a848e5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Sun, 24 Mar 2024 06:39:01 GMT
server
ECAcc (ama/48BB)
age
2126995
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
3588
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
productImage
media-cdn.oriflame.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2FProducts%2F44950%2FMA%2F44950_1.png&id=18255857&version=4&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BB) /
Resource Hash
cb8d57ee7c5009447f738ab373d31a64358b243d936ae6d998abdb792a02f99f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48BB)
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
content-length
7691
request-context
appId=cid-v1:6fca595b-ec88-4cf7-a138-bc479aa89de0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 17 Apr 2024 22:01:17 GMT
745.chunk.js
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 		222 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/745.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7a1a3458e1c41c493dd8df0bffb946e83717661069c46060eccef79a9f3892e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
last-modified
Tue, 19 Dec 2023 19:30:35 GMT
etag
0x8DC00C8F954A4C9
x-azure-ref
20240417T212856Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a3zv
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ece08c20-e01e-001e-5c86-8d0f32000000
cache-control
public, max-age=900
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
222
subscription-wizard
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/subscription-wizard?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:56 GMT
expires
Wed, 17 Apr 2024 21:29:01 GMT
server
ECAcc (ama/48AA)
strict-transport-security
max-age=16070400; includeSubDomains
subscription-wizard
api-static.oriflame.com/tenants/ma/localizations/ 		212 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/subscription-wizard?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
fe416667c8fc4c124dbbb237348517c38e301af638fe34497a9225b2467d043b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48AA)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
212
expires
Wed, 17 Apr 2024 21:29:01 GMT
4588.cfb43de94b561a7a.js
assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/4588.cfb43de94b561a7a.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/webpack-87ef72fb46c4c35b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DB) /
Resource Hash
0a00f1bed95d9cb64e34d78a4810fa7b606d9090e6401415a84b407279b1d7d4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
gzip
strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Thu, 28 Mar 2024 10:11:54 GMT
server
ECAcc (ama/48DB)
age
1766843
etag
W/"1b33-18e848b6e10"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
2897
request-context
appId=cid-v1:
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971661115/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971661115/?random=1713389336649&cv=11&fst=1713389336649&bg=ffffff&guid=ON&async=1&gtm=45be44f0v893616262z86283056za201&gcd=13r3r3r2r5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fma.oriflame.com%2F&hn=www.googleadservices.com&frm=0&tiba=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=market_code%3DMA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-971661115&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
2e3c25a4e85905f38cf209555b6bf98a4a67f8f3e91e2409d4a64af6a782b6a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 21:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-B9GY49MXMY&gtm=45je44f0v873339067za200&_p=1713389335921&gcs=G111&gcd=13r3r3r2r5&npa=0&dma=0&cid=185429062.1713389337&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fma.oriflame.com%2F&sid=1713389336&sct=1&seg=0&dt=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&en=page_view&_fv=1&_ss=1&_ee=1&ep.data_source=web&ep.page_path_unified=%2F&ep.content_group=Front%20page&ep.period_code=202404&ep.user_logged_in=false&up.market_code=MA&tfd=1439
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9GY49MXMY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 21:28:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ma.oriflame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GetShoppingContext
ma.oriflame.com/system/ajax/ShoppingBag/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/ShoppingBag/GetShoppingContext
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3ce73a3a17d7e25f6e46aefa9c2153d09cb4f20a14d407c8f6a10175768cf49
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-73580075a91146e7-01
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ma.oriflame.com/
request-id
