Submitted URL: https://click.mail1.alternatif-bien-etre.info/?qs=8f89d7143e9828378227e62b06b4db5c9953e8452e5a61f1851aaa01a56a58ccab672d7fdc0325a01484a3cd864c...
Effective URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Submission: On July 15 via api from BE — Scanned from GB

Summary

This website contacted 40 IPs in 5 countries across 20 domains to perform 163 HTTP transactions. The main IP is 13.32.27.109, located in United States and belongs to AMAZON-02, US. The main domain is edition.totale-sante.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 13th 2024. Valid for: a year.
This is the only time edition.totale-sante.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 161.71.82.92 14340 (SALESFORCE)
1 1 18.66.122.12 16509 (AMAZON-02)
3 18.172.112.2 16509 (AMAZON-02)
8 2600:9000:272... 16509 (AMAZON-02)
1 18.245.31.12 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.224.189.118 16509 (AMAZON-02)
6 2600:1901:0:5... 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
1 18.173.205.68 16509 (AMAZON-02)
22 35.190.14.188 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 2600:1901:0:c... 396982 (GOOGLE-CL...)
1 216.58.206.72 15169 (GOOGLE)
1 52.219.169.83 16509 (AMAZON-02)
8 35.241.3.184 396982 (GOOGLE-CL...)
1 1 13.32.121.82 16509 (AMAZON-02)
3 13.32.27.109 16509 (AMAZON-02)
4 2600:1901:0:2... 396982 (GOOGLE-CL...)
1 108.138.7.43 16509 (AMAZON-02)
5 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a04:4e42:400... 54113 (FASTLY)
5 52.219.75.201 16509 (AMAZON-02)
21 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 18.245.60.79 16509 (AMAZON-02)
5 2600:9000:275... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 18.66.147.100 16509 (AMAZON-02)
2 104.18.11.207 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 18.173.205.129 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 104.45.184.134 8075 (MICROSOFT...)
2 2600:1901:0:1... 15169 (GOOGLE)
1 34.95.108.180 396982 (GOOGLE-CL...)
163 40
Apex Domain
Subdomains
Transfer
47 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 9485
api.usercentrics.eu — Cisco Umbrella Rank: 5947
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 5878
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 16951 Failed
uct.service.usercentrics.eu — Cisco Umbrella Rank: 21375 Failed
371 KB
24 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
21 KB
22 alternatif-bien-etre.info
click.mail1.alternatif-bien-etre.info
image.mail1.alternatif-bien-etre.info
8 MB
10 alternatif-bien-etre.com
curiosity.alternatif-bien-etre.com
la-lettre.alternatif-bien-etre.com
cdn-cs.alternatif-bien-etre.com
cs.alternatif-bien-etre.com
cloud.alternatif-bien-etre.com
alternatif-bien-etre.com
38 KB
8 pubfac.com
cdn-common.pubfac.com
232 KB
7 totale-sante.com
atlas.totale-sante.com
edition.totale-sante.com
cdn-cs.totale-sante.com
cs.totale-sante.com
45 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
a.clarity.ms — Cisco Umbrella Rank: 17945
28 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
108 KB
6 amazonaws.com
pubfac-cdn.s3.amazonaws.com
226 KB
5 pubfac.io
totale-sante-cdn.pubfac.io
475 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
410 KB
4 gstatic.com
fonts.gstatic.com
64 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
88 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
44 KB
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 7072
14 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
128 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
22 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
771 B
1 tsapublications.com
cloud.tsapublications.com
275 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
163 20
Domain Requested by
28 app.usercentrics.eu www.googletagmanager.com
app.usercentrics.eu
la-lettre.alternatif-bien-etre.com
24 fonts.googleapis.com cdn-common.pubfac.com
21 image.mail1.alternatif-bien-etre.info edition.totale-sante.com
12 api.usercentrics.eu app.usercentrics.eu
8 cdn-common.pubfac.com la-lettre.alternatif-bien-etre.com
cdn-common.pubfac.com
edition.totale-sante.com
6 pubfac-cdn.s3.amazonaws.com edition.totale-sante.com
5 totale-sante-cdn.pubfac.io edition.totale-sante.com
5 use.typekit.net edition.totale-sante.com
use.typekit.net
5 www.googletagmanager.com la-lettre.alternatif-bien-etre.com
www.googletagmanager.com
edition.totale-sante.com
4 fonts.gstatic.com fonts.googleapis.com
4 aggregator.service.usercentrics.eu app.usercentrics.eu
3 edition.totale-sante.com la-lettre.alternatif-bien-etre.com
cdn-common.pubfac.com
3 cdnjs.cloudflare.com cdn-common.pubfac.com
cdnjs.cloudflare.com
3 la-lettre.alternatif-bien-etre.com cdn-common.pubfac.com
2 a.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 cs.totale-sante.com cdn-cs.totale-sante.com
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
2 cloud.alternatif-bien-etre.com www.googletagmanager.com
2 widget.trustpilot.com www.googletagmanager.com
2 pagead2.googlesyndication.com www.googletagmanager.com
2 cs.alternatif-bien-etre.com cdn-cs.alternatif-bien-etre.com
2 cdn.jsdelivr.net cdn-common.pubfac.com
1 c.bing.com 1 redirects
1 cloud.tsapublications.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com cdn-common.pubfac.com
1 stackpath.bootstrapcdn.com cdn-common.pubfac.com
1 p.typekit.net use.typekit.net
1 alternatif-bien-etre.com edition.totale-sante.com
1 code.jquery.com edition.totale-sante.com
1 cdn-cs.totale-sante.com edition.totale-sante.com
1 uct.service.usercentrics.eu
1 atlas.totale-sante.com 1 redirects
1 cdn-cs.alternatif-bien-etre.com la-lettre.alternatif-bien-etre.com
1 curiosity.alternatif-bien-etre.com 1 redirects
1 click.mail1.alternatif-bien-etre.info 1 redirects
163 37

