heyme.care Open in urlscan Pro
46.17.68.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://heyme.care/
Effective URL:
https://heyme.care/fr
Submission Tags: analytics-framework
Submission: On April 24 via api (April 24th 2023, 10:28:12 pm UTC) from US — Scanned from FR

Summary HTTP 130 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 45 domains to perform 130 HTTP transactions. The main IP is 46.17.68.190, located in France and belongs to PICTIME-AS, FR. The main domain is heyme.care.
TLS certificate: Issued by R3 on March 8th 2023. Valid for: 3 months.

This is the only time heyme.care was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 49	46.17.68.190 46.17.68.190	35012 (PICTIME-AS) (PICTIME-AS)
2	2606:4700:20:... 2606:4700:20::ac43:479f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e0:... 2606:4700:e0::ac40:650a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.241.162.156 34.241.162.156	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.94 65.9.95.94	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.97.248 65.9.97.248	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:440... 2606:4700:4400::6812:2894	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	23.36.162.137 23.36.162.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.29.58.65 52.29.58.65	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.21.52 35.158.21.52	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	54.73.43.225 54.73.43.225	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 2	52.19.94.146 52.19.94.146	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.185.6.68 18.185.6.68	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:bab5:2e60:d0c4:5889	14618 (AMAZON-AES) (AMAZON-AES)
1	104.109.73.198 104.109.73.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.247.37.240 54.247.37.240	16509 (AMAZON-02) (AMAZON-02)
1	54.171.176.224 54.171.176.224	16509 (AMAZON-02) (AMAZON-02)
1	3.140.141.145 3.140.141.145	16509 (AMAZON-02) (AMAZON-02)
130	53

49 46.17.68.190 (France) 1 redirects

ASN35012 (PICTIME-AS, FR)

heyme.care	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479f (United States)

ASN13335 (CLOUDFLARENET, US)

code.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:650a (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.241.162.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-162-156.eu-west-1.compute.amazonaws.com

api.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-94.prg50.r.cloudfront.net

images-static.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-248.prg50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.162.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-137.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.58.65 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-58-65.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.21.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-21-52.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.73.43.225 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.94.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-94-146.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.6.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-6-68.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.255 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:bab5:2e60:d0c4:5889 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.73.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-73-198.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.37.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-37-240.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.176.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-176-224.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.140.141.145 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-141-145.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	heyme.care 1 redirects heyme.care	714 KB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3191 gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686 sslwidget.criteo.com — Cisco Umbrella Rank: 1930 dis.criteo.com — Cisco Umbrella Rank: 941	28 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 x.clarity.ms — Cisco Umbrella Rank: 9293 c.clarity.ms — Cisco Umbrella Rank: 1901	22 KB
6	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7162	119 KB
5	gstatic.com fonts.gstatic.com	61 KB
5	trustpilot.com api.trustpilot.com — Cisco Umbrella Rank: 41688 images-static.trustpilot.com — Cisco Umbrella Rank: 77094	24 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 880	1 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 794	102 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 519 c.bing.com — Cisco Umbrella Rank: 413	15 KB
4	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 ad.doubleclick.net — Cisco Umbrella Rank: 201 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	92 KB
3	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 5613	19 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	248 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 812	879 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1838	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	508 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	877 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	856 B
2	iconify.design code.iconify.design — Cisco Umbrella Rank: 47115 api.iconify.design — Cisco Umbrella Rank: 30538	9 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2576	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 807	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2613	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3632	235 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2806	398 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 976	577 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 987	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1620	878 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2879	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 612	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1151	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1622	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 535	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2185	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1472	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774	587 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 777	358 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 447	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 838	802 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	455 B
1	google.fr www.google.fr — Cisco Umbrella Rank: 10727	455 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	250 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 950	14 KB
130	45

	Domain	Requested by
49	heyme.care	1 redirects heyme.care
6	cookie-cdn.cookiepro.com	www.googletagmanager.com cookie-cdn.cookiepro.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	fonts.gstatic.com	heyme.care
4	tr.snapchat.com	sc-static.net heyme.care
4	analytics.tiktok.com	heyme.care analytics.tiktok.com
4	api.trustpilot.com	heyme.care
3	connect.facebook.net	heyme.care connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com heyme.care
3	ka-f.fontawesome.com	heyme.care
3	www.googletagmanager.com	heyme.care www.googletagmanager.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	x.clarity.ms	www.clarity.ms
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	ad.doubleclick.net	2 redirects
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	dynamic.criteo.com
1	c.bing.com	1 redirects
1	www.facebook.com	heyme.care
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	mug.criteo.com	heyme.care
1	www.google.fr	heyme.care
1	www.google.com	heyme.care
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	heyme.care
1	dynamic.criteo.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	images-static.trustpilot.com	heyme.care
1	api.iconify.design	code.iconify.design
1	code.iconify.design	heyme.care
130	58

This site contains links to these domains. Also see Links.

Domain
www.trustpilot.com
worldpass.heyme.care
moncompte.heyme.care
www.sharelock.co
apps.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
freelance.heyme.care
www.cookiepro.com

Subject Issuer	Validity	Valid
heyme.care R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
iconify.design Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh
api.trustpilot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://heyme.care/fr
Frame ID: 775978BA8DA5504B88229037DEAD802D
Requests: 100 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=heyme.care&origin=onetag
Frame ID: 65954C156266B9A2A52DFE919A32F626
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5e433815-acf6-4e68-8ddc-e397307327cf&u_scsid=ac070b3c-93ec-49db-a95b-12f636bbf9d2&u_sclid=9f2fd738-6482-4dbc-88c5-fcd65b344e0d
Frame ID: 9023FC1742CB33ADB377D58FADE47164
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30
Frame ID: 3C8291D0C46A25F2768FC0C376434FA8
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mutuelle et assurances - étudiant et jeune actif | HEYME Back ButtonFilter Button

Page URL History Show full URLs

https://heyme.care/ HTTP 302
https://heyme.care/fr Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

90 %
HTTPS

32 %
IPv6

45
Domains

58
Subdomains

53
IPs

8
Countries

1478 kB
Transfer

4027 kB
Size

68
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trustpilot.com/review/heyme.care
Title: Lire nos avis

Search URL Search Domain Scan URL

URL: https://worldpass.heyme.care/
Title: Santé à l'étranger

Search URL Search Domain Scan URL

URL: https://moncompte.heyme.care/
Title: Mon espace perso

Search URL Search Domain Scan URL

URL: https://www.sharelock.co/fr/landing-page/assurance-velo-heyme?utm_source=heyme&utm_medium=referral&utm_campaign=site-heyme
Title: Je découvre

Search URL Search Domain Scan URL

URL: https://apps.apple.com/fr/app/heyme-myreduc/id1500311072
Title: MyReduc

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=care.heyme.myreduc&gl=FR
Title: MyReduc

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/mutuelle-heyme/id1519012298
Title: HEYM‪E

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=care.heyme.mobile&hl=es_EC&gl=FR
Title: HEYM‪E

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://heyme.care/blog/les-programmes-dechanges-a-linternational

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://heyme.care/blog/les-programmes-dechanges-a-linternational

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://heyme.care/blog/bon-plan-etudiant-comment-financer-ses-etudes

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://heyme.care/blog/bon-plan-etudiant-comment-financer-ses-etudes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://heyme.care/blog/est-il-possible-dassurer-mon-installation-de-pompe-a-chaleur

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://heyme.care/blog/est-il-possible-dassurer-mon-installation-de-pompe-a-chaleur

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://heyme.care/blog/gaz-hilarant-ou-proto-nouvelle-drogue-alternative-en-vente-libre

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://heyme.care/blog/gaz-hilarant-ou-proto-nouvelle-drogue-alternative-en-vente-libre

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://heyme.care/blog/bien-etre-psychologique-des-etudiants-pendant-la-crise-sanitaire

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://heyme.care/blog/bien-etre-psychologique-des-etudiants-pendant-la-crise-sanitaire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://heyme.care/blog/le-sexting-une-pratique-a-risques-chez-les-jeunes

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://heyme.care/blog/le-sexting-une-pratique-a-risques-chez-les-jeunes

Search URL Search Domain Scan URL

URL: https://twitter.com/HEYME_assurance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HEYME.assurance/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heyme.assurance/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCyhMQoFijvwcPHEs9JYS4sw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/heyme-assurance/

Search URL Search Domain Scan URL

URL: https://freelance.heyme.care/

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://heyme.care/ HTTP 302
https://heyme.care/fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://ad.doubleclick.net/ddm/activity/src=10955306;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=98893849 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=98893849 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=98893849

Request Chain 85

https://gum.criteo.com/sid/json?origin=onetag&domain=heyme.care&sn=ChromeSyncframe&so=0&topUrl=heyme.care&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=t4Zy_nxIUEgzRVljT2xOWWR5WUxnbGp0WCtyTjA4RTlYNUlHRXZVWXpQRFN5cUk2V25ZcjNQdHpKSzdId3NURXlib1R6TjU2UkFFMVUwRXRJbS9WNWJ3QUNXTDU4eDZaeU1oVlZlbndWWjVsZFNWZEdBMWJObXA0SGdTWm5WSVBwbGQ3enFJdzYvSGgwQ1djdTRHVDBSTFdLRXFxR0ZpeUVQakV4NzRuTEFmbGwwVkx5SitYN0RWZDN0aG9RNEtxYk9RVTl1aklvOU5CQlExdWJidStvcjdEN3NxUXUwU2c3Y0lhNXJ0bDVFZ1J3UDZmMUtGeFJtbDd6THM1amx4cGdPbzdEMkVZWHl5UTdTdG41YlVCV0dVWlMyZz09fA&cppv=2

Request Chain 99

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ECF2D8C638B4422F9F0D8EF939CB2E19&RedC=c.clarity.ms&MXFR=24A6B71C943562522CC0A5E190356CFB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECF2D8C638B4422F9F0D8EF939CB2E19&MUID=302CD567CC026CC626E5C79ACD456D09

Request Chain 101

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-IhzC-mgb0qw9xcu2Lo4-d8QKeGvc1hTR7FG3lw&google_cm&google_hm=ay1JaHpDLW1nYjBxdzl4Y3UyTG80LWQ4UUtlR3ZjMWhUUjdGRzNsdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IhzC-mgb0qw9xcu2Lo4-d8QKeGvc1hTR7FG3lw&google_error=15