|066763ed03e048208bd6751c1bdfefba.73580075a91146e7
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only
frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=062e8f81df6030af
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
private
Connection
Keep-Alive
Content-Length
1071
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 21:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://ma.oriflame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61098026-1&cid=185429062.1713389337&jid=506269878&gjid=995872225&_gid=420969286.1713389337&_u=aGBAiEAjBAAAAEAAIC~&z=969392185
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Apr 2024 21:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ma.oriflame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-messenger
api-static.oriflame.com/tenants/ma/localizations/ 		61 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/web-messenger?lang=fr-MA
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E4) /
Resource Hash
78d7ba0f86740c51d5066488370aefbe45e2419ad8493a12c95b282aca9e7a61
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/48E4)
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=3600
content-length
61
expires
Wed, 17 Apr 2024 21:29:01 GMT
web-messenger
api-static.oriflame.com/tenants/ma/localizations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/localizations/web-messenger?lang=fr-MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E4) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:56 GMT
expires
Wed, 17 Apr 2024 21:29:01 GMT
server
ECAcc (ama/48E4)
strict-transport-security
max-age=16070400; includeSubDomains
GetUserAccessTokenAsync
ma.oriflame.com/system/ajax/ApiGateway/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ma.oriflame.com/system/ajax/ApiGateway/GetUserAccessTokenAsync
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.235.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c5df2407e6ce3e592937c5a95a0954e411c5f1e3d71271116215bfeac0037bcc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-066763ed03e048208bd6751c1bdfefba-0da1809fe8e24a5d-01
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-fetch-api
1
Referer
https://ma.oriflame.com/
x-requested-with
XMLHttpRequest
request-id
|066763ed03e048208bd6751c1bdfefba.0da1809fe8e24a5d
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Connection
Keep-Alive
Content-Length
788
revieve-plugin-loader.js
d38knilzwtuys1.cloudfront.net/revieve-plugin-v4/ 		129 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38knilzwtuys1.cloudfront.net/revieve-plugin-v4/revieve-plugin-loader.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/4588.cfb43de94b561a7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7200:1f:ae8e:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc3cc4150505a445999c32dadc2d9f6de8234c3208ff159b8f4ef828b9e2f75d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 09:28:42 GMT
content-encoding
gzip
via
1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 09:28:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
43215
etag
W/"4ad5fd63035690c769a4d292b35a7bb1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
HQBf6Y2GOIeN3fcMcH5p1emN3k1H0Q5sb-KqUP45JfY2sN-28_RMpA==
/
www.google.com/pagead/1p-user-list/971661115/ 		42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971661115/?random=1713389336649&cv=11&fst=1713387600000&bg=ffffff&guid=ON&async=1&gtm=45be44f0v893616262z86283056za201&gcd=13r3r3r2r5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fma.oriflame.com%2F&frm=0&tiba=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&npa=0&data=market_code%3DMA&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqjdKKGhbFM8wVxZQiHazd_nG2vneRiQ&random=3027195646&rmt_tld=0&ipr=y
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 21:28:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ru/pagead/1p-user-list/971661115/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ru/pagead/1p-user-list/971661115/?random=1713389336649&cv=11&fst=1713387600000&bg=ffffff&guid=ON&async=1&gtm=45be44f0v893616262z86283056za201&gcd=13r3r3r2r5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fma.oriflame.com%2F&frm=0&tiba=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&npa=0&data=market_code%3DMA&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqjdKKGhbFM8wVxZQiHazd_nG2vneRiQ&random=3027195646&rmt_tld=1&ipr=y
Requested by
Host: ma.oriflame.com
URL: https://ma.oriflame.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 21:28:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