This site contains links to these domains. Also see Links.

Domain
www.tsa-publications.com
alternatif-bien-etre.com
Subject Issuer Validity Valid
*.alternatif-bien-etre.com
Amazon RSA 2048 M02
2024-05-11 -
2025-06-08
a year crt.sh
*.pubfac.com
Amazon RSA 2048 M02
2023-10-21 -
2024-11-17
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
upload.video.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
app.usercentrics.eu
GTS CA 1D4
2024-06-04 -
2024-09-02
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03
2024-01-03 -
2025-01-31
a year crt.sh
cloud.alternatif-bien-etre.com
WR3
2024-06-12 -
2024-09-10
3 months crt.sh
api.usercentrics.eu
WR3
2024-06-02 -
2024-08-31
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
*.totale-sante.com
Amazon RSA 2048 M02
2024-01-13 -
2025-02-10
a year crt.sh
aggregator.service.usercentrics.eu
WR3
2024-07-11 -
2024-10-09
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
akamai-san180.exacttarget.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-12-01 -
2024-12-31
a year crt.sh
alternatif-bien-etre.com
Amazon RSA 2048 M03
2024-06-20 -
2025-07-20
a year crt.sh
*.pubfac.io
Amazon RSA 2048 M03
2024-01-13 -
2025-02-09
a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-05-25 -
2024-08-23
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
cloud.tsapublications.com
WR3
2024-06-21 -
2024-09-19
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
consent-api.service.consent.usercentrics.eu
GTS CA 1D4
2024-06-03 -
2024-09-01
3 months crt.sh
uct.service.usercentrics.eu
WR3
2024-05-21 -
2024-08-19
3 months crt.sh

This page contains 3 frames:

Primary Page: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Frame ID: 62AB2FCC7F29CE3619FBC6DE4932B9F2
Requests: 149 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.37.4/cross-domain-bridge.html
Frame ID: C5300EA23EEBFA674DD7493902E01B1E
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.37.4/cross-domain-bridge.html
Frame ID: 33FC277BD44395149F727308660BFF6E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Recevez dès maintenant...

Page URL History Show full URLs

  1. https://click.mail1.alternatif-bien-etre.info/?qs=8f89d7143e9828378227e62b06b4db5c9953e8452e5a61f1851aaa01a56a58ccab672d7f... HTTP 302
    https://curiosity.alternatif-bien-etre.com/add?sourceCode=TSA562390004&email=robin_christiane@yahoo.com&sfId=&walletId=... HTTP 302
    https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b430... Page URL
  2. https://atlas.totale-sante.com/index.html?sfId=&walletId=&re=https%3A%2F%2Fedition.totale-sante.com%2Fabf-d... HTTP 302
    https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <[^>]+class="[^"]*(?:fr-view|fr-box)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