Request Chain 103

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=266339553188303585

Request Chain 104

https://secure.adnxs.com/setuid?entity=52&code=k-BPxqkmgb0qw9xcu2Lo4-d8QKeGt65Jfi1gvQmg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BPxqkmgb0qw9xcu2Lo4-d8QKeGt65Jfi1gvQmg

Request Chain 112

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-SQd1imgb0qw9xcu2Lo4-d8QKeGvSJlqrNm7jZQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-SQd1imgb0qw9xcu2Lo4-d8QKeGvSJlqrNm7jZQ&verify=true

Request Chain 115

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RiXsIGgb0qw9xcu2Lo4-d8QKeGsPY1UKQNowcQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RiXsIGgb0qw9xcu2Lo4-d8QKeGsPY1UKQNowcQ&C=1

Request Chain 116

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ejg72jxYt5vNO7Q4fyoZrLsw_w1nmRzp HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ejg72jxYt5vNO7Q4fyoZrLsw_w1nmRzp

Request Chain 118

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ITGx8Wgb0qw9xcu2Lo4-d8QKeGvgz7Q35rBatQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ITGx8Wgb0qw9xcu2Lo4-d8QKeGvgz7Q35rBatQ

Request Chain 126

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OpKgBmqJxthLKijDrSH7zsqrWJ2lcMMT

Request Chain 127

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jdzm2G37LFimsZfM4ZO0SGap8MeiIEqR

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request fr Show response
heyme.care/
Redirect Chain

https://heyme.care/
https://heyme.care/fr

58 KB
12 KB

733ms
732ms

Document
text/html

46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9297603878778d40036a400449ce2b851eac6c2675ee69b8fb7a8411e525348c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Apr 2023 22:28:06 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Apr 2023 22:28:06 GMT
Location: https://heyme.care/fr
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Language

GET
H/1.1 200
OK d7fa5ebc58.js Show response
heyme.care/fonts/fontawesome/ 11 KB
4 KB 65ms
21ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/fonts/fontawesome/d7fa5ebc58.js
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8314e5c801500a52fe0bf7192d71fc44858dc393a9c99f12b400c20b8dcf669d

Request headers

Referer: https://heyme.care/fr
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-2a70"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK montserrat-font.css
heyme.care/css/ 7 KB
1006 B 28ms
21ms Stylesheet
text/css 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/css/montserrat-font.css
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 91b6cd4ec8409b95ec4a72ab56631a657262b02ad3111702614b2cb03604205e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:26 GMT
Server: nginx
ETag: W/"64404c1a-1a94"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK style.css
heyme.care/dist/ 660 KB
87 KB 65ms
37ms Stylesheet
text/css 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: db16b7beb5d086a0c09b3585ab6965898adba4fe28fc9e5ef03b41d8479d672a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:26 GMT
Server: nginx
ETag: W/"64404c1a-a4fc1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK polyfills.js Show response
heyme.care/dist/ 163 KB
41 KB 132ms
131ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/dist/polyfills.js?id=470e7d1be540ae576079
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: e18ce979ecec331391da6c6115342ce1b4b1e635286b18e67ede1891abad1a58

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:26 GMT
Server: nginx
ETag: W/"64404c1a-28ad6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK jquery-3.6.1.min.js Show response
heyme.care/js/ 88 KB
31 KB 82ms
40ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/js/jquery-3.6.1.min.js
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-15e40"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H2 200 iconify.min.js Show response
code.iconify.design/1/1.0.6/ 22 KB
9 KB 170ms
26ms Script
application/javascript 2606:4700:20::ac43:479f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.iconify.design/1/1.0.6/iconify.min.js
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:479f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04bc8b7d0919b4a79f9656fe8c1fd04385d8e3064307da56fd6687802cc8d66f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: 578fde0ed688893f7ff5308832dba61514c9db9e
date: Mon, 24 Apr 2023 22:28:07 GMT
via: 1.1 varnish
content-encoding: br
expires: Wed, 19 Apr 2023 07:11:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360
x-cache: HIT
x-proxy-cache: HIT
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Wed, 19 Apr 2023 07:01:12 GMT
server: cloudflare
x-github-request-id: 3C82:60C1:241433A:2570F85:643F92E2
x-timer: S1681887998.386925,VS0,VE1
etag: W/"643f91b8-596e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWP%2FXQ%2B1rhSv%2FdKY0MpKn7KcySgpC3w14pSWMXGM1RohQJk9aEuMOzNXgPa2SwC4g7MZnffyvad%2BrzNuCEJs0lty8qJf5UzptFcI6MNHep5DfSaA2zf5VEAAhXk1ALygPbiqkL%2FgU711NgX%2FB%2Fpp37I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-origin-cache: HIT
cf-ray: 7bd1c709a9260471-CDG
x-cache-hits: 1

GET
H/1.1 200
OK glider.css
heyme.care/glider/ 3 KB
1 KB 78ms
37ms Stylesheet
text/css 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/glider/glider.css
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6a1ea65757ebb6d4a49100c6bc1e8ada0a0ad2b6e7214c02b7281c8d04f6142

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-b12"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK glider.js Show response
heyme.care/glider/ 14 KB
5 KB 122ms
120ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/glider/glider.js
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9092e976e1d1f0d62f8187e5f78af414f97e4f162a6892f66f601d2af6391a2c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-39e6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK glider-style.js Show response
heyme.care/glider/ 728 B
1 KB 120ms
118ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/glider/glider-style.js
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 77b8798a2e989038582bb775aa649184de9b0fdff433f0012a6fadf2141881de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-2d8"
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK jquery.matchHeight-min.js Show response
heyme.care/js/ 3 KB
2 KB 121ms
119ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/js/jquery.matchHeight-min.js
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-d34"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK trustpilot_logo.svg
heyme.care/img/ 4 KB
2 KB 121ms
119ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/trustpilot_logo.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 860f3d82e7c3fa3faf23f9b8ac369a5afad68f2d8de1c18fc78de511c6ab6126

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-104e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK stars-4.5.svg
heyme.care/img/ 2 KB
1 KB 114ms
114ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/stars-4.5.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 73a1c6c79f0b1fb25e3b2d45c57a289dc0bece93f64438241b1633634007b920

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-73c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK logo.png
heyme.care/img/ 3 KB
3 KB 77ms
22ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/logo.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: aa19b4449345ee0aa17517017820869f7e6dfcd3d5e4cdf1fd7b913b2fa23f34

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-b74"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2932
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK liberte.jpg
heyme.care/img/ 51 KB
51 KB 23ms
22ms Image
image/jpeg 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/liberte.jpg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 18d1e38e7b419ddec1e902fd87e07291269baa3251fb3b88bad93693c5319b6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-cc7e"
Content-Type: image/jpeg
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52350
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK app_store_ico.svg
heyme.care/img/ 3 KB
1 KB 23ms
22ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/app_store_ico.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: bd0757aea11c67940face583702a6c4ad0c240c0443d6e6fae996fd25ce5a10a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-c53"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK play_store_ico.svg
heyme.care/img/ 3 KB
1 KB 21ms
20ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/play_store_ico.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1ae66882f1c1659b0d5155e5bf455789236da52b22410b690e87e7faf1870fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-c6f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK stripes-y.svg
heyme.care/img/ 931 B
1 KB 21ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/stripes-y.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9bf4617e95b979bcdb74af106d47cfd98da9cebd31ad06b3a1657a43ced79031

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-3a3"
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 931
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK logo-trustpilot-dark.svg
heyme.care/img/ 3 KB
2 KB 21ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/logo-trustpilot-dark.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: de43891e0ad98c43def22d6091343cb8ac3a4a884e8ef59e7e8858c8cf4a43e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-de8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK avatar.jpg
heyme.care/img/ 2 KB
2 KB 23ms
22ms Image
image/jpeg 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/avatar.jpg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 12cabedb7a47497b0884d4d423c704b711fca4e5983e8e08fc90b7c0e8895a84

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-821"
Content-Type: image/jpeg
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2081
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
99 KB 223ms
58ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3a78cefaf89b289d46111fbd1d58cd031ae6fc3c240bc4550f542ae620b15d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100614
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 21:41:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK scripts.js Show response
heyme.care/dist/pages/home/ 5 KB
2 KB 21ms
20ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/dist/pages/home/scripts.js?id=73be76b841ef26a75580
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 546c290933c2a472a16c50d5942a41406092130161888cda63f4174ebb861395

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:26 GMT
Server: nginx
ETag: W/"64404c1a-157e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK cancel.png
heyme.care/img/ 706 B
1 KB 22ms
21ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/cancel.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3a049a575d10854dd31cafeaff54678e8cef243610c50d00012bd132a1e6c069

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-2c2"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 706
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK logo_heyme.svg
heyme.care/img/ 2 KB
1 KB 20ms
20ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/logo_heyme.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 65623c1f8b15de13fcd9030bdf979a1edc9fd29032a1d0819d0e9a26716924ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-8bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK logo_freelance_heyme.svg
heyme.care/img/ 6 KB
2 KB 22ms
22ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/logo_freelance_heyme.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 31927e5fbeca61e8d2f1dfdf0ab5d308b8ddfa19fe9ad5afeb5a5661a38a1027