graphql-we.oriflame.com/ 		553 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06dabfe3a88facf0b0aa2090bc56e755e50d335498e9ee8cb61bb2f9de3f9304
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept-language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4NjQ2MSwiaWF0IjoxNzEzMzg2NDYxLCJleHAiOjE3MTMzOTAwNjEsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IjM0MzQ1QjAzOTY3MTAyMzcwN0UxQzJGNDAwMDdBRTI1In0.TPj0W8nUZpxr28w8O3jhzFU2t1-LCqEQwQsf7ehzn8Uq0GxyOjMMnxm_-u53JuioFUp5iFGCz--LSmnQ6eHVP9nyrfnO_sE1CSPNr-K2-xEcm2RaZJKSk_tKUMtN1FTBWF89tu95BAJLNkbVs5weupzcofEr-C1UcN9gURAQNrh4BEeyvr_BKgEpd7kqYWWfeHqSe-mXLQRUlyGOEfpKHmAk68vSCNaT79_EB_SuLBEl_AVAD00sMYhqjjW3xCxv--EHKB1Dy8NfIpBTyTnnn5T3ePzK76MdcRKrqkUQQiue4vmWe4FnMdRxO84pDD92ltlwknwsS6Y_bIKoa9RnXQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:56 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
W/"229-2wAzeizHWaAFXK0s2SQ4RZ3MY1M"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
553
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
configuration
api-static.oriflame.com/tenants/ma/applications/webMessenger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/webMessenger/configuration?relativeUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4892) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-tenant-context
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-tenant-context
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=5
content-length
0
date
Wed, 17 Apr 2024 21:28:56 GMT
expires
Wed, 17 Apr 2024 21:29:01 GMT
server
ECAcc (ama/4892)
strict-transport-security
max-age=16070400; includeSubDomains
configuration
api-static.oriflame.com/tenants/ma/applications/webMessenger/ 		168 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-static.oriflame.com/tenants/ma/applications/webMessenger/configuration?relativeUrl=%2F
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4892) /
Resource Hash
d972e389b014712129274a54861c2214c36ed8927bdbfbc5d0c7e17d836283ad
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:56 GMT
strict-transport-security
max-age=16070400; includeSubDomains
server
ECAcc (ama/4892)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date,Content-Length,Strict-Transport-Security,Vary
cache-control
public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length
168
expires
Wed, 17 Apr 2024 21:29:01 GMT
5HcBp1rhJR
d38knilzwtuys1.cloudfront.net/api/4/config/loader/ 		437 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d38knilzwtuys1.cloudfront.net/api/4/config/loader/5HcBp1rhJR
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7200:1f:ae8e:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.25.2 / Express
Resource Hash
29c1cbf7ac28079ca41c9ab293cbad4e7d779aae0cb1c875bca7c73844710d20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Parse-Application-Id
Revieve API
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:47:01 GMT
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
server
nginx/1.25.2
x-amz-cf-pop
FRA60-P9
age
6115
x-powered-by
Express
etag
W/"1b5-PE+1LisZB7KzYlvSVagnjk5IgCI"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-allow-headers
Content-Type, x-parse-application-id, x-parse-rest-api-key, x-parse-session-token
content-length
437
x-amz-cf-id
I6VIoZ_LkQVeVnECcjwcXCC31Juru1fJA0CFnAp6gXzVKOaao_Ci_w==
5HcBp1rhJR
d38knilzwtuys1.cloudfront.net/api/4/config/loader/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d38knilzwtuys1.cloudfront.net/api/4/config/loader/5HcBp1rhJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7200:1f:ae8e:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.25.2 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-parse-application-id
Access-Control-Request-Method
GET
Origin
https://ma.oriflame.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, x-parse-application-id, x-parse-rest-api-key, x-parse-session-token
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
4087
date
Wed, 17 Apr 2024 20:20:49 GMT
server
nginx/1.25.2
via
1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-amz-cf-id
ED034VOpXNBPT6hGRfuI_Hr6OwYKpTcoK1ipkI-oDWBHIxlCA7d5Hg==
x-amz-cf-pop
FRA60-P9
x-cache
Hit from cloudfront
x-powered-by
Express
favicon.ico
static.oriflame.com/favicons/online/v1/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.oriflame.com/favicons/online/v1/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CF) /
Resource Hash
538dadcf074718a9222c26947645cdc3e01f6619e86d0ad481c4df0e6ccc00f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:56 GMT
content-md5
6kkBkayZeGkBbPno75rAVw==
age
325664
x-cache
HIT
content-length
5430
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 20:19:59 GMT