163
Requests

97 %
HTTPS

44 %
IPv6

20
Domains

37
Subdomains

40
IPs

5
Countries

10093 kB
Transfer

13450 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.mail1.alternatif-bien-etre.info/?qs=8f89d7143e9828378227e62b06b4db5c9953e8452e5a61f1851aaa01a56a58ccab672d7fdc0325a01484a3cd864c86ad6e00fc420c42e56f3b7d0bd75e3aa34e HTTP 302
    https://curiosity.alternatif-bien-etre.com/add?sourceCode=TSA562390004&email=robin_christiane@yahoo.com&sfId=&walletId=&params=%7B%22sfId%22%3A%22%22%2C%22typePage%22%3A%22bdc%22%2C%22walletId%22%3A%22%22%7D&utm_source=sfmc&utm_medium=email&utm_campaign=GSD002+-+ENTRY+LABE+V4+-+DCV+-+LN+N%c2%b07&isBat=false&d=LABE&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20=&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&j=2757967&l=140&b=141&sid=25872009&senddate=2024-06-29 HTTP 302
    https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e Page URL
  2. https://atlas.totale-sante.com/index.html?sfId=&walletId=&re=https%3A%2F%2Fedition.totale-sante.com%2Fabf-dcv-landing-ldv-bdc%2Findex.html&source=TSA494450061&typePage=bdc HTTP 302
    https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.mail1.alternatif-bien-etre.info/?qs=8f89d7143e9828378227e62b06b4db5c9953e8452e5a61f1851aaa01a56a58ccab672d7fdc0325a01484a3cd864c86ad6e00fc420c42e56f3b7d0bd75e3aa34e HTTP 302
  • https://curiosity.alternatif-bien-etre.com/add?sourceCode=TSA562390004&email=robin_christiane@yahoo.com&sfId=&walletId=&params=%7B%22sfId%22%3A%22%22%2C%22typePage%22%3A%22bdc%22%2C%22walletId%22%3A%22%22%7D&utm_source=sfmc&utm_medium=email&utm_campaign=GSD002+-+ENTRY+LABE+V4+-+DCV+-+LN+N%c2%b07&isBat=false&d=LABE&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20=&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&j=2757967&l=140&b=141&sid=25872009&senddate=2024-06-29 HTTP 302
  • https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Request Chain 135
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=30FFE559EBDD4C039B0348BCCC263F37&RedC=c.clarity.ms&MXFR=2DF659E4CF556D301ED94D59CB556356 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=30FFE559EBDD4C039B0348BCCC263F37&MUID=0E3F09A584E96B3D1B611D1885226A1C

163 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
already.html
la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/
Redirect Chain
  • https://click.mail1.alternatif-bien-etre.info/?qs=8f89d7143e9828378227e62b06b4db5c9953e8452e5a61f1851aaa01a56a58ccab672d7fdc0325a01484a3cd864c86ad6e00fc420c42e56f3b7d0bd75e3aa34e
  • https://curiosity.alternatif-bien-etre.com/add?sourceCode=TSA562390004&email=robin_christiane@yahoo.com&sfId=&walletId=&params=%7B%22sfId%22%3A%22%22%2C%22typePage%22%3A%22bdc%22%2C%22walletId%22%3...
  • https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=275796...
5 KB
3 KB
Document
General
Full URL
https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0073551570215dc2c66863435cfa34fb42b262f83f9bb1a5554de52a4454c402

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 15 Jul 2024 09:03:40 GMT
etag
W/"9b2cc97b34d1a59bdfe1f438384464d8"
last-modified
Wed, 21 Feb 2024 09:00:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-id
TqivJkI2jKoElmE1uhRKO_cdzc24iaXQA14Yc10egLfTRjJPKLV_Sw==
x-amz-cf-pop
FRA60-P8
x-amz-id-2
RyUn7HZO0PcBnHVkD5Z1aLRFD1rdpLourDzF1MVUNm3ZX+dwXL5w5KnrjabbIgK6XFGo/5F9nHybZSRjSXe9tz5H6uXmf0OT2vbjOJD1lJk=
x-amz-request-id
JBJ3GVY89HKHH375
x-amz-server-side-encryption
AES256
x-amz-version-id
J4j7QARzoN2wF4Rmwj_Xzqr.Neokk.Za
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 15 Jul 2024 09:03:38 GMT
location
https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
via
1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront), 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-apigw-id
a8jcrEVqliAEP1A=
x-amz-cf-id
Lc8Q81LOw3D8HNN7pnPEUZHOg5q8OkDafoEqJo5cvvBAY1n7bQ3a_Q==
x-amz-cf-pop
FRA56-P8 FRA60-P2
x-amzn-requestid
1458a041-9747-4991-8684-a7b73b3635ef
x-amzn-trace-id
Root=1-6694e5ea-6ec9b80737e7b7d72e967dc9;Parent=7410a8d5443d37f8;Sampled=0;lineage=2297fcc1:0
x-cache
Miss from cloudfront
grapesjs-preset-webpage.front.css
cdn-common.pubfac.com/falcon/
199 KB
30 KB
Stylesheet
General
Full URL
https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fa1ca6159924a0df8f302a83894fa85bf2c27c41932a257f8d813ea694b8ab1

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
VabO3SVA0mhb8nTq053JPoU2mCAsPZAB
content-encoding
gzip
via
1.1 741fa80e957b47e88235a1fa44ab4ea4.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 06:36:54 GMT
last-modified
Mon, 08 Jul 2024 08:34:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
8806
x-amz-server-side-encryption
AES256
etag
W/"bb2c43f50b6ddbd82401461aaf1fb0e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
RjkEsIwbdc3hmZtQQF6yJgzn6jaEc5WAHsH5wEjhSit9O97R5PxFeA==
boot.js
cdn-common.pubfac.com/falcon/
11 KB
5 KB
Script
General
Full URL
https://cdn-common.pubfac.com/falcon/boot.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b606f07ad4254e17faf3cd68fcadf84719616c7baa837df6aef893ec0bf63c20