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-1848"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK logo_worldpass_heyme.svg
heyme.care/img/ 4 KB
2 KB 21ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/logo_worldpass_heyme.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4aae9188bf47e87a45899002305678b807687116269a555881db44c200eecbc7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-1068"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK global.js Show response
heyme.care/dist/ 118 KB
26 KB 33ms
33ms Script
application/javascript 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/dist/global.js?id=dbb7e34436e251bd47f2
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3de1004793c837817c2cfadc2ec8b8321d6326b3568f8600065522c98c762ed5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:26 GMT
Server: nginx
ETag: W/"64404c1a-1d65b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 183ms
127ms Fetch
text/css 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=d7fa5ebc58
Requested by: Host: heyme.care
URL: https://heyme.care/fonts/fontawesome/d7fa5ebc58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
via: 1.1 2fafb26bfb5e0420de152a7abef27a44.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR52-C1
age: 12149339
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8DrSwf6Q4VyAwb541IHTb%2B%2Br8QmjsmG1PhNCWNj6DLWiIeLcot%2B%2FPz3fmVcTVFljwNGjo4z%2FOxsWpiXDtHWWh1Po55NwENvbKqUSyVCDlJs1X37wxjYKgmxRdbYUxTp2AKmQXPTPzn3qyH47PSjSgSqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7bd1c708bd0823ad-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JS04_BvA038bENC4dlrKWcX0hVk9IZrfRQwj-xrzROrCQ5aQjen_ow==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
5 KB 184ms
128ms Fetch
text/css 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=d7fa5ebc58
Requested by: Host: heyme.care
URL: https://heyme.care/fonts/fontawesome/d7fa5ebc58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
via: 1.1 81bc7853cdca941dddd27cd956741044.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR61-P1
age: 7566719
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoD2Q4QjQQAZ6QRqbpdD%2BmVrmXPbCL6ey3n6SBb8G8umcPq8jVa1XPXrpWtoDOrQcusB7IwW%2FjPk8j%2BFF8pDGZcMZQI0qPETpiaTRNMttthbkB3FkGC08rHq6Sbf4TDLmjWUumsySN%2For2UHHGAFLWrnlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7bd1c708bd0b23ad-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: W8u-Gtg1jcoqeMLkbq8__4LuxJtTjgI6VtI7x9VxuXzImR_9a8FM-g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
2 KB 182ms
126ms Fetch
text/css 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=d7fa5ebc58
Requested by: Host: heyme.care
URL: https://heyme.care/fonts/fontawesome/d7fa5ebc58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
via: 1.1 b843f2290b653c1211ab5a109d36c56e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR61-P1
age: 7566719
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeM44a4GFVPtksX1%2B%2FKgXNzexYnpg%2FobT9gstyEgd6Eq1sS%2BKuseaH00%2BJQL31AMUGeIMaMHhd%2FfgGpSNWQiRNLOcvZzhsLiHhx0J9t4FVEoQ0G%2BAGDcl2%2BehU76qZFBrwsBkxe8Q4tiXZ%2F9696tsAMtFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7bd1c708bd0c23ad-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ls-3E8RJnm3kgC0JM_Q5Evkrm9HVQXMqUAMb91J5BO5S-VAs2HDZKQ==

GET
H/1.1 200
OK reviews Show response
api.trustpilot.com/v1/business-units/5dd6e1a93767b500010127d0/ 17 KB
17 KB 228ms
68ms XHR
application/json 34.241.162.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustpilot.com/v1/business-units/5dd6e1a93767b500010127d0/reviews?apikey=nqKSTGxLW4ne8AcYbJhD8OGZS8lYdPYB&stars=4,5&perPage=10
Requested by: Host: heyme.care
URL: https://heyme.care/js/jquery-3.6.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.241.162.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-162-156.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 57a95d1cecf0404a43fd295d85edf20f800dd4d426bdf5cc35b82d167e56b1df

Request headers

Accept: */*
Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
ETag: W/"4209-FYC6szI48eJRU3T9YS0V9m6Tyt8"
X-Powered-By: Express
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, POST, PUT, PATCH
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Authorization
Cache-Control: no-cache
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Length, Content-Type, Host, Origin, User-Agent, ApiKey, X-Requested-With
Content-Length: 16905
Expires: Mon, 24 Apr 2023 22:50:07 GMT

GET
H/1.1 200
OK circleYellow.svg
heyme.care/img/ 1 KB
1 KB 77ms
22ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/circleYellow.svg
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: db7576c65eff58dea63dd1bd5e96d826b52cade1d1f56baf0ee189752bfa221b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-56e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK stripes-x.svg
heyme.care/img/ 883 B
1 KB 75ms
20ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/stripes-x.svg
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: a537c8cb870a938f351b95c1598c17e06d83d6c4b37a8bec6f99ae5382690efd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-373"
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 883
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK circleRed.svg
heyme.care/img/ 1 KB
1 KB 76ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/circleRed.svg
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7b0b7d31684426fb448e415031ff6094ccde794a619270b1c11c6c8515e22e9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-525"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK circleBlue.svg
heyme.care/img/ 2 KB
1 KB 76ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/circleBlue.svg
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1c352e51df67240ac5ba80e7c0d0c1f9003dce1815bb0be1e264c5203c40d68b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-6b0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK dotted-line.png
heyme.care/img/ 1 KB
2 KB 22ms
21ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/dotted-line.png
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f2dfdd1b8be3cca06d56e00d6e7f076eb9985bf68a9714ecbc6adc3bcecfef2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-57a"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1402
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK H_HEYME.svg
heyme.care/img/ 2 KB
1 KB 21ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/H_HEYME.svg
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: c55a46f1aa9ebd46ea6b114aef327a4ac3daa54c4d6ec4559bbdfdca48ea2af9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-870"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 175ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

Requested by

Host: heyme.care
URL: https://heyme.care/css/montserrat-font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heyme.care/
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:50:20 GMT
x-content-type-options: nosniff
age: 193067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 16:50:20 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 205ms
57ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: heyme.care
URL: https://heyme.care/css/montserrat-font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heyme.care/
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:44:44 GMT
x-content-type-options: nosniff
age: 193403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 16:44:44 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 13 KB
13 KB 200ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2

Requested by

Host: heyme.care
URL: https://heyme.care/css/montserrat-font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heyme.care/
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:28:02 GMT
x-content-type-options: nosniff
age: 194405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 16:28:02 GMT

GET
H/1.1 200
OK heyme.ttf
heyme.care/fonts/ 12 KB
12 KB 126ms
21ms Font
application/octet-stream 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://heyme.care/fonts/heyme.ttf?qhxwd9
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4fa4f12e4ab964a19a19f95e0ccd31aec3db36066194868b99576d5ae6621684

Request headers

Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-2f00"
Content-Type: application/octet-stream
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12032
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
12 KB 179ms
32ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2

Requested by

Host: heyme.care
URL: https://heyme.care/css/montserrat-font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heyme.care/
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:17:45 GMT
x-content-type-options: nosniff
age: 234622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12580
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:58:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:17:45 GMT

GET
H/1.1 200
OK homme.png
heyme.care/img/ 23 KB
23 KB 75ms
21ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/homme.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 43121ca41b078b6716972cf39738dbcb79cf95de1219208f9073cec5770c1f72

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-5aeb"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23275
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK parapluie.png
heyme.care/img/ 14 KB
14 KB 76ms
22ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/parapluie.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 11c81ac61f9393477c88527c88b8c634fdac9a1867585325643b243f313d6e69

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-3890"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14480
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK globe.png
heyme.care/img/ 24 KB
25 KB 74ms
20ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/globe.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5a9621597ac0676192b1dcb26df47a8028b8be418d0e01ace89031b71d8c456e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-6184"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24964
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK H.svg
heyme.care/img/ 2 KB
1 KB 21ms
20ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/H.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7e3ef3853330135765393d0366353c46425894f5166b10001018a40eaca7fbed

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-80a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK heyme_protege.jpg
heyme.care/img/ 38 KB
39 KB 21ms
21ms Image
image/jpeg 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/heyme_protege.jpg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8bef9ed19c08ad5a4d36f9b8775697bf5d7f0eb4878b8f5f520552fd5c4c03dc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-9977"
Content-Type: image/jpeg
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39287
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK laptop.png
heyme.care/img/ 10 KB
11 KB 21ms
21ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/laptop.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d8e8b4d67040b160dfbbd8884a0d4641ff964b6bd82d5a8706af1882116a718

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-28fe"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10494
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK heyme_couvre.jpg
heyme.care/img/ 40 KB
41 KB 20ms
20ms Image
image/jpeg 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/heyme_couvre.jpg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 17c83f2d0902d903a53f7682702ecf36ae1783d6309bb668c1dc261925c402ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-a1ba"
Content-Type: image/jpeg
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41402
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK billets.png
heyme.care/img/ 15 KB
15 KB 23ms
23ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/billets.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: e03eb1f5dcb91d227b6a9f6e27d2798305ea38782958c489376379c5c720fbff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-3bec"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15340
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK heyme_sadapte.jpg
heyme.care/img/ 78 KB
79 KB 20ms
20ms Image
image/jpeg 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/heyme_sadapte.jpg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: ab03b2509a4aa060793069dbcb1fca25f003202df6ad78d3afd262eea1bf224a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-13970"
Content-Type: image/jpeg
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80240
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK maison.png
heyme.care/img/ 11 KB
11 KB 22ms
21ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/maison.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59819d0843990bf9028d5f36278816d510b411a96c1b2201f89d4ae32c08b5ab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-2b5d"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11101
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK george.png
heyme.care/img/ 19 KB
20 KB 21ms
20ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/george.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2617d9b3b4793165b25cd9a70202872318c92284f5775edbdbcd3255969b705f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-4cac"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19628
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK Medecin.png
heyme.care/img/ 43 KB
43 KB 20ms
20ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/Medecin.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 14f2cb6379b1d286cc86253ac23855b3ce8c5a62b8e9d5d140da36dcfed41728

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-aabf"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43711
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK kevin.png
heyme.care/img/ 20 KB
20 KB 21ms
20ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/kevin.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4b658851ee86730373a798520595e70be1c1df18cd75595c39a6d8e6d676c117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-5034"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20532
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK 5dd6e1a93767b500010127d0 Show response
api.trustpilot.com/v1/business-units/ 920 B
2 KB 97ms
37ms XHR
application/json 34.241.162.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustpilot.com/v1/business-units/5dd6e1a93767b500010127d0?apikey=nqKSTGxLW4ne8AcYbJhD8OGZS8lYdPYB
Requested by: Host: heyme.care
URL: https://heyme.care/js/jquery-3.6.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.241.162.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-162-156.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: ce4eb0acd69ee10aaa6217a1671f96cffca6aa78f4f70c2769d37445e564c67e

Request headers

Accept: */*
Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
ETag: W/"398-pIie1TAf9AxOix3CsK/MRCaAfwM"
X-Powered-By: Express
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, POST, PUT, PATCH
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Authorization
Cache-Control: no-cache
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Length, Content-Type, Host, Origin, User-Agent, ApiKey, X-Requested-With
Content-Length: 920
Expires: Mon, 24 Apr 2023 22:50:07 GMT

GET
H/1.1 200
OK Sharelock.png
heyme.care/img/ 65 KB
66 KB 37ms
20ms Image
image/png 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/Sharelock.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 826f47dab4ac0f7d1936bd582b0631378f34cdfa0141ba4ba0a09583ac3d6507