server
ECAcc (ama/48CF)
etag
0x8DAF9915F590497
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
ba3975fe-b01e-0095-0c18-8e8889000000
cache-control
max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 24 Apr 2024 21:28:56 GMT
genesys.min.js
apps.mypurecloud.de/genesys-bootstrap/ 		246 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/37.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.250.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-250-204.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
88d02a35da7f25366e90330e3b82cd2043e8c139249be37ee48dc7837ee92861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
gzip
x-amz-version-id
QZm_h5zv_4b0p.BWe_vzGlRCw_A6jZYE
last-modified
Thu, 28 Mar 2024 03:04:03 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
MZXQ5604YVTYB52H
etag
"c6c4edc52df95ad8891299284ff3efdb"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
74477
x-amz-id-2
RFMyamMvLz7RkZRemGhb//Utsg0AdCP5vn3QTvRSAecYVpBqNg3mU6tBD3CfmppJgsczOLQVNR8=
js
www.googletagmanager.com/gtag/ 		299 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K8GTNGGDFR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f6eaeaab44d470212b6ace0f828ec9c55a56cef8f5ebd42fe8bc142917d39ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101773
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 21:28:57 GMT
graphql
graphql-we.oriflame.com/ 		553 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql-we.oriflame.com/graphql
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06dabfe3a88facf0b0aa2090bc56e755e50d335498e9ee8cb61bb2f9de3f9304
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept-language
fr-MA
x-tenant-context
ma
sec-ch-ua-mobile
?0
authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMzM4Njk0OSwiaWF0IjoxNzEzMzg2OTQ5LCJleHAiOjE3MTMzOTA1NDksImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiRUNvbW1lcmNlU3BhQ2xpZW50IiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiVW5UcnVzdGVkIiwianRpIjoiQzM1MTIwRTNBQ0UxMzEwNjcyNzgwNDBFMjFDNzg5QTUifQ.fOcknSNMU-G5WaIlljoAg2PcDnKyuuhA8GwH-MRTkkXIz8RZCn6QftpBMW8AnuyRne8eSfwjYAHjoQLlCoZHTtla6nCgA29KolspcLfoN1Fe40_ymMWTCpV4UGDqjq5YN5bN4luF08SQZKNwQG7R1rddvXI9THzHTYa-m9kTWJzHeGZ-M5o21xoeAk1EN_7s4hPrQbHqAIJZZgrTZUYmcssv_TQAlFGqv6sNF1QG9jPrXliZ-LOg0N_kIVHBh5VJhBDi7UYhLYLatIiGTpdHOWViLKqIOSXzlJ0OG-UQ5mknKCjFhwVnUOhVMGA03wL0OVJa0jWuo9j2xYDIRJ1vpw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://ma.oriflame.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:57 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
ETag
W/"229-2wAzeizHWaAFXK0s2SQ4RZ3MY1M"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
553
request-context
appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9
index.js
clientapp-cdn.oriflame.com/genesys-widget/ 		805 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/genesys-widget/index.js
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3a09ebc4a276a42e26bf432c328dea9ffa111d67234fc5e9ce92d7510e8865a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:57 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
805
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 13:19:22 GMT
etag
0x8DBE5145157575F
x-azure-ref
20240417T212857Z-156d66696994glg7b48csdeh6800000002c0000000002wqh
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ecb663e2-801e-007a-6c81-8dfeaa000000
cache-control
public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
domains.json
api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/ 		44 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/domains.json
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78bd6ee8a2fce4c0294729fa7db73d0d370298f2f5738b53ecbf229f85171942

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:58 GMT
Via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
44
Last-Modified
Thu, 25 Jan 2024 13:31:46 GMT
Server
AmazonS3
ETag
"bd0b814b289c55fd0f2d0cd84ca3acd5"
Vary
Accept-Encoding,Origin
Access-Control-Allow-Methods
GET, POST, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=120,s-maxage=120
Accept-Ranges
bytes
X-Amz-Cf-Id
02H3s6gMa5qIyTr7-86F_aWlREoPB_SEHot8PNdKVcuj4X2MsL5H_w==
collect
sst.revieve.com/g/ 		0
481 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sst.revieve.com/g/collect?v=2&tid=G-K8GTNGGDFR&gtm=45je44f0v895185803za200&_p=1713389335921&gcs=G111&gcd=13v3v3r2r5&npa=0&dma=0&cid=185429062.1713389337&ul=nl-nl&sr=1600x1200&_fplc=0&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713389337&sct=1&seg=0&dl=https%3A%2F%2Fma.oriflame.com%2F&dt=Oriflame%20Cosmetics%20%7C%20Oriflame%20Cosmetics&en=page_view&_fv=1&_ss=1&_ee=1&ep.partner_id=5HcBp1rhJR&ep.experience_id=&ep.identifier=Oriflame%20TR%26AFR%20Morocco%20Skincare&tfd=1917