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
MyC0_Hez4Y0PFN1MxnpYzgUjtdqaYT6o
content-encoding
gzip
via
1.1 741fa80e957b47e88235a1fa44ab4ea4.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 09:03:40 GMT
last-modified
Mon, 08 Jul 2024 08:34:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
etag
W/"bf5b7748f6642aed1714b7d12a756353"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
daHC1zc01thslXWxD9r7Rh7sNk6tzabaKcTJpfp3xvKI1PefmpTi8Q==
campaign-stats.js
cdn-cs.alternatif-bien-etre.com/
27 KB
11 KB
Script
General
Full URL
https://cdn-cs.alternatif-bien-etre.com/campaign-stats.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcb5ea8c4245e69ac628e2092b3f13942372ea5593937b62f12385e2307d19ce

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
pb.ctuNQGlDGezRE.eYZU0iup3scutmD
content-encoding
gzip
via
1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 09:03:40 GMT
last-modified
Mon, 08 Jul 2024 14:05:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"c5a2c1b03e679cf4478c523af8309ba3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
eDGALy3QISBtQiDo1fK-8rpXge83aC96LKNHOmltL0186O5vsZDhYA==
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/
79 KB
10 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Jul 2024 09:03:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
940557
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10209
x-served-by
cache-fra-etou8220090-FRA, cache-lcy-eglc8600072-LCY
x-jsd-version-type
version
etag
W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
237764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sgABCUCy688VTcqL2hHowb0TXn1Lbs8RD37LEyYPRjLf6k2oM%2F1nNXBK%2BmoQRmNJp0oh5fAp6pJgONlEUXVG9%2BFCLO%2FNeG58npEUSnOrLOyEdbLGy26%2F3w%2BvkaSXx07Uz68TmJ5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a3894a0cd28944e-LHR
expires
Sat, 05 Jul 2025 09:03:39 GMT
css2
fonts.googleapis.com/
7 KB
818 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:24:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc8a498ab080c0cd3f6e54104117af3bd95a3c776ae248fb4df9e5575e38bf51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 07:32:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
4 KB
698 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb6b9d24b54fb097fb66a94256247dba599489e0e92aa7512346ab1ecd19483b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:35:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
9 KB
922 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:07:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
10 KB
979 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4aa4f5145772c28ad2c0818de2aefe9750269caaf35f87c77f35e8d2864d9331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:38:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
3 KB
564 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4357c93ecfd38fb8a8082a4f41c429be60b3e0f5ab2d3e47d3d9308f0b117a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 07:22:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
7 KB
759 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1740b635b6ed1d7b8e50f782bdfb84c7ac462bbaecd9a80efbea5688b47ad5a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 07:04:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
5 KB
714 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 07:44:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c29a9407b5ed27f0c6e3f6810fde9dfe829442e10472da42704e5d0803c41cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:50:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
10 KB
873 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a543810a4a53c9e050f3dcb2cb608a587dac3b7a00dd13276cc4ee4d359f3615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:53:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
799 B
471 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Slabo+27px&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af1108dc8b93c371224e9936e052668edaaf28bc60d0afe09e87230fa7a01897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:27:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
css2
fonts.googleapis.com/
10 KB
947 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7745a4ab990e7588b287347aa568a65ca11b2b13c6f39e423dfed9bf13fc259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:24:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:39 GMT
gtm.js
www.googletagmanager.com/
313 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5XH7M7
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d501416a171804e5fd11d8986b8e5ffc5bc5c14102cce017a8b925b0f44d8bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105825
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jul 2024 09:03:39 GMT
manifest.json
cdn-common.pubfac.com/falcon/
320 B
816 B
XHR
General
Full URL
https://cdn-common.pubfac.com/falcon/manifest.json
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7994a80d1000beea3a4b65d6fc85118f46e18de4ecb1fd9a6fbc7c0297a5e0b

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ir0BiFSRobyYAQPfa04QO46j9_3hHM67
date
Mon, 15 Jul 2024 09:03:40 GMT
via
1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
PENDING
content-length
320
last-modified
Mon, 15 Jul 2024 09:03:14 GMT
server
AmazonS3
etag
"e847f890cb74ecf5c5e545ef147d3351"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
jtPMxjVDxdRoqLXoNdhS6zGx6GW5pbuVDjIImlLxAe3GzTgtv1yctw==
process
cs.alternatif-bien-etre.com/ Frame
0
0
Preflight
General
Full URL
https://cs.alternatif-bien-etre.com/process
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-118.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://la-lettre.alternatif-bien-etre.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 15 Jul 2024 09:03:40 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-apigw-id
a8jc7F2BliAEJuA=
x-amz-cf-id
Q6itUfFggtOx_a0X5IRAL2a4Ks-3Lihutc8N4TSmrk675N3SW4S6tA==
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
7a970387-4eb6-4c46-a0c1-0f5967f1cf14
x-cache
Miss from cloudfront
process
cs.alternatif-bien-etre.com/
110 B
467 B
XHR
General
Full URL
https://cs.alternatif-bien-etre.com/process
Requested by
Host: cdn-cs.alternatif-bien-etre.com
URL: https://cdn-cs.alternatif-bien-etre.com/campaign-stats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-118.fra2.r.cloudfront.net
Software
/
Resource Hash
d88aca6d621409b7c9801807f09a617fe1bff60bc0779256f289abab663985d8