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-10546"
Content-Type: image/png
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66886
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK close_announcement.svg
heyme.care/img/ 565 B
929 B 44ms
21ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/close_announcement.svg
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 42a7d6ad93001d50e13b008da33ed1f98f870933aa5b86085d45272f163092b5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: "64404c1b-235"
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 565
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H/1.1 200
OK 4.5 Show response
api.trustpilot.com/v1/resources/strings/stars/ 51 B
687 B 35ms
35ms XHR
application/json 34.241.162.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustpilot.com/v1/resources/strings/stars/4.5?apikey=nqKSTGxLW4ne8AcYbJhD8OGZS8lYdPYB&locale=fr-FR
Requested by: Host: heyme.care
URL: https://heyme.care/js/jquery-3.6.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.241.162.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-162-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6e1043c9cc4c2eef499149d40d95ce6ec5cb608bbf3dbaa05de6e877e62fe8d6

Request headers

Accept: */*
Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
etag: W/"33-og7K95SNx53+56r7vMPcPvPH/4k"
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, POST, PUT, PATCH
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: no-cache
Vary: Authorization
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Length, Content-Type, Host, Origin, User-Agent, ApiKey, X-Requested-With
Content-Length: 51
expires: Mon, 24 Apr 2023 22:49:22 GMT

GET
H/1.1 200
OK 4.5 Show response
api.trustpilot.com/v1/resources/images/stars/ 420 B
1 KB 40ms
32ms XHR
application/json 34.241.162.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustpilot.com/v1/resources/images/stars/4.5?apikey=nqKSTGxLW4ne8AcYbJhD8OGZS8lYdPYB
Requested by: Host: heyme.care
URL: https://heyme.care/js/jquery-3.6.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.241.162.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-162-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9db7a516240169a14f57261a802dc6f7b0005799b3ab6145d4272229a49d6ca9

Request headers

Accept: */*
Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
etag: W/"1a4-+Wjt8ga8RH9BqFz0lvKAlB1+5oI"
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, POST, PUT, PATCH
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: no-cache
Vary: Authorization
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Length, Content-Type, Host, Origin, User-Agent, ApiKey, X-Requested-With
Content-Length: 420
expires: Mon, 24 Apr 2023 22:43:28 GMT

GET
H/1.1 200
OK stripes-card-trustpilot.svg
heyme.care/img/ 1 KB
839 B 20ms
20ms Image
image/svg+xml 46.17.68.190
PICTIME-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heyme.care/img/stripes-card-trustpilot.svg
Requested by: Host: heyme.care
URL: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.17.68.190 , France, ASN35012 (PICTIME-AS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7d46a15c738d2378dc043d25d2ae1118eb82d682e96bf7e1ee2b23180d91da15

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/dist/style.css?id=6bdf13dbf925c21c072a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 20:16:27 GMT
Server: nginx
ETag: W/"64404c1b-470"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Wed, 26 Apr 2023 22:28:07 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w3aXpsog.woff2
fonts.gstatic.com/s/montserrat/v25/ 10 KB
10 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w3aXpsog.woff2

Requested by

Host: heyme.care
URL: https://heyme.care/css/montserrat-font.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302076a082729684ed3c93fdc38b63fbb0143b59dea03a0a8a32948225d6d117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heyme.care/
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:48:52 GMT
x-content-type-options: nosniff
age: 189555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10456
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:48:52 GMT

GET
H2 200 icomoon-free.js Show response
api.iconify.design/ 416 B
812 B 34ms
25ms Script
application/javascript 2606:4700:20::ac43:479f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iconify.design/icomoon-free.js?icons=linkedin
Requested by: Host: code.iconify.design
URL: https://code.iconify.design/1/1.0.6/iconify.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:479f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ea9caca703ad8855b4d883d87e768c2e11b1022cb314f1ef79573c156dbfc3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 540613
cross-origin-resource-policy: cross-origin
last-modified: Tue, 18 Apr 2023 16:17:54 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npE8wd8Hw4WKjN3ISW3Cx37Kr3kLhA%2FSEqFFWnjzEo4iGL6%2FYIQD3C45mg72M0Q2NjdKukn2373AqOFfer9VgjavGc%2Frynp7BiTOukbrTgZaorNyvaqZha3RNwaIkBDfDehmF3kqfY8s%2FrQxYE2RmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, min-refresh=604800, immutable
vary: Accept-Encoding
cf-ray: 7bd1c70ac9d00471-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding

GET
H2 200 256x48.png
images-static.trustpilot.com/api/stars/4.5/ 3 KB
3 KB 110ms
32ms Image
image/png 65.9.95.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-static.trustpilot.com/api/stars/4.5/256x48.png
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-94.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01447551f68616473b31195ef8ac08fc2d929b70c0569ffcb32aa14f12a8a0bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:48:17 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jul 2019 08:10:05 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 67191
x-amz-server-side-encryption: AES256
etag: "99d2916339394a5d8a334b7fc168a012"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2958
x-amz-cf-id: oYdyocEgu_9tzcm3rbJaljkJivihTrzlc5KOyf95J57ixlXvNTAbIw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
84 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6WC0VWYZ0T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

302d856ea7aa6660ffbdd475b74a0a863f8bed4bc353d822922c6b1b593eb02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 22:28:07 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726691576/ 3 KB
2 KB 138ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726691576/?random=1682375287547&cv=11&fst=1682375287547&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fheyme.care%2Ffr&hn=www.googleadservices.com&frm=0&tiba=Mutuelle%20et%20assurances%20-%20%C3%A9tudiant%20et%20jeune%20actif%20%7C%20HEYME&auid=1796853754.1682375288&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3578e30302ecd7dadfb87deb8c0b20001a8ccd2f4a6490f4092bf9b3ab1077e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 91ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 24 Apr 2023 22:28:07 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 312DD33273E54D0F9FAE0C030468C7A4 Ref B: PAR02EDGE0916 Ref C: 2023-04-24T22:28:07Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H2 200 scevent.min.js Show response
sc-static.net/ 31 KB
14 KB 138ms
61ms Script
application/javascript 65.9.97.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-97-248.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: gzip
via: 1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13611
x-amz-cf-id: s_XlAu83ytN4w08b8dXk6IBxTXwgJ408QYrJp4nrpKhQEa4aj1wV4w==

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 88ms
33ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: +GAQ9uZzuyMATxU6dGRBFA==
age: 63528
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 01:29:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 265cb68e-301e-0026-546a-687055000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd1c70bacb0027e-CDG
expires: Tue, 25 Apr 2023 22:28:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 82ms
25ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 22:28:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tZZVllz1IU3ON47Lgb5lCiT36obkSVflR1Nq3VawXL8eX/I9dDSfVce6iIkW51DXaqjSumQHFfL0o8Zr7d62zw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 202ms
120ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC6UKMJC77UBI707LNT0&lib=ttq
Requested by: Host: heyme.care
URL: https://heyme.care/fr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e24babab9ffef40e766ade94bd0b1ce0a271b284d86a317387f200b8fb0c1d52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: c6e596e2.37b61c3a
date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 92,23.36.160.137
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=4, inner; dur=2
content-length: 1540
pragma: no-cache
server: nginx
x-tt-logid: 20230424222807ED74ABA4BD027F11F3DB
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.220.104.7
x-tt-trace-host: 01b5274505c014829f250504ac7341133933c066907223ea264092d68373bed96b76ad1376d7803b5dd5df6febb52cad86575f7ebb5f905dbd7c32f6a259a6d8f7ba25fa82c786963ad06286d5dcbc0a960c67a1adad96aba84e0931eb48e7f2e55b3db4ab42164cfe696df3c2b761991e
expires: Mon, 24 Apr 2023 22:28:07 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 89ms
39ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=101942

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

daad2e3326cc2b6f6daae942a4a2243de446e7ae3a2f2f0b67a4c785f50996b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2

200

src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10955306;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord...
https://ad.doubleclick.net/ddm/activity/src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
https://adservice.google.com/ddm/fls/z/src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...

42 B
401 B

139ms
65ms

Image
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=98893849

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=10955306;dc_pre=CNH3mavIw_4CFcmimgod4z0N5w;type=invmedia;cat=lvspi0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?gtmcb=98893849
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 68ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6WC0VWYZ0T&gtm=45je34j0&_p=1670979883&gcs=G10-&cid=1166040026.1682375288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682375287&sct=1&seg=0&dl=https%3A%2F%2Fheyme.care%2Ffr&dt=Mutuelle%20et%20assurances%20-%20%C3%A9tudiant%20et%20jeune%20actif%20%7C%20HEYME&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WC0VWYZ0T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heyme.care
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 137025396.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 116ms
116ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137025396.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52ca3f3bca167066459c8727ed2b2d19770603af7a5be5d74dfec3d8d7f3a4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 24 Apr 2023 22:28:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24BD8AB9232A4924BCFAFB8054F1BE2F Ref B: PAR02EDGE0916 Ref C: 2023-04-24T22:28:07Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1498

GET
H2 204 0
bat.bing.com/action/ 0
287 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137025396&tm=gtm002&Ver=2&mid=27b4b16c-1774-4912-badf-9a66dd88f57c&sid=497fb9b0e2ef11edbc829161dc09f188&vid=497fe830e2ef11ed9669af90d5b762ad&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mutuelle%20et%20assurances%20-%20%C3%A9tudiant%20et%20jeune%20actif%20%7C%20HEYME&p=https%3A%2F%2Fheyme.care%2Ffr&r=&lt=1375&evt=pageLoad&sv=1&rn=785828

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 22:28:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B10030A5F60D40A38D3A642EE3E98BA2 Ref B: PAR02EDGE0916 Ref C: 2023-04-24T22:28:07Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d96b515a-0e8a-4886-897f-0eb39917702e.json Show response
cookie-cdn.cookiepro.com/consent/d96b515a-0e8a-4886-897f-0eb39917702e/ 3 KB
2 KB 73ms
30ms XHR
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/d96b515a-0e8a-4886-897f-0eb39917702e/d96b515a-0e8a-4886-897f-0eb39917702e.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

671f9ae3e268183f53761b514b2761f07ff71cfe21996b7ccf84d823288c0431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: F5/S3zOYXyeVGHZ5aUeeRA==
age: 44422
x-ms-lease-status: unlocked
last-modified: Tue, 08 Jun 2021 14:29:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 709c4bfc-e01e-0057-7367-47967e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd1c70c2930d61d-CDG

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
65 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-726691576