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8GTNGGDFR&l=dataLayer&cx=c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.22.171.98 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.171.22.34.bc.googleusercontent.com
Software
nginx/1.25.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:57 GMT
Server
nginx/1.25.2
Connection
keep-alive
Content-Length
0
index.js
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/genesys-widget/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3328973433524eaa4b0b8c8e621e8f7e54298f0c18aadf213ddeca8ab5991a23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Origin
https://ma.oriflame.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
br
last-modified
Tue, 14 Nov 2023 13:17:30 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212857Z-156d66696994glg7b48csdeh6800000002c0000000002wqp
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f9d81c52-601e-0010-7387-8d2682000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
599.chunk.js
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 		297 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/599.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0e53c666ff2715e7030c18ad78aa919f1868ab4efdb69c3b2337a010148a6b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
br
last-modified
Tue, 14 Nov 2023 13:17:30 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212857Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a40q
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e99582c7-b01e-003c-1f8c-8dca2d000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
793.chunk.js
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/793.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b081d76f3c7e5f5e2afa2d5676cf8977d7fd1cce6de06942af0956c3a0906c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
br
last-modified
Tue, 14 Nov 2023 13:17:30 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212857Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a40r
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02ffeff9-701e-0041-7896-8dbb0e000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2
config.json
api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/config.json
Requested by
Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-afr/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3509bf6d9fcaab79904f80b95cde6b3c5411fbe90e3801c25ba1e14d3edd392a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 21:28:58 GMT
Content-Encoding
gzip
Via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 25 Jan 2024 13:31:46 GMT
Server
AmazonS3
ETag
W/"0858a3ff5630a612dc981654caa99305"
Vary
Accept-Encoding,Origin
Access-Control-Allow-Methods
GET, POST, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=120,s-maxage=120
X-Amz-Cf-Id
taGgey0q_q9OAWDJ8vnLkvL_1vSOTQSUzFIG3qzXM7MUfX1XubEC7A==
offersHelper.min.js
apps.mypurecloud.de/journey/messenger-plugins/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.de/journey/messenger-plugins/offersHelper.min.js
Requested by
Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.250.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-250-204.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d062242d8d52402eee46fdeeae777a9904c56ce6cb73ac20d10c6df8e37c03dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
gzip
x-amz-version-id
gyaRgKcL_pX4U35DyVCpqd32ZfoPXZlf
last-modified
Mon, 25 Mar 2024 11:20:25 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
J1E2NKCJHPF230Q5
etag
"a9b7e3be96255a59ca32b3159ea791f9"
content-type
text/javascript
cache-control
max-age: 600
content-length
5195
x-amz-id-2
gnDJAGlftYbLSkQjrW9EzWmAzYtz+Ul1jYZmi7qDJd6Vaa36Nwl+toMnWLJpL3QN3sBD9Psi9zc=
messenger.html
apps.mypurecloud.de/messenger/ Frame 657B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.de/messenger/messenger.html
Requested by
Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.19.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-19-189.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://ma.oriflame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 17 Apr 2024 21:28:57 GMT
etag
W/"1404b75da8e2bb3dc0247b949a748afe"
last-modified
Tue, 02 Apr 2024 13:35:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-id-2
oQig8sSMco8BYxQPXyxBjt0YKD4uBMzfZP+D1TQJ+akyj0h+qI1TdJv9Vt0enrl7AXk9bCGCVS8=
x-amz-request-id
E38B8SS284Y4R3GH
x-amz-version-id
Egti0qFAf6IRzb_4DWuRcv7zla5vN2pe
messenger-renderer.html