Request headers

Accept
application/json
Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-trace-id
Root=1-6694e5ec-04fd3bdb2f5fcdec30d8a00a
x-amzn-requestid
4632576e-37b5-4922-93da-aa8887b8a0db
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
a8jc8GpxliAEIPA=
content-length
110
x-amz-cf-id
vPBva0Eed2bvSm8tKsjOp1yepE1hVbb9eRPK_-oqcU98QCveNEAIsA==
grapesjs-preset-webpage.front-4b928bd766f646d992da.js
cdn-common.pubfac.com/falcon/
266 KB
81 KB
Script
General
Full URL
https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81ad35ffaccf6b9914113bd2fef009a3aea50c79804f00512bff99f20b52ba72

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
x-amz-version-id
FY0lHS_qzHKxMFzC3Y_aPIZ5DuQVIzAd
content-encoding
gzip
last-modified
Mon, 15 Jul 2024 09:03:11 GMT
server
AmazonS3
via
1.1 741fa80e957b47e88235a1fa44ab4ea4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
etag
W/"d4406573a67b8a48308e692b80311426"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
Vfvyoo0cQ2OZoXxzG-tjuEu26lpgfvoMMix06S79sDByczNAUOVEXg==
loader.js
app.usercentrics.eu/browser-ui/latest/
33 KB
9 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5XH7M7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
222c6a6e4b84110dc96baa6d6c1711278d887dbd3c6b74e763834474421037a9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 08:20:40 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2580
x-guploader-uploadid
ACJd0NqrIPwolZgYDMDMSJzepQ9njZo2oizwRZAQbZKUJoS_M1XjREijdPyHVTwTzeavLPW7lZWD7aeOvA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
last-modified
Wed, 10 Jul 2024 12:16:06 GMT
server
UploadServer
etag
"abf92fb805252b33a6b2fb5f99eddc1e"
x-goog-generation
1720613766917362
x-goog-hash
crc32c=kEtgHg==, md5=q/kvuAUlKzOmsvtfme3cHg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
8554
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Jul 2024 09:20:40 GMT
landing
pagead2.googlesyndication.com/pagead/
42 B
64 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3l3l5&tag_exp=0&rnd=887897286.1721034220&url=https%3A%2F%2Fla-lettre.alternatif-bien-etre.com%2Fhotdcv-1t-redirect-replay-entry-gauntlet%2Falready.html&dma=0&npa=0&gtm=45He4790n81P5XH7M7v9106056165za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5XH7M7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2024 09:03:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
303 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DPB7XPJ8X5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5XH7M7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c553146dcadba36a0b843c60b885d753021bfc8b44c514ed9c683a8eb425a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104624
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jul 2024 09:03:40 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
21 KB
7 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5XH7M7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 01:34:30 GMT
content-encoding
gzip
via
1.1 b542963649ffc3f71c6540a2347be55a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P12
age
26951
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
dhGX621nj6N7ZfPCTeZgFz01BFzf5sT5HLLzkf8J4mc93Kxi62uC5w==
config.json
la-lettre.alternatif-bien-etre.com/
601 B
1010 B
XHR
General
Full URL
https://la-lettre.alternatif-bien-etre.com/config.json
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d62a14fc4e7ccb38f06a07f211d701b9e7f4e62b7beb715fcdfdc6bc593868e3

Request headers

Accept
application/json, text/plain, */*
Referer
https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
oIEdvgh6nA.n0TUm25ieeJ0XFlq8ngr0
date
Mon, 15 Jul 2024 09:03:41 GMT
via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
last-modified
Wed, 25 Oct 2023 08:26:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
etag
"7323319d9ea632212c839a4f9d4e8038"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
601
x-amz-cf-id
9k7w1gTaGLq-EovbhToSxp1Ho7M02L9e1hgsAw31YpkjCtIOmvLupg==
config.json
la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/
264 B
657 B
XHR
General
Full URL
https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/config.json
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91f7de4208b2d01ea4337708d292c81eaf2092a722c9c77ef6c835a576962f71