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCSH3J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b124ccf247ea20c70b0bbd1d17d39c3bd3cd33042c3baed65fbd98681ed4e620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66866
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 21:41:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 22:28:07 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6595 15 KB
6 KB 63ms
22ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=heyme.care&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heyme.care/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 22:28:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 438305
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 338870473434767 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 137ms
136ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/338870473434767?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82209489f5a8130dc8b54dac2e5d8a69ca5775be5c60a21ed37935572757708a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 22:28:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: BngwUff3+Fo2FZ+Rvg6qR9uTb80eI2XAiBBKDq5d8siYPN3Z1Fj72jltyqZ+jgQr3GAEiHwDXsdRTuFzAdut4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/726691576/ 42 B
455 B 104ms
37ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726691576/?random=1682375287547&cv=11&fst=1682373600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fheyme.care%2Ffr&frm=0&tiba=Mutuelle%20et%20assurances%20-%20%C3%A9tudiant%20et%20jeune%20actif%20%7C%20HEYME&fmt=3&is_vtc=1&random=1477010417&rmt_tld=0&ipr=y

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/726691576/ 42 B
455 B 113ms
37ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/726691576/?random=1682375287547&cv=11&fst=1682373600000&bg=ffffff&guid=ON&async=1&gtm=45He34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fheyme.care%2Ffr&frm=0&tiba=Mutuelle%20et%20assurances%20-%20%C3%A9tudiant%20et%20jeune%20actif%20%7C%20HEYME&fmt=3&is_vtc=1&random=1477010417&rmt_tld=1&ipr=y

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 9023 0
201 B 79ms
26ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=5e433815-acf6-4e68-8ddc-e397307327cf&u_scsid=ac070b3c-93ec-49db-a95b-12f636bbf9d2&u_sclid=9f2fd738-6482-4dbc-88c5-fcd65b344e0d

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://heyme.care/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 24 Apr 2023 22:28:07 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 5e433815-acf6-4e68-8ddc-e397307327cf.js Show response
tr.snapchat.com/config/care/ 149 B
443 B 78ms
26ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/care/5e433815-acf6-4e68-8ddc-e397307327cf.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

3f8bff424adbc1018bd97aff3bc9aa3ba4de85493df35de79f293c3a91c7ed9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://heyme.care/
Origin: https://heyme.care
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://heyme.care
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 p
tr.snapchat.com/ 68 B
303 B 78ms
27ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=5e433815-acf6-4e68-8ddc-e397307327cf&ev=PAGE_VIEW&intg=gtm&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&pl=https%3A%2F%2Fheyme.care%2Ffr&bt=1d53c387&if=false&m_dcl=1374&m_fcps=1212&m_pi=1229&m_pl=0&m_pv=v2&m_rd=1673&m_sl=1665&rf=&trackId=83e07a37-b9a6-47a7-a351-82a8133d6d3a&ts=1682375287712&u_c1=b2332b78-ffae-4f90-bfe5-ecb63aa1baea&u_sclid=9f2fd738-6482-4dbc-88c5-fcd65b344e0d&u_scsid=ac070b3c-93ec-49db-a95b-12f636bbf9d2&v=2.0.0

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.16.0/ 374 KB
76 KB 40ms
40ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 47182
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 01:52:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7311904f-301e-0044-7b67-47b272000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd1c70c7d43027e-CDG
expires: Tue, 25 Apr 2023 22:28:07 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6595
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=heyme.care&sn=ChromeSyncframe&so=0&topUrl=heyme.care&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=t4Zy_nxIUEgzRVljT2xOWWR5WUxnbGp0WCtyTjA4RTlYNUlHRXZVWXpQRFN5cUk2V25ZcjNQdHpKSzdId3NURXlib1R6TjU2UkFFMVUwRXRJbS9WNWJ3QUNXTDU4eDZaeU1oVlZlbndWWjVsZFNWZEdBMWJObXA0SGdTWm...

436 B
658 B

88ms
23ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=t4Zy_nxIUEgzRVljT2xOWWR5WUxnbGp0WCtyTjA4RTlYNUlHRXZVWXpQRFN5cUk2V25ZcjNQdHpKSzdId3NURXlib1R6TjU2UkFFMVUwRXRJbS9WNWJ3QUNXTDU4eDZaeU1oVlZlbndWWjVsZFNWZEdBMWJObXA0SGdTWm5WSVBwbGQ3enFJdzYvSGgwQ1djdTRHVDBSTFdLRXFxR0ZpeUVQakV4NzRuTEFmbGwwVkx5SitYN0RWZDN0aG9RNEtxYk9RVTl1aklvOU5CQlExdWJidStvcjdEN3NxUXUwU2c3Y0lhNXJ0bDVFZ1J3UDZmMUtGeFJtbDd6THM1amx4cGdPbzdEMkVZWHl5UTdTdG41YlVCV0dVWlMyZz09fA&cppv=2

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

00822d54c19adccff0851f22851776c011c7bfa811762004f5b280cb50a73cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1393074
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=t4Zy_nxIUEgzRVljT2xOWWR5WUxnbGp0WCtyTjA4RTlYNUlHRXZVWXpQRFN5cUk2V25ZcjNQdHpKSzdId3NURXlib1R6TjU2UkFFMVUwRXRJbS9WNWJ3QUNXTDU4eDZaeU1oVlZlbndWWjVsZFNWZEdBMWJObXA0SGdTWm5WSVBwbGQ3enFJdzYvSGgwQ1djdTRHVDBSTFdLRXFxR0ZpeUVQakV4NzRuTEFmbGwwVkx5SitYN0RWZDN0aG9RNEtxYk9RVTl1aklvOU5CQlExdWJidStvcjdEN3NxUXUwU2c3Y0lhNXJ0bDVFZ1J3UDZmMUtGeFJtbDd6THM1amx4cGdPbzdEMkVZWHl5UTdTdG41YlVCV0dVWlMyZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 321670
content-length: 0
expires: 0

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 133ms
60ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G10-&gcd=G10-&rnd=181108781.1682375288&url=https%3A%2F%2Fheyme.care%2Ffr&gtm=45be34j0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-726691576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
279 B 27ms
27ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=5e433815-acf6-4e68-8ddc-e397307327cf&ev=PAGE_VIEW&intg=gtm&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&pl=https%3A%2F%2Fheyme.care%2Ffr&bt=1d53c387&if=false&m_dcl=1374&m_fcps=1212&m_pi=1229&m_pl=0&m_pv=v2&m_rd=1733&m_sl=1665&rf=&trackId=b3aa1908-f18f-4e8d-b52c-057b41e636d2&ts=1682375287773&u_c1=b2332b78-ffae-4f90-bfe5-ecb63aa1baea&u_sclid=9f2fd738-6482-4dbc-88c5-fcd65b344e0d&u_scsid=ac070b3c-93ec-49db-a95b-12f636bbf9d2&v=2.0.0

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 main.MTFlZGFkNDkwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 256 KB
69 KB 29ms
29ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC6UKMJC77UBI707LNT0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03904d282a158b60cca5f936ba76aa7777e1070b06de9b59a23732067a965dc2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 37b61ca2
date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023041813460665ADBBEA21079A9C603F
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01325f26bf7677104ef5fadf76d7699c059b26a161ee6b3f9de39615955d0b2d964e7bc8ce9eda07eacb3303684bc8dc609b7c3937f4075fbe589c5700e1731235ee17321d4a0c21a2c65cd7cc5884efc107908a2acfbe14790993f892393f7eec
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 69454

GET
H2 200 137025396 Show response
www.clarity.ms/tag/uet/ 987 B
1 KB 199ms
107ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137025396
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137025396.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fbeb998ab953e6db09a175d912706dfaf75d896bea5d43872a6cdcd69669ed46

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 24 Apr 2023 22:28:07 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0dwJHZAAAAAB3RQoEcR7xRKOp9OJ1NZtSUEFSMDJFREdFMDYxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 fr.json Show response
cookie-cdn.cookiepro.com/consent/d96b515a-0e8a-4886-897f-0eb39917702e/9acafdd8-8d48-4add-a057-a37a2c554a8e/ 62 KB
15 KB 31ms
30ms Fetch
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/d96b515a-0e8a-4886-897f-0eb39917702e/9acafdd8-8d48-4add-a057-a37a2c554a8e/fr.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c7f47d7b41e28401f8ad8c99894fdcf1e6055dc0903f9dd17380413b37982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: QkejDeIOz/o7PwjYTD4u1g==
age: 44422
x-ms-lease-status: unlocked
last-modified: Tue, 08 Jun 2021 14:29:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e3c45705-301e-0009-1f68-477d9e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd1c70ce9bed61d-CDG

GET
H2 200 identify_d1af3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 28ms
27ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_d1af3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 37b61cea
date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230418134607A0585AC8E9DCB45F4F5A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01325f26bf7677104ef5fadf76d7699c059b26a161ee6b3f9de39615955d0b2d96a48b126590c8d42a469d346a3ebdcf2546fdb402fda1826287a317c56ab2508c2457470bda6d05773ac163a0e9d27e2b9047f17e97f14678e2999dd33f56fb70
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30674

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 239ms
239ms Ping
text/plain 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8f25742c.37b61d28
date: Mon, 24 Apr 2023 22:28:08 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 208,23.36.160.137
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=120, inner; dur=117
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230424222807280976ABE0B44AF25D94
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 120,23.220.104.11
x-tt-trace-host: 01b5274505c014829f250504ac7341133933c066907223ea264092d68373bed96b28ce4ca25c6b2a3445fa6f24b35b338891a25b1ae11b222ef3a859c6e7a915bc6a11a6adb42d3c1902c0b2858ab8cbc967cdeb3b22a99eb715573890174e2538dd4f15d79418c957f062114c080a836a
expires: Mon, 24 Apr 2023 22:28:08 GMT

GET
H2 200 otCenterRounded.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/ 9 KB
3 KB 30ms
29ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/otCenterRounded.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: fRJA75J6r2mGFJ+1cXZ3Ag==
age: 44422
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 01:51:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e51bda11-001e-0094-6468-478f24000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd1c70dba75d61d-CDG
expires: Tue, 25 Apr 2023 22:28:07 GMT