apps.mypurecloud.de/messenger/ Frame A752 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.de/messenger/messenger-renderer.html
Requested by
Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.19.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-19-189.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://ma.oriflame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 17 Apr 2024 21:28:57 GMT
etag
W/"5e33c9db52cede671fbd6ced2fa68603"
last-modified
Tue, 02 Apr 2024 13:35:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-id-2
Ce7NHXiD7l3T/QBJcz0qH48lebtnnbcRPzSN917J/+ErjYFXxK8lh/eNJEL/4qpP9jLpFqbpeZM=
x-amz-request-id
M8SXX2E80SFCW98E
x-amz-version-id
2meds8fQBL5KFWr9otYXvOKXw4Grwen2
347.chunk.js
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/347.chunk.js
Requested by
Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ba556e73fe7084c27a99f57ebdc36f6a06e6d677b33fdee02c7ed265af085f3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ma.oriflame.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 21:28:57 GMT
content-encoding
br
last-modified
Tue, 14 Nov 2023 13:17:30 GMT
vary
Accept-Encoding
x-azure-ref
20240417T212857Z-1564cf756ffv2t2lg1tpmf1gcs00000002gg00000000a40w
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fef8c42f-001e-0006-6f8b-8dd055000000
cache-control
public, max-age=900
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
x-cache-info
L1_T2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
media-cdn.oriflame.com
URL
https://media-cdn.oriflame.com/productImage?externalMediaId=product-management-media%2F45425%2F45425.png%3Fversion%3D1676900700&w=231&bc=%23f5f5f5&ib=%23f5f5f5&h=231&q=90

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __dynProto$Gbl object| __REACT_INTL_CONTEXT__ function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| ori object| __APOLLO_CLIENT__ object| appInsights object| dataLayer function| gtag string| version string| targetScriptUrl string| containerName string| currentScriptUrl object| URL_REGEXP object| result object| urlParams object| bodyElement object| scriptElement string| rootElementId object| rootElement object| webpackChunkoribasketprovider object| webpackChunkorisubscriptionwizard function| $bu_getBrowser object| webpackChunkoriwebmessenger object| _buorgres object| google_tag_manager object| google_tag_data boolean| isOriGa3TrackerDefined string| GoogleAnalyticsObject function| ga object| oriGtmData function| ParseKnownId function| wfunc_StringifyId function| ParsePagePathUnified function| ParseTrigerringEvent function| UpdateOriGtmData boolean| wvar_is_loaded_context_data boolean| wvar_is_fired_pageview_ga4 boolean| wvar_is_defined_gtag_func boolean| wvar_is_installed_gtag boolean| ori_wvar_is_configured_ga4 function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| __MUI_LICENSE_INFO__ object| isBasketProviderReady object| GooglebQhCsO object| Revieve object| regeneratorRuntime object| reactiveElementVersions object| litHtmlVersions object| litElementVersions string| _genesysJs function| webpackHotUpdate object| webpackChunkorireactgenesyswidget

23 Cookies

Domain/Path Name / Value
ma.oriflame.com/ Name: TS01f59f10
Value: 014b5de841dc84082dabce8d568983bac5c496da4c410b6e71c7b04f9f6b8a7c92fd1fbe58e2e44b74f79e444891b40c457dad18b1
ma.oriflame.com/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: GECNLGLAFAOFAILLDLKGEALCJFLFMOBIIOIOCCCJHIDJCIEFAKAAMPEFLCBAKFIFDHGDHIFMMOCPINECKJJAKPNDMDLGDOLOLMCNOEHFMKPOCDOMFJJBINHEPIEJONON
ma.oriflame.com/ Name: TS0115306e
Value: 014b5de8415a66598490477d7a4a79f1af1e651b05aff56cb7d3157a609daba8f7c29ad55c374848c05cb96e1c7280a6ddbfc918d0
ma.oriflame.com/ Name: ai_user
Value: WwCqz6Zp0lxL3GeagSQ5oj|2024-04-17T21:28:55.806Z
ma.oriflame.com/ Name: UserKey
Value: extranet-Anonymous
ma.oriflame.com/ Name: ShoppingKey
Value: -1
ma.oriflame.com/ Name: ASP.NET_SessionId
Value: ef4m00arsny3mrtyprxcmcue
ma.oriflame.com/ Name: OriTracking
Value: 1dacde1d-e00d-425b-ac2d-ef7f98457ed6
ma.oriflame.com/ Name: TSc726feed027
Value: 08afc1cc77ab200040d4a4cb8eeb1df9f8947a2134451794f349fa0bf7a40921eb2c291d2a0d7e3408ad1d99c01130001bbe942ebddfa919d997837ece91446099cd59a0f749249f0aa8dc791732b0188f2cd8632edeccdb7561868c0da2127a
ma.oriflame.com/ Name: ai_session
Value: VnnCmncW3YoxSl4ZhQjy7T|1713389335892|1713389335892
.oriflame.com/ Name: _gid
Value: GA1.2.420969286.1713389337
.oriflame.com/ Name: _ma_ga_B9GY49MXMY
Value: GS1.1.1713389336.1.0.1713389336.0.0.0
.oriflame.com/ Name: _ma_ga
Value: GA1.1.185429062.1713389337
.oriflame.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