Request headers

Accept
application/json, text/plain, */*
Referer
https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
x-amz-version-id
SHVzr2UTdyjvpBo2Dg6PqOQmaYkA8Js1
via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 09:00:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
etag
"f07fcd512e810929bf90319d54606fae"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
264
x-amz-cf-id
6pXVycy4zFwKBdDJFc3ayCiyDajUI2KPChC3iB8oiqazfDE01S2ieg==
index.module.js
app.usercentrics.eu/browser-ui/3.49.0/
435 KB
117 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97121e0b2be0e9db9bd0ba5fdc33b21820943ebff48f6c8992afce23b46ba4f5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:08 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420392
x-guploader-uploadid
ACJd0No-Teex1IWknU7sYqhtAZQsf6oJY3HD50QasdWdEuScP55JC-dI2IXc5BIWJwYutKv3KFU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119540
last-modified
Wed, 10 Jul 2024 12:15:44 GMT
server
UploadServer
etag
"4810f53b131545e9e167eafa46c0c0e3"
x-goog-generation
1720613744549562
x-goog-hash
crc32c=m9oMaQ==, md5=SBD1OxMVRenhZ+r6RsDA4w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
119540
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:08 GMT
collect
cloud.alternatif-bien-etre.com/g/
65 B
273 B
XHR
General
Full URL
https://cloud.alternatif-bien-etre.com/g/collect?v=2&tid=G-DPB7XPJ8X5&gtm=45je4790v888137027z89106056165za200zb9106056165&_p=1721034219779&gcs=G100&gcd=13p3p3l3l5&npa=0&dma=0&tag_exp=0&gdid=dOThhZD&cid=260932750.1721034220&ecid=754021169&ul=en-gb&sr=1600x1200&_fplc=0&ur=GB&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=887897286.1721034220&sst.gse=1&sst.etld=google.co.uk&sst.gcsub=region1&sst.gcd=13p3p3l3l5&sst.adr=1&sst.tft=1721034219779&sst.ude=0&_s=1&sid=1721034220&sct=1&seg=0&dl=https%3A%2F%2Fla-lettre.alternatif-bien-etre.com%2Fhotdcv-1t-redirect-replay-entry-gauntlet%2Falready.html%3Fb%3D141%26d%3DLABE%26e%3D1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e%26isBat%3Dfalse%26j%3D2757967%26l%3D140%26senddate%3D2024-06-29%26sfId%3D%26sid%3D25872009%26sk%3Dcm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%253D%26s_source%3DTSA562390004%26utm_campaign%3DGSD002%2520-%2520ENTRY%2520LABE%2520V4%2520-%2520DCV%2520-%2520LN%2520N%25C2%25B07%26utm_medium%3Demail%26utm_source%3Dsfmc%26walletId%3D%26typePage%3Dbdc%26hemail%3D1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e%26subscriberKey%3Dsk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1721034220111.308513.1&ep.gtm_id=GTM-P5XH7M7&ep.anonymize_ip=true&ep.measurement_id=G-DPB7XPJ8X5&tfd=2109&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DPB7XPJ8X5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://la-lettre.alternatif-bien-etre.com
cache-control
no-cache
access-control-allow-credentials
true
collect
cloud.alternatif-bien-etre.com/g/
65 B
160 B
XHR
General
Full URL
https://cloud.alternatif-bien-etre.com/g/collect?v=2&tid=G-DPB7XPJ8X5&gtm=45je4790v888137027z89106056165za200zb9106056165&_p=1721034219779&gcs=G100&gcd=13p3p3l3l5&npa=0&dma=0&tag_exp=0&gdid=dOThhZD&cid=260932750.1721034220&ecid=754021169&ul=en-gb&sr=1600x1200&_fplc=0&ur=GB&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=887897286.1721034220&sst.gse=1&sst.etld=google.co.uk&sst.gcsub=region1&sst.gcd=13p3p3l3l5&sst.adr=1&sst.tft=1721034219779&sst.ude=0&_s=2&sid=1721034220&sct=1&seg=0&dl=https%3A%2F%2Fla-lettre.alternatif-bien-etre.com%2Fhotdcv-1t-redirect-replay-entry-gauntlet%2Falready.html%3Fb%3D141%26d%3DLABE%26e%3D1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e%26isBat%3Dfalse%26j%3D2757967%26l%3D140%26senddate%3D2024-06-29%26sfId%3D%26sid%3D25872009%26sk%3Dcm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%253D%26s_source%3DTSA562390004%26utm_campaign%3DGSD002%2520-%2520ENTRY%2520LABE%2520V4%2520-%2520DCV%2520-%2520LN%2520N%25C2%25B07%26utm_medium%3Demail%26utm_source%3Dsfmc%26walletId%3D%26typePage%3Dbdc%26hemail%3D1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e%26subscriberKey%3Dsk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e&dt=&en=already&ep.event_id=1721034220111.308513.1&ep.gtm_id=GTM-P5XH7M7&ep.anonymize_ip=true&ep.measurement_id=G-DPB7XPJ8X5&_et=4&tfd=2135&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DPB7XPJ8X5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://la-lettre.alternatif-bien-etre.com
cache-control
no-cache
access-control-allow-credentials
true
languages.json
api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://la-lettre.alternatif-bien-etre.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 09:03:40 GMT
expires
Mon, 15 Jul 2024 09:03:40 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
GB,
x-guploader-uploadid
ACJd0NqXnpcsMV7OaCNOIZ6zayR0QNQhpgMnDPjn4PL4-8DIH1CtaB-8tE0PgjF0Sz-ma9cyJxA
languages.json
api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/
61 B
593 B
Fetch
General
Full URL
https://api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9e932f61af911ddaca0b8a24460b8b51dc56bac4c87ef664ed5421ad5e53f0a7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
GB,
x-guploader-uploadid
ACJd0Nrz_XPfVlb6X-B6EpPafZWoFy1UXxiV0Hc52iBxm1s8XvNTxmaeGANfs11v8Vv2mi_nBhqj4NB_tg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
last-modified
Mon, 01 Jul 2024 18:35:38 GMT
server
UploadServer
etag
"285d8c3e2a1292b3abadc9fbe5563c61"
vary
Accept-Encoding
x-goog-generation
1719858938631204
x-goog-hash
crc32c=QATD0Q==, md5=KF2MPioSkrOrrcn75VY8YQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
67
accept-ranges
bytes
content-type
application/json
expires
Mon, 15 Jul 2024 09:04:40 GMT
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=738746398&rv=4790&u=AAAAAIAIAAAAAACI&ut=AgAI&h=Ag&gtm=45He4790v9106056165za200&ccid=106056165&cid=GTM-P5XH7M7&l=L1623.S5.Y7.B44.E313.I1624.EC6.TC15.HTC1~gtm.init.S3.V3.E62~gtm.js.S1.V1.E218.TS5googtag.TI18.TE3.TS5gaawe.TI20.TE0.TS5html.TI33.TE0.TS5gclidw.TI108.TE4.TS5tg.TI115.TE0.TS5tg.TI119.TE0.TS5tg.TI123.TE0.TS5tg.TI127.TE0.TS5tg.TI131.TE0.TS5tg.TI135.TE0.TS5tg.TI139.TE0.TS5tg.TI143.TE0.TS5tg.TI147.TE0.TS5tg.TI151.TE0~gtm.dom.S0.V0.E47~gtm.scrollDepth.S0.V0.E30~gtm.load.S0.V0.E1~gtm.init_consent.S12.V11.E131.TS5cvt.TI114.TE7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
TSA_Favicon.png
pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/
465 B
968 B
Other
General
Full URL
https://pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/TSA_Favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.169.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0f3d7534a03767b0c3c0bfc20f992a2cfa2412dcc6afba6797aefe878468f262