GET
H2 200 otPcTab.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/ 58 KB
15 KB 32ms
32ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/otPcTab.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42bdbdeb97cb56c13e38eb263e60d0f3c131c12a41d948133b5637baa1070a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: uIOUQDzsfhrc2v0j31uJCw==
age: 44538
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 01:51:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a88297be-501e-0030-3a68-478682000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd1c70dba77d61d-CDG
expires: Tue, 25 Apr 2023 22:28:07 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
19 KB 24ms
23ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/137025396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: br
last-modified: Mon, 24 Apr 2023 08:17:37 GMT
x-azure-ref-originshield: 0iaRGZAAAAAAm7UaUBzl7T7zcQjDNXON2UEFSMjAxMDMxMDExMDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB449C5D988C98"
x-azure-ref: 0dwJHZAAAAABTbtX1gB6LTLRSbFfz3mNPUEFSMDJFREdFMDYxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e26e81e2-901e-0036-15c4-76a3ab000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 26ms
26ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Apr 2023 22:28:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VA3dX9Vwiht+hMtpHYlrr2OoiL4dVypXQ804lZIuvjFbw3QSf8IFbn0TpqIRkFCIa1HDXR8Hg8ff0uCyNG08mg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 83ms
25ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=338870473434767&ev=PageView&dl=https%3A%2F%2Fheyme.care%2Ffr&rl=&if=false&ts=1682375288070&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmgoogletagmanager&ec=0&o=28&cs_est=true&fbp=fb.1.1682375288069.1032101976&it=1682375287684&coo=false&rqm=GET

Requested by

Host: heyme.care
URL: https://heyme.care/fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Apr 2023 22:28:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
290 B 530ms
210ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heyme.care
Date: Mon, 24 Apr 2023 22:28:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ECF2D8C638B4422F9F0D8EF939CB2E19&RedC=c.clarity.ms&MXFR=24A6B71C943562522CC0A5E190356CFB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECF2D8C638B4422F9F0D8EF939CB2E19&MUID=302CD567CC026CC626E5C79ACD456D09

42 B
443 B

31ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECF2D8C638B4422F9F0D8EF939CB2E19&MUID=302CD567CC026CC626E5C79ACD456D09
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:08 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
server: Microsoft-IIS/10.0
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 181BDA442E9641C69979520DE8A76F19 Ref B: PAR02EDGE0916 Ref C: 2023-04-24T22:28:08Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ECF2D8C638B4422F9F0D8EF939CB2E19&MUID=302CD567CC026CC626E5C79ACD456D09
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 112ms
44ms Script
application/x-javascript 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=101942&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=u3b8VF9seTlvQk5yM3dDWVNXVkZjTXRHRDZRWXFPJTJCWmRoc3JqQkFtSEtGUXAlMkJwQjNQMmsyTkgwZlhZdiUyRnBSM2dUalpGaXBucGdLaXY5TlJ5eE0ySXVDa0V0aSUyQm5tSTRoVE01MkJpaHJlTnJ4Wnd0WlBqU0xNZ2haNXAxR0NMNHRNTVlrYXhhbFRxOWQ2N3BkVXYlMkJMJTJGT0hFQWclM0QlM0Q&tld=heyme.care&dy=1&fu=https%253A%252F%252Fheyme.care%252Ffr&ceid=b6929d7a-54c5-468a-92f1-a9681cdc12cd&dtycbr=65358

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

70eaa1ef41bd1fee4f46bdcbdf2c3c4f09140866e64ae32260654e8ada985cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://heyme.care/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 23322707
timing-allow-origin: *
expires: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 3C82
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30

43 B
345 B

27ms
26ms

Image
image/gif

52.29.58.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30
Protocol: H2
Server: 52.29.58.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-58-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PH4aVmgb0qw9xcu2Lo4-d8QKeGuqu2RBLnJPuw&expires=30
date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3C82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-IhzC-mgb0qw9xcu2Lo4-d8QKeGvc1hTR7FG3lw&google_cm&google_hm=ay1JaHpDLW1nYjBxdzl4Y3UyTG80LWQ4UUtlR3ZjMWhUU...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IhzC-mgb0qw9xcu2Lo4-d8QKeGvc1hTR7FG3lw&google_error=15

43 B
370 B

73ms
22ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IhzC-mgb0qw9xcu2Lo4-d8QKeGvc1hTR7FG3lw&google_error=15

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 149872
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IhzC-mgb0qw9xcu2Lo4-d8QKeGvc1hTR7FG3lw&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3C82
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=266339553188303585

43 B
370 B

76ms
24ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=266339553188303585

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1340158
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 24 Apr 2023 22:28:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.33.144.177; 178.33.144.177; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 46bbdce5-f8a5-407b-b131-ee2ae421a1b6
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=266339553188303585
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 3C82
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-BPxqkmgb0qw9xcu2Lo4-d8QKeGt65Jfi1gvQmg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BPxqkmgb0qw9xcu2Lo4-d8QKeGt65Jfi1gvQmg

43 B
1 KB

24ms
23ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BPxqkmgb0qw9xcu2Lo4-d8QKeGt65Jfi1gvQmg

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 22:28:08 GMT
AN-X-Request-Uuid: 868687b3-48c7-4716-a7c1-890118b10262
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.33.144.177; 178.33.144.177; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 22:28:08 GMT
AN-X-Request-Uuid: ac1c5fba-0b14-4942-b52e-33b9e6506041
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BPxqkmgb0qw9xcu2Lo4-d8QKeGt65Jfi1gvQmg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.33.144.177; 178.33.144.177; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 3C82 61 B
802 B 304ms
228ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xxcHamgb0qw9xcu2Lo4-d8QKeGtGFuKD_8Hcpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 22:28:08 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 24 Apr 2023 22:28:08 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 3C82 0
239 B 185ms
25ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-M6wOomgb0qw9xcu2Lo4-d8QKeGuPRHqTRqxisw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 3C82 0
358 B 106ms
23ms Image
text/plain 35.158.21.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-xG1RCWgb0qw9xcu2Lo4-d8QKeGusYifngV9Xlw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.21.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-21-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 3C82 43 B
587 B 109ms
21ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-bbAEz2gb0qw9xcu2Lo4-d8QKeGsPduCob3vw4A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3C82 0
99 B 110ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-9EzqPmgb0qw9xcu2Lo4-d8QKeGtcZW374NyMxw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20625

GET
H2 200 um
criteo-sync.teads.tv/ Frame 3C82 23 B
172 B 157ms
61ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-DxqbDmgb0qw9xcu2Lo4-d8QKeGv1WYGpbzKP7Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Mon, 24 Apr 2023 22:28:08 GMT
pragma: no-cache
date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 3C82 37 B
140 B 91ms
30ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-SXxkYmgb0qw9xcu2Lo4-d8QKeGu0QEtZC4JDCw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 3C82
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-SQd1imgb0qw9xcu2Lo4-d8QKeGvSJlqrNm7jZQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-SQd1imgb0qw9xcu2Lo4-d8QKeGvSJlqrNm7jZQ&verify=true

0
121 B

31ms
31ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-SQd1imgb0qw9xcu2Lo4-d8QKeGvSJlqrNm7jZQ&verify=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-SQd1imgb0qw9xcu2Lo4-d8QKeGvSJlqrNm7jZQ&verify=true
date: Mon, 24 Apr 2023 22:28:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 3C82 43 B
163 B 149ms
37ms Image
image/gif 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-U6g2-Ggb0qw9xcu2Lo4-d8QKeGspXbYSnc9W3w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
last-modified: Tue, 12 Jul 2016 13:47:50 GMT
server: nginx
accept-ranges: bytes
etag: "5784f506-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 3C82 49 B
235 B 78ms
23ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-KhY34Ggb0qw9xcu2Lo4-d8QKeGsGESzRDauNLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:08 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 3C82
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RiXsIGgb0qw9xcu2Lo4-d8QKeGsPY1UKQNowcQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RiXsIGgb0qw9xcu2Lo4-d8QKeGsPY1UKQNowcQ&C=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RiXsIGgb0qw9xcu2Lo4-d8QKeGsPY1UKQNowcQ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 22:28:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 22:28:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-RiXsIGgb0qw9xcu2Lo4-d8QKeGsPY1UKQNowcQ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3C82
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ejg72jxYt5vNO7Q4fyoZrLsw_w1nmRzp
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ejg72jxYt5vNO7Q4fyoZrLsw_w1nmRzp

42 B
942 B

32ms
31ms

Image
image/gif

54.73.43.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ejg72jxYt5vNO7Q4fyoZrLsw_w1nmRzp

Protocol

HTTP/1.1

Server

54.73.43.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-43-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v047-05d8bf7f2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: C7jAYPFzSEY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v047-052142b3c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7AuniLTURV4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ejg72jxYt5vNO7Q4fyoZrLsw_w1nmRzp
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 3C82 43 B
1 KB 83ms
24ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-cfIlgWgb0qw9xcu2Lo4-d8QKeGu9HblY0u3OTQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 24 Apr 2023 22:28:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3C82
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ITGx8Wgb0qw9xcu2Lo4-d8QKeGvgz7Q35rBatQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ITGx8Wgb0qw9xcu2Lo4-d8QKeGvgz7Q35rBatQ

43 B
449 B

32ms
32ms

Image
image/gif

52.19.94.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ITGx8Wgb0qw9xcu2Lo4-d8QKeGvgz7Q35rBatQ
Protocol: H2
Server: 52.19.94.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-94-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Apr 2023 22:28:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ITGx8Wgb0qw9xcu2Lo4-d8QKeGvgz7Q35rBatQ
access-control-allow-origin: *
date: Mon, 24 Apr 2023 22:28:08 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 3C82 42 B
274 B 79ms
26ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-CxFEB2gb0qw9xcu2Lo4-d8QKeGu9MjGfgPGCjQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 3C82 0
878 B 91ms
24ms Image
text/html 18.185.6.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-54__wWgb0qw9xcu2Lo4-d8QKeGsJCxp53GZmVA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.6.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-6-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 3C82 0
145 B 396ms
94ms Image
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-DzNlAmgb0qw9xcu2Lo4-d8QKeGtJ7ZlEAk34KQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 22:28:08 GMT
Cache-Control: no-cache
X-TraceId: 4681ea74ac554dd34362182eb4d23358
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3C82 42 B
577 B 113ms
31ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-7ztgBWgb0qw9xcu2Lo4-d8QKeGsXhMuwUUli8w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 24 Apr 2023 22:28:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 3C82 43 B
398 B 292ms
91ms Image
image/gif 2600:1f18:612b:4216:bab5:2e60:d0c4:5889
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-1l_ZJmgb0qw9xcu2Lo4-d8QKeGtkJQcrdRj-pg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:bab5:2e60:d0c4:5889 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 24 Apr 2023 22:28:08 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 3C82 0
235 B 115ms
33ms Image
text/plain 104.109.73.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-730ZX2gb0qw9xcu2Lo4-d8QKeGtikBM8hhyvYw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.73.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-73-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 22:28:08 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 23 Apr 2023 22:28:08 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 3C82 0
38 B 148ms
35ms Image
text/plain 54.247.37.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-_p60jmgb0qw9xcu2Lo4-d8QKeGv-JPCED9jO5Q&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.37.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-37-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:28:08 GMT
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3C82
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OpKgBmqJxthLKijDrSH7zsqrWJ2lcMMT