media-cdn.oriflame.com/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: DEJJLNKMAAMGKGAMIOADIGDJEDNCKLEFIDJAJMIPFAMOOEPBNOFHGGNHEDBHEKLKNLGDGPAHNONPHNFNKIHAAIBEMDEAOOOBAPMJLEIAFEODJOLHJBOPIMHNPJEEDADN
media-cdn.oriflame.com/ Name: TS01f303cb
Value: 014b5de8417ee847717a558af1f7d717ed86a2caedbde21dd48190e880d74036d75de7a7dff7c4dba1d1db85e2e3ba26d3a273596c
media-cdn.oriflame.com/ Name: TSb51d2775027
Value: 08afc1cc77ab2000b443ae2a61d8edc5e86e6e27614b6f19a0c5fedcc5eb6f68499d5b09f1e3a44e0802e92f4611300032d0d7288cdc0cc2530e9edf02fa260caa7b1d9190d5b6d4d1dc60694463311f9f44a042abbfce559b208ed2fcfb0fb2
ma.oriflame.com/ Name: revieve-userid
Value: EB849wtFciPn6xWgN88K3
.ma.oriflame.com/ Name: _ga
Value: GA1.3.185429062.1713389337
.ma.oriflame.com/ Name: _gid
Value: GA1.3.420969286.1713389337
.oriflame.com/ Name: _ga_K8GTNGGDFR
Value: GS1.1.1713389337.1.0.1713389337.0.0.0
.oriflame.com/ Name: _ga
Value: GA1.1.185429062.1713389337

3 Console Messages

Source Level URL
Text
other warning URL: https://ma.oriflame.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://d38knilzwtuys1.cloudfront.net/revieve-plugin-v4/revieve-plugin-loader.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ma.oriflame.com/system/ajax/ApiGateway/GetUserAccessTokenAsync
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cdn.mypurecloud.de
api-static.oriflame.com
apps.mypurecloud.de
assets-we-cdn.oriflame.com
clientapp-cdn.oriflame.com
d38knilzwtuys1.cloudfront.net
googleads.g.doubleclick.net
graphql-we.oriflame.com
ma.oriflame.com
media-afr-cdn.oriflame.com
media-cdn.oriflame.com
sst.revieve.com
static.oriflame.com
stats.g.doubleclick.net
we-api.oriflame.com
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
media-cdn.oriflame.com
142.250.181.238
142.250.185.72
172.217.16.132
172.217.18.3
172.217.23.98
18.198.250.204
20.103.99.71
20.93.235.241
20.93.237.24
2600:9000:235a:7200:1f:ae8e:2440:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:80e::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::9d
34.22.171.98
35.157.19.189
65.9.66.35
002aa09e939390bb36f155e05c6d0a4888578573159fe6bbab1ea1dbd49a9c0a
02a2f300d1711ef31b742b54e38dc4777ca7bc8b65fc77bdac0b0a2ae32fc5d3
06d46fbb7a9ec8a6db527c54acc5151fc40328ff3efdb2eb2e8ab2eb41b46ba2
06dabfe3a88facf0b0aa2090bc56e755e50d335498e9ee8cb61bb2f9de3f9304
0a00f1bed95d9cb64e34d78a4810fa7b606d9090e6401415a84b407279b1d7d4
0c3339066769c1ab8cff3e6419b1cf66d967385e9067b93ae05f7cc442adfdba
0f5c56e6fccc44cda4927612bec3bc88df567e55805707e4d53ea302665b7067
1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512
1282b9e861880ebbaf602cd9e62f94e1e8ffb268c7cc79acc355daf93ddaabb3
17642e2219e0fdf3143e1bff790c32bc067586ea4f13e0f511e1696d0dd71214
1d9a91b98c4d61a2c0d89919072a718fd2cf282df9a3e433b7742d97d27e01b5
221a572436931ffad5f1f2e83443cdcb3e3e3c50253c227b8edac4a522a848e5
29c1cbf7ac28079ca41c9ab293cbad4e7d779aae0cb1c875bca7c73844710d20
2e3c25a4e85905f38cf209555b6bf98a4a67f8f3e91e2409d4a64af6a782b6a1
303e1954f32dec5fbf23b5a2827c64fdc6422b7afd54a8691d95ee953c9f5f1a
315f92161780c8dee1cba4137db09bde9b2d3cdfa62e66bd3f35492cdb0661c7
3328973433524eaa4b0b8c8e621e8f7e54298f0c18aadf213ddeca8ab5991a23
3509bf6d9fcaab79904f80b95cde6b3c5411fbe90e3801c25ba1e14d3edd392a
35210f60f9b183a4b50509cfac68b13208e670453f85c22a9e344f226facb67b
376b936162580acef2fb006d53dfb5be47031613e2b373411e6f3bf35baab7bd
38e8c9dd606feaa5db66532f640c6386c860a649c85ff51ce38f9284333d1fef
397fdb58d6d74b365a3f7b8b2818b83cd3ed98c73dfad0159d5077050cdf95ce
3b081d76f3c7e5f5e2afa2d5676cf8977d7fd1cce6de06942af0956c3a0906c5
3ba556e73fe7084c27a99f57ebdc36f6a06e6d677b33fdee02c7ed265af085f3
3e135805ebe6577028fb25b09a297b7d313379ad079c52b4374f258f31188f9f
3e55e9264cb946bfc827cebf1d1f7085c8268b38ef51d18f84d1c4a10be87b51
404ceb31fffdd082e9b052909987492f7ab2cc16071d5d3b74988eedaf983866
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44631280c5efa920ae3ce373e543d989d9c5baa75b4b2bebf65916bd5b5c9829
44a3c1b04217cc5427e85f1b2cd5840396e4862ecd76c4c999920e00cec8d442
476414fa1315ab3614857a4a4acff8f112667bf97bc8106e83bf5add09345006
47e8bf09cd6d76b9e46274c04450f4ebbb0732705ff71bb1347e6256c630b580
4c18728afd784259d9f58cb89e53a1a9de32a13096a6507ea8662337c40a842d
5388cfb833c6626e5185d691c8fa701a94ec5e8259a23d351a2a3f039258a711
538dadcf074718a9222c26947645cdc3e01f6619e86d0ad481c4df0e6ccc00f9
56cf28c459f6d029e8262cd8cf87e6dedf330afff3742e729953576c94aab494
57ab0e44fd46bda5b175dad72d6d2eb4efc5b817275a0f346aea7b45a711b95d
589615fe4fb715b83513a7854eab31bd2c05cccfc8988ba72dc336ad2233ef9c
598f6a6df3d2cfa5858528c9726108f7c3b855e888f7434797cb183992214849
5f469e028a947468e8e914d041f3a5137b98a1dec4e3bca934a43ea4c27b924a