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 09:03:41 GMT
Content-Encoding
x-amz-version-id
5laSTyzZ2w92iDz95p85Im0tOEXW1b.p
Last-Modified
Tue, 14 Sep 2021 12:24:23 GMT
Server
AmazonS3
x-amz-request-id
YMBG2ZHDJGMGHEN5
ETag
"ffb08fd4d288029302f8c8ec1a4e44fe"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
465
x-amz-id-2
/pYJgnvHOyS2QERl2NhLnMH23WB8O1AaIHYDh8ExAMldNoNPsoTYD7hHSShBJTk0jVTFMF+jwcU=
fr.json
api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/
34 KB
9 KB
Fetch
General
Full URL
https://api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/fr.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ccc5c5758a3a7eb482dc56903ee635afc6f39040227e110e3dff187b231b1352
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:32 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
8
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0Npy5osVyGZuHIl-sgWHDac-ztIRQVwYlGZHsiQr1ovuy0HRz22JgULGmkrOnxbVnKnYxI4MofzIww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9036
last-modified
Mon, 01 Jul 2024 18:35:38 GMT
server
UploadServer
etag
"ba8c685a2d877e2ce74cbb8b7146e4e6"
vary
Accept-Encoding
x-goog-generation
1719858938626741
x-goog-hash
crc32c=cGpcrQ==, md5=uoxoWi2HfiznTLuLcUbk5g==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
9036
accept-ranges
bytes
content-type
application/json
expires
Mon, 15 Jul 2024 09:04:32 GMT
fr.json
api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/settings/MhKKnsmCQScvw8/latest/fr.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://la-lettre.alternatif-bien-etre.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 09:03:40 GMT
expires
Mon, 15 Jul 2024 09:03:40 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0Nry_oTr7eOUdyJyYfeIKh5brSIXpqQGBnIz-wR0hcgJLheS6A7SUG4OwBN6QtdRbFC56YovdocCqw
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.37.4/ Frame C530
0
0
Document
General
Full URL
https://app.usercentrics.eu/browser-sdk/4.37.4/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
420308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1142
content-type
text/html
date
Wed, 10 Jul 2024 12:18:32 GMT
etag
"75bfde215f8a001e6c0adf71196f3f8f"
expires
Fri, 09 Aug 2024 12:18:32 GMT
last-modified
Wed, 10 Jul 2024 12:15:23 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1720613722979668
x-goog-hash
crc32c=HFIoSw== md5=db/eIV+KAB5sCt9xGW8/jw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1142
x-guploader-uploadid
ACJd0NpIxDZRdhTBcq1g1LBCsx8Q_uznMpqLsQ_pSD2E9EEg6mMTG3QVIbLAihzqJG3lp5M4qrF4Fh-U5Q
Primary Request index.html
edition.totale-sante.com/abf-dcv-landing-ldv-bdc/
Redirect Chain
  • https://atlas.totale-sante.com/index.html?sfId=&walletId=&re=https%3A%2F%2Fedition.totale-sante.com%2Fabf-dcv-landing-ldv-bdc%2Findex.html&source=TSA494450061&typePage=bdc
  • https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
148 KB
31 KB
Document
General
Full URL
https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c08409af5c78f0990a963d7793dbeb3462ff28c79ebd82ed56cdd663ea9367e