0
338 B

105ms
29ms

Image
text/plain

54.171.176.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OpKgBmqJxthLKijDrSH7zsqrWJ2lcMMT
Protocol: H2
Server: 54.171.176.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-176-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1682375288
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OpKgBmqJxthLKijDrSH7zsqrWJ2lcMMT
date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 725165
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 3C82
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jdzm2G37LFimsZfM4ZO0SGap8MeiIEqR

35 B
268 B

367ms
112ms

Image
image/gif

3.140.141.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jdzm2G37LFimsZfM4ZO0SGap8MeiIEqR
Protocol: H2
Server: 3.140.141.145 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-141-145.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 22:28:09 GMT
x-bt-requestid: 4a4f8560-e2ef-11ed-9b8a-0000ac170312
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jdzm2G37LFimsZfM4ZO0SGap8MeiIEqR
date: Mon, 24 Apr 2023 22:28:08 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 731702
content-length: 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
290 B 103ms
102ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heyme.care/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heyme.care
Date: Mon, 24 Apr 2023 22:28:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 11:21:01	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.heyme.care/	1970-01-20 11:19:42	Name: XSRF-TOKEN Value: eyJpdiI6InVydVg0bVwvUStveVpESzJuZkduZ2RBPT0iLCJ2YWx1ZSI6Ikk0WUU1WmhqOVlXakVMS2x2VXdJVHBud2ZEV3RjZ3E0RCtwNGJXc3ZtQ3Z4d0VoN0Jqb1JYcWVKQk9ydmgrZXEiLCJtYWMiOiJjMGQ0ZDkyMmU2N2NjMTZhNmIzNTZkOWY4ODI0NDE3NTY5Y2IyYjE5NTI3MzBhYTYwOTIyM2I2ZDlhOGQ1NDJjIn0%3D
.heyme.care/	1970-01-20 11:19:42	Name: heyme_session Value: cQNiKnU4RnQHRlir80H3tSzMMfi76p8YXAYz08ai
.heyme.care/	1970-01-20 13:29:11	Name: _gcl_au Value: 1.1.1796853754.1682375288
.heyme.care/	1970-01-20 20:55:35	Name: _ga_6WC0VWYZ0T Value: GS1.1.1682375287.1.0.1682375287.0.0.0
.heyme.care/	1970-01-20 20:55:35	Name: _ga Value: GA1.1.1166040026.1682375288
.heyme.care/	1970-01-20 11:21:01	Name: _uetsid Value: 497fb9b0e2ef11edbc829161dc09f188
.heyme.care/	1970-01-20 20:41:11	Name: _uetvid Value: 497fe830e2ef11ed9669af90d5b762ad
.bing.com/	1970-01-20 20:41:11	Name: MUID Value: 302CD567CC026CC626E5C79ACD456D09
.heyme.care/	1970-01-20 20:49:21	Name: _scid Value: b2332b78-ffae-4f90-bfe5-ecb63aa1baea
.heyme.care/	1970-01-20 20:49:21	Name: _scid_r Value: b2332b78-ffae-4f90-bfe5-ecb63aa1baea
.criteo.com/	1970-01-20 20:41:11	Name: uid Value: 310cafc7-ac17-468b-9002-dd22cbc046c6
.tiktok.com/	1970-01-20 20:41:11	Name: _ttp Value: 2OtMBKpuWZodACUSETpvk9jigHQ
.doubleclick.net/	1970-01-20 20:55:35	Name: IDE Value: AHWqTUm-e1yyiGVbpvnBFY162DVrmVpHzTrJ01Cb3Mn-IgsYZ1DoNw2kGBrRthLrglo
.snapchat.com/	1970-01-20 20:41:11	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRHAQAQEwIrMyPG4ckTmq1B8dj9GsUOF7Sp+MEKmy2RjQvHatd0nCpYHlas//+0H8DIAAAA=
.heyme.care/	1970-01-20 20:41:11	Name: _tt_enable_cookie Value: 1
.heyme.care/	1970-01-20 20:41:11	Name: _ttp Value: fNu7cPsyidtmnRrC6L2QRY8t1K9
.heyme.care/	1970-01-20 20:48:59	Name: cto_bundle Value: u3b8VF9seTlvQk5yM3dDWVNXVkZjTXRHRDZRWXFPJTJCWmRoc3JqQkFtSEtGUXAlMkJwQjNQMmsyTkgwZlhZdiUyRnBSM2dUalpGaXBucGdLaXY5TlJ5eE0ySXVDa0V0aSUyQm5tSTRoVE01MkJpaHJlTnJ4Wnd0WlBqU0xNZ2haNXAxR0NMNHRNTVlrYXhhbFRxOWQ2N3BkVXYlMkJMJTJGT0hFQWclM0QlM0Q
www.clarity.ms/	1970-01-20 20:05:11	Name: CLID Value: 80b16da0be054bf0844db02f48b07a3e.20230424.20240423
.heyme.care/	1970-01-20 20:05:11	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Apr+24+2023+22%3A28%3A08+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=12d284f0-e7ee-4c4e-9567-8a537ba8743c&interactionCount=0&landingPath=https%3A%2F%2Fheyme.care%2Ffr&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0%2CC0002%3A0
.heyme.care/	1970-01-20 20:05:11	Name: _clck Value: 14yedf2\|1\|fb1\|0
.heyme.care/	1970-01-20 13:29:11	Name: _fbp Value: fb.1.1682375288069.1032101976
.c.bing.com/	1970-01-20 11:29:40	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:41:11	Name: SRM_B Value: 302CD567CC026CC626E5C79ACD456D09
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:41:11	Name: MUID Value: 302CD567CC026CC626E5C79ACD456D09
.c.clarity.ms/	1970-01-20 11:29:40	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:19:35	Name: ANONCHK Value: 0
.bidswitch.net/	1970-01-20 20:05:11	Name: tuuid Value: a842bf08-fd43-4569-853b-dc6cfa1b9230
.bidswitch.net/	1970-01-20 20:05:11	Name: c Value: 1682375288
.bidswitch.net/	1970-01-20 20:05:11	Name: tuuid_lu Value: 1682375288
match.sharethrough.com/	1970-01-20 11:29:40	Name: AWSALBCORS Value: pAW4xa+a89MqayhrmekLmQwTsCfhmDVqDYFmDlSD6EtwivsAC3jmteg7Qht2p0lT3ARv9a9OEf9K2ctgIqshvHHFFyvzMa4ZIiiYCD3OGq4E82NFsDwOkVqDp4rg
.smartadserver.com/	1970-01-20 20:49:49	Name: pid Value: 4871767076287931501
.smartadserver.com/	1970-01-20 20:49:49	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 20:06:37	Name: csync Value: 79:k-bbAEz2gb0qw9xcu2Lo4-d8QKeGsPduCob3vw4A
.adnxs.com/	1970-01-20 13:29:11	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2ImHJ5sp9!@wnfH1YdP.dEXlSkiue>k6YRW#A1jAHm=BaeBeHped4(f8jRCAMS6U)U0SC8Ety3B[Mh9B1UP(hw9P-HC_#txp?+[Gdx
.adnxs.com/	1970-01-20 13:29:11	Name: uuid2 Value: 266339553188303585
.demdex.net/	1970-01-20 15:38:47	Name: demdex Value: 75830255780684934583073601823072053908
.dpm.demdex.net/	1970-01-20 15:38:47	Name: dpm Value: 75830255780684934583073601823072053908
.yahoo.com/	1970-01-20 20:05:32	Name: A3 Value: d=AQABBHgCR2QCEOIb1ktPCdIJU1ueGIpAwC8FEgEBAQFTSGRQZAAAAAAA_eMAAA&S=AQAAAqwCRum0oA8px1MZCgBG9JM
.id5-sync.com/	1970-01-20 11:19:35	Name: cf Value:
.id5-sync.com/	1970-01-20 11:19:35	Name: cip Value:
.id5-sync.com/	1970-01-20 11:19:35	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:19:35	Name: car Value:
.id5-sync.com/	1970-01-20 11:19:35	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:19:35	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 20:05:11	Name: IDSYNC Value: 18zh~2b9y
exchange.mediavine.com/	1970-01-20 11:39:44	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%224a145120-e2ef-11ed-865d-d1140b060c0e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:39:44	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224a145120-e2ef-11ed-865d-d1140b060c0e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:39:44	Name: am_tokens Value: %7B%22mv_uuid%22%3A%224a145120-e2ef-11ed-865d-d1140b060c0e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:39:44	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224a145120-e2ef-11ed-865d-d1140b060c0e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:39:44	Name: criteo Value: %7B%22id%22%3A%22k-54__wWgb0qw9xcu2Lo4-d8QKeGsJCxp53GZmVA%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-20 20:05:11	Name: visitor-id Value: 3253768884417788000V10
.media.net/	1970-01-20 12:02:47	Name: data-c-ts Value: 1682375288
.media.net/	1970-01-20 12:02:47	Name: data-c Value: k-xxcHamgb0qw9xcu2Lo4-d8QKeGtGFuKD_8Hcpg~~3
.360yield.com/	1970-01-20 13:29:11	Name: tuuid Value: 406b91b1-be31-4dc8-9084-df4a77b4a05d
.360yield.com/	1970-01-20 13:29:11	Name: tuuid_lu Value: 1682375288
.pubmatic.com/	1970-01-20 12:02:47	Name: KRTBCOOKIE_97 Value: 3385-uid:k-7ztgBWgb0qw9xcu2Lo4-d8QKeGsXhMuwUUli8w&KRTB&23144-uid:k-7ztgBWgb0qw9xcu2Lo4-d8QKeGsXhMuwUUli8w&KRTB&23286-uid:k-7ztgBWgb0qw9xcu2Lo4-d8QKeGsXhMuwUUli8w&KRTB&23287-uid:k-7ztgBWgb0qw9xcu2Lo4-d8QKeGsXhMuwUUli8w
.pubmatic.com/	1970-01-20 12:02:47	Name: PugT Value: 1682375287
.heyme.care/	1970-01-20 11:21:01	Name: _clsk Value: 1odz17y\|1682375288680\|1\|1\|x.clarity.ms/collect
.krxd.net/	1970-01-20 15:38:47	Name: _kuid_ Value: Pg_Jqx4U
.360yield.com/	1970-01-20 13:29:11	Name: um Value: !38,N.ZywrCOMyiM6zTOjEl.G4DZfTjxocVU8Jyg-921Ks5H1vd4OxGqGlfRWu.PBzAZVmsd9MBC,1690151288
.360yield.com/	1970-01-20 13:29:11	Name: umeh Value: !38,0,1744583288,-1
.casalemedia.com/	1970-01-20 20:05:11	Name: CMID Value: ZEcCeDpVJbGfTfbI3C2KFwAA