6310e2f41024e907b2a0f4020f8da68bf1f89969601a5cfef76bdecac61b1453
63d4da719124efb9e1dae853f86f568927a39f36498e422752faae592440dbdb
684b076cb88fa022fe37879ad46be4bbc71864f9c054156ffa6bcd972520fd94
69c640fc7411481ddfce3e87f9c8d4bfc121c5bbeee048c40e457baa0778e2b7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1902bbfc99185970c00b726dd7d93ca930e073b80bba42c7f981e74ee63930
701a2a768e0b69237e169bd9cc615aee20452482d029fd22b7aa2ac79a28ce51
717806500918cf18bc5f98b9b62cab7e3d684917f06ede27c752fb14a2b7c3be
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
786131c7336f090016f4b1d451fcf5f9c423dba8961f7a63f3c655c3f2ed69aa
78bd6ee8a2fce4c0294729fa7db73d0d370298f2f5738b53ecbf229f85171942
78d7ba0f86740c51d5066488370aefbe45e2419ad8493a12c95b282aca9e7a61
80230f7d2b7b85cd7b85e9333acf54d7ddadb1b433f654347e825334aff18f71
81dfdcd201a18edc118a4a57fa07bbdd1da94c525131ac161a9d3c6358694d82
824ba8df70d2602971ac123675a4d02311c1158e69d4597963f979833ee4c77d
830bae4aad821582706cd12ef64c1d5dfd8b03da280213002cf8914fdb372277
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8665666021c96cea85a8e428955679cc38706a90ab218a093d1d1f72ff6db777
86b0885b77280ea96e164e8edb7bdb293771fb6f4eeec5de073edd6a1a976550
88a6f170934f8089cf0416844cf05233a6f80fd6d8b5276e1745e02ac4a67c15
88b6fab9476eff09a650dd87d9f8d8571605336e28cc3a244e2179072013ac66
88d02a35da7f25366e90330e3b82cd2043e8c139249be37ee48dc7837ee92861
8c9de0958940a236b21de58b5d4060f36b0d9f85dba9cf4abfb9068fdd01ca9d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d3f266ef0f03d2cef0b5f5297851a2fc9eb5c5ef9e7e45bb04014f58679ac6
99b8a1f7be671f546b0b78cf5353633f09f2a4ce742d1eaceb70c08d25d5c97a
9aec408f11dbf01d65968b0b6ac966385783b2022bea87dac54894979219c76a
9b5b199b1b931e0444d148281a445ac390cba7a34b2124f4427165220e686f07
9f1fadf61f30a3aadd8ea1c876ccfcff4ca193d2a5e58ae716b81e457557fb89
9f7a5363b6358b78151290c37fdb2f90ba18553cc1e87ce22ddb8ada626303b1
a0e53c666ff2715e7030c18ad78aa919f1868ab4efdb69c3b2337a010148a6b2
a150bb5483cb315d11a809402e98626d9e66a7d2aa1be6afe6cacb55895e4aa6
a1fd186daf9c21430d06435ffd2ca8f96e43702b2d6aebd0523a1429c3f77f5a
a28cbd5e83a77cdf13192f355ccc96341e5eb0db5d5f122d0ed0221240855f31
a2aac6320b1399d98e193000ee859ebcfbb4c29b72939e5770487e385d711101
a357366982569cafed756ddd7f8ea319416aee6b514c88fdc15736d82c0f6291
a63ededc02db05692509d12688ace4b334aeee7d6f0cc6c43adfe2b3fb7fcd4b
a806795d78fa709d99d9fe068429b06ac47b6411f7693b721adf17521f8a6de2
a8984fb76a594c44d1566068d1dc8ec1163ffc9409841e05f7c1e48afdc2f3ef
b6c2a124ee727d27cafbc836ed1de6e2464d5c95f50a31ef1f780b1e09f60ab7
b7a1a3458e1c41c493dd8df0bffb946e83717661069c46060eccef79a9f3892e
ba1af44b38fe68d35c3a7f2f259edf4a3ae97613e8b4eb795a9bd6bed93e3455
bac0f833ae608b89e790c43565163939e0b7202b7ae9d3dade7a01ae84fe4143
bbaad56399d1645d5d61578f506e550d2d6a6ffc83e0c790acd19cb5263469ed
c14d28b61cfdd67f9f52a361e57331b379f22fd3388c353e250ad3aac9b899e0
c3ce73a3a17d7e25f6e46aefa9c2153d09cb4f20a14d407c8f6a10175768cf49
c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a
c56ef88f573697a7f1942be9714c3a3d0bbed32501f3bd814e3ab6c07f657f5c
c5df2407e6ce3e592937c5a95a0954e411c5f1e3d71271116215bfeac0037bcc
c7acb928d90bd0c40eebfc1f403c9daed952b1a10c0251435a6484398303bf66
ca43a84357402328702af8b8e5f290dafeeeac4e18cbb5e2a6762e6e4d9ce21f
cb8d57ee7c5009447f738ab373d31a64358b243d936ae6d998abdb792a02f99f
ccdc303bca1ab049dcf7770ef10119acb549dd918751ec33ea5e8641bd5e2244
d03955f43ba4e03ce378d6d6d3354bbd44e3e0b17a976a4734f29b8d4b09f2ff
d0487df2d251dc66677fad178f71859a9eaadef0999b576e7aca842b829a4275
d062242d8d52402eee46fdeeae777a9904c56ce6cb73ac20d10c6df8e37c03dd
d4797bb7c7f11c7daef73fdcda63295f8d0837d18fbda7f452a0814f5d2b8c17
d7608686174ae08ee6f13822c8354394bdf5dc4cd4e26e05bafcd086f17894a6
d972e389b014712129274a54861c2214c36ed8927bdbfbc5d0c7e17d836283ad
dc3cc4150505a445999c32dadc2d9f6de8234c3208ff159b8f4ef828b9e2f75d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7643d8a8de12ace3b2513fd2c40b77ce9704faccda007d6ec0fdaaefd093f33
ea75e221f18e4b6cff48126e857d536260b6adfdcdfa1ef0991500a554768106
ede56e45a1aaf07e7e0d0ddfffea0e7f88e1543f156fe49d235cb6435b5b3234
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f262c93918e12be57fab092bd9f097e3771bfd97781847555b75f65a6654edc2
f28a9b383157335bf74d3e03893b573d60a67a2e49766e9215d6c3c4cd96dbb7
f3a09ebc4a276a42e26bf432c328dea9ffa111d67234fc5e9ce92d7510e8865a
f55cfc8980a763ff5b9e6b28c54349247a5392c5a33a801bf354d2ec3ad5f36c
f5a18a1f176ca9920c41fb8e84017aecb71fe2ca48e8974f7a009f46e80dc6e0
f6eaeaab44d470212b6ace0f828ec9c55a56cef8f5ebd42fe8bc142917d39ff6
fe416667c8fc4c124dbbb237348517c38e301af638fe34497a9225b2467d043b