.casalemedia.com/	1970-01-20 13:29:11	Name: CMPS Value: 3255
.casalemedia.com/	1970-01-20 13:29:11	Name: CMPRO Value: 3255
.tremorhub.com/	1970-01-20 20:05:32	Name: tvid Value: 53107441b96e4430abdd6d0fac57a289
.tremorhub.com/	1970-01-20 12:02:47	Name: tv_UICR Value: k-1l_ZJmgb0qw9xcu2Lo4-d8QKeGtkJQcrdRj-pg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adservice.google.com
analytics.tiktok.com
api.iconify.design
api.trustpilot.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cm.adform.net
cm.g.doubleclick.net
code.iconify.design
connect.facebook.net
contextual.media.net
cookie-cdn.cookiepro.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
heyme.care
ib.adnxs.com
id5-sync.com
images-static.trustpilot.com
ka-f.fontawesome.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
sc-static.net
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.snapchat.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.fr
www.googletagmanager.com
x.bidswitch.net
x.clarity.ms
104.109.73.198
104.111.217.42
141.226.228.48
142.250.181.226
142.250.185.198
162.19.138.119
178.250.1.11
178.250.1.9
178.250.7.11
18.185.6.68
185.255.84.152
185.64.189.110
185.80.39.216
185.86.139.93
2.18.235.93
20.114.190.119
2001:4860:4802:34::36
23.36.162.137
2600:1f18:612b:4216:bab5:2e60:d0c4:5889
2606:4700:20::ac43:479f
2606:4700:4400::6812:2894
2606:4700:e0::ac40:650a
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a02:2638:d::10
2a02:2638:d::d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.140.141.145
3.71.149.231
34.117.157.22
34.241.162.156
35.158.21.52
35.190.43.134
37.157.6.248
37.252.171.21
37.252.171.84
46.17.68.190
52.19.94.146
52.29.58.65
54.171.176.224
54.247.37.240
54.73.43.225
64.202.112.255
65.9.95.94
65.9.97.248
68.219.88.97
69.173.144.139
76.223.111.18
00822d54c19adccff0851f22851776c011c7bfa811762004f5b280cb50a73cc4
01447551f68616473b31195ef8ac08fc2d929b70c0569ffcb32aa14f12a8a0bf
03904d282a158b60cca5f936ba76aa7777e1070b06de9b59a23732067a965dc2
04bc8b7d0919b4a79f9656fe8c1fd04385d8e3064307da56fd6687802cc8d66f
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0f2dfdd1b8be3cca06d56e00d6e7f076eb9985bf68a9714ecbc6adc3bcecfef2
11c81ac61f9393477c88527c88b8c634fdac9a1867585325643b243f313d6e69
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
12cabedb7a47497b0884d4d423c704b711fca4e5983e8e08fc90b7c0e8895a84
14f2cb6379b1d286cc86253ac23855b3ce8c5a62b8e9d5d140da36dcfed41728
17c83f2d0902d903a53f7682702ecf36ae1783d6309bb668c1dc261925c402ca
18d1e38e7b419ddec1e902fd87e07291269baa3251fb3b88bad93693c5319b6a
1ae66882f1c1659b0d5155e5bf455789236da52b22410b690e87e7faf1870fa7
1c352e51df67240ac5ba80e7c0d0c1f9003dce1815bb0be1e264c5203c40d68b
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
2617d9b3b4793165b25cd9a70202872318c92284f5775edbdbcd3255969b705f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
302076a082729684ed3c93fdc38b63fbb0143b59dea03a0a8a32948225d6d117
302d856ea7aa6660ffbdd475b74a0a863f8bed4bc353d822922c6b1b593eb02a
31927e5fbeca61e8d2f1dfdf0ab5d308b8ddfa19fe9ad5afeb5a5661a38a1027
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3578e30302ecd7dadfb87deb8c0b20001a8ccd2f4a6490f4092bf9b3ab1077e1
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9
3a049a575d10854dd31cafeaff54678e8cef243610c50d00012bd132a1e6c069
3de1004793c837817c2cfadc2ec8b8321d6326b3568f8600065522c98c762ed5
3f8bff424adbc1018bd97aff3bc9aa3ba4de85493df35de79f293c3a91c7ed9f
42a7d6ad93001d50e13b008da33ed1f98f870933aa5b86085d45272f163092b5
42bdbdeb97cb56c13e38eb263e60d0f3c131c12a41d948133b5637baa1070a28
43121ca41b078b6716972cf39738dbcb79cf95de1219208f9073cec5770c1f72
43c7f47d7b41e28401f8ad8c99894fdcf1e6055dc0903f9dd17380413b37982d
4aae9188bf47e87a45899002305678b807687116269a555881db44c200eecbc7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b658851ee86730373a798520595e70be1c1df18cd75595c39a6d8e6d676c117
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa4f12e4ab964a19a19f95e0ccd31aec3db36066194868b99576d5ae6621684
52ca3f3bca167066459c8727ed2b2d19770603af7a5be5d74dfec3d8d7f3a4b2
546c290933c2a472a16c50d5942a41406092130161888cda63f4174ebb861395
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a95d1cecf0404a43fd295d85edf20f800dd4d426bdf5cc35b82d167e56b1df
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
59819d0843990bf9028d5f36278816d510b411a96c1b2201f89d4ae32c08b5ab
5a9621597ac0676192b1dcb26df47a8028b8be418d0e01ace89031b71d8c456e
65623c1f8b15de13fcd9030bdf979a1edc9fd29032a1d0819d0e9a26716924ef
671f9ae3e268183f53761b514b2761f07ff71cfe21996b7ccf84d823288c0431
6d8e8b4d67040b160dfbbd8884a0d4641ff964b6bd82d5a8706af1882116a718
6e1043c9cc4c2eef499149d40d95ce6ec5cb608bbf3dbaa05de6e877e62fe8d6
70eaa1ef41bd1fee4f46bdcbdf2c3c4f09140866e64ae32260654e8ada985cd4
73a1c6c79f0b1fb25e3b2d45c57a289dc0bece93f64438241b1633634007b920
77b8798a2e989038582bb775aa649184de9b0fdff433f0012a6fadf2141881de
7b0b7d31684426fb448e415031ff6094ccde794a619270b1c11c6c8515e22e9b
7d46a15c738d2378dc043d25d2ae1118eb82d682e96bf7e1ee2b23180d91da15
7e3ef3853330135765393d0366353c46425894f5166b10001018a40eaca7fbed
82209489f5a8130dc8b54dac2e5d8a69ca5775be5c60a21ed37935572757708a
826f47dab4ac0f7d1936bd582b0631378f34cdfa0141ba4ba0a09583ac3d6507
8314e5c801500a52fe0bf7192d71fc44858dc393a9c99f12b400c20b8dcf669d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860f3d82e7c3fa3faf23f9b8ac369a5afad68f2d8de1c18fc78de511c6ab6126
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bef9ed19c08ad5a4d36f9b8775697bf5d7f0eb4878b8f5f520552fd5c4c03dc
9092e976e1d1f0d62f8187e5f78af414f97e4f162a6892f66f601d2af6391a2c
91b6cd4ec8409b95ec4a72ab56631a657262b02ad3111702614b2cb03604205e
9297603878778d40036a400449ce2b851eac6c2675ee69b8fb7a8411e525348c
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf4617e95b979bcdb74af106d47cfd98da9cebd31ad06b3a1657a43ced79031
9db7a516240169a14f57261a802dc6f7b0005799b3ab6145d4272229a49d6ca9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a537c8cb870a938f351b95c1598c17e06d83d6c4b37a8bec6f99ae5382690efd
aa19b4449345ee0aa17517017820869f7e6dfcd3d5e4cdf1fd7b913b2fa23f34
ab03b2509a4aa060793069dbcb1fca25f003202df6ad78d3afd262eea1bf224a
b124ccf247ea20c70b0bbd1d17d39c3bd3cd33042c3baed65fbd98681ed4e620
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a78cefaf89b289d46111fbd1d58cd031ae6fc3c240bc4550f542ae620b15d3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
bd0757aea11c67940face583702a6c4ad0c240c0443d6e6fae996fd25ce5a10a
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c55a46f1aa9ebd46ea6b114aef327a4ac3daa54c4d6ec4559bbdfdca48ea2af9
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ce4eb0acd69ee10aaa6217a1671f96cffca6aa78f4f70c2769d37445e564c67e
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d5ea9caca703ad8855b4d883d87e768c2e11b1022cb314f1ef79573c156dbfc3
daad2e3326cc2b6f6daae942a4a2243de446e7ae3a2f2f0b67a4c785f50996b5
db16b7beb5d086a0c09b3585ab6965898adba4fe28fc9e5ef03b41d8479d672a
db7576c65eff58dea63dd1bd5e96d826b52cade1d1f56baf0ee189752bfa221b
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de43891e0ad98c43def22d6091343cb8ac3a4a884e8ef59e7e8858c8cf4a43e4
e03eb1f5dcb91d227b6a9f6e27d2798305ea38782958c489376379c5c720fbff
e18ce979ecec331391da6c6115342ce1b4b1e635286b18e67ede1891abad1a58
e24babab9ffef40e766ade94bd0b1ce0a271b284d86a317387f200b8fb0c1d52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e6a1ea65757ebb6d4a49100c6bc1e8ada0a0ad2b6e7214c02b7281c8d04f6142
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fbeb998ab953e6db09a175d912706dfaf75d896bea5d43872a6cdcd69669ed46

heyme.care Open in urlscan Pro 46.17.68.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

90 %HTTPS

32 %IPv6

45 Domains

58 Subdomains

53 IPs

8 Countries

1478 kBTransfer

4027 kBSize

68 Cookies

27 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heyme.care Open in urlscan Pro
46.17.68.190 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

90 %
HTTPS

32 %
IPv6

45
Domains

58
Subdomains

53
IPs

8
Countries

1478 kB
Transfer

4027 kB
Size

68
Cookies

130 HTTP transactions
0 data transactions