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 15 Jul 2024 09:03:42 GMT
etag
W/"c61fa4c83a10f0e26775e439f3730913"
last-modified
Tue, 09 Jul 2024 12:47:33 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-id
dWhqTFJGJ5RHWslz5bwhsePcaPm8stBFEAf54FiOGLapZoJtZ87iNw==
x-amz-cf-pop
FRA56-C2
x-amz-id-2
oxld/R3kFdMprU67JxXO9V3waUHZyLpeWg+MTkf+YnLD6syV+lBiwR0s2PxXGSA8oLQZKloaMd6qmaQVxQe85A==
x-amz-request-id
YXJHT4A1E14PMEJM
x-amz-server-side-encryption
AES256
x-amz-version-id
9uJS60tK.dLpgPYdSGYWwCg4N9kv40xj
x-cache
RefreshHit from cloudfront

Redirect headers

content-length
0
date
Mon, 15 Jul 2024 09:03:40 GMT
location
https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
server
CloudFront
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-id
a1M08bZsKPMEfzkg6ZmcILGEGkUzb-8PO7mLL-9SNxYxGmJJ2WvbzA==
x-amz-cf-pop
FRA60-P1
x-cache
LambdaGeneratedResponse from cloudfront
1px.png
app.usercentrics.eu/session/
489 B
820 B
Image
General
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=MhKKnsmCQScvw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 08:49:33 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
847
x-guploader-uploadid
ACJd0NqfozRzZvFBbWbxaPLH2Kk6kiHtuE61sfP7Xq3qw59SjeMyz7PXqKoDgdtwxWKPoXs1Ur8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Mon, 15 Jul 2024 09:19:33 GMT
DefaultData-d00127a3-6bf3d31a.js
app.usercentrics.eu/browser-ui/3.49.0/
2 KB
1000 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultData-d00127a3-6bf3d31a.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:14 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420386
x-guploader-uploadid
ACJd0NrzoQ24uI1rsz4V6D_QTQaLbp2siiKHtk4Ye2MHOKY-oC9-NzKxppfgROhomptm8JP8qA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Wed, 10 Jul 2024 12:15:33 GMT
server
UploadServer
etag
"edc399e97ec7d1731b8b53d73e1c7877"
x-goog-generation
1720613733649121
x-goog-hash
crc32c=94xAWg==, md5=7cOZ6X7H0XMbi1PXPhx4dw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
969
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:14 GMT
translations-fr.json
api.usercentrics.eu/translations/
8 KB
3 KB
Fetch
General
Full URL
https://api.usercentrics.eu/translations/translations-fr.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 04:32:51 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
16249
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0NpqGRw4QrDnZG-isM2y3si4LPMKbWL9eEvB2T_NKngmU66xH9ZfC-kEFGuDk3Gt9IpnklmYT_r_jw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2684
last-modified
Thu, 06 Jun 2024 08:55:09 GMT
server
UploadServer
etag
"4044ba7ff3e2561311fccc54aec9fa4c"
vary
Accept-Encoding
x-goog-generation
1717664109592595
x-goog-hash
crc32c=AqCSFA==, md5=QES6f/PiVhMR/MxUrsn6TA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2684
accept-ranges
bytes
content-type
application/json
expires
Tue, 16 Jul 2024 04:32:51 GMT
translations-fr.json
api.usercentrics.eu/translations/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/translations/translations-fr.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://la-lettre.alternatif-bien-etre.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 09:03:40 GMT
expires
Mon, 15 Jul 2024 09:03:40 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0No_Wz45FqVp126h7u9sjqTzdT2LKc283deI1XIRQ_4KynlzD7mo_ihhnmPJKCiTn8RgWoemcqVt6g
fr
aggregator.service.usercentrics.eu/aggregate/
101 KB
13 KB
Fetch
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/fr?templates=1XvFW-Y2k@1.1.5,3ctYrxMohDLcUm@1.1.0,AH6TVUNbT@1.0.6,BJ59EidsWQ@25.7.28,BJz7qNsdj-7@15.8.19,BkeKqEjuoZQ@9.4.11,H1GSqEodjZX@5.4.2,H1Vl5NidjWX@40.17.45,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,HkrZ5NjusWX@6.2.1,HyEX5Nidi-m@12.6.1,S1_9Vsuj-Q@15.7.22,S1hmcVouiZm@6.2.2,Skj79NodobQ@8.1.3,W-HOHMTVq@5.1.5,WIsTFheVXwKLM4@5.4.2,XYQZBUojc@9.6.4,_SUFlQuxf@3.2.2,a_Dw7zFT7@4.3.1,dUzxiHb6Q@1.1.4,ko1w5PpFl@23.12.21,qEs4t49Rg@1.1.1,r1EWc4iuj-X@9.5.9,r1PkZcEs_iWQ@6.1.2,rJJjcVouoZ7@8.3.6,twMyStLkn@15.9.15
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://la-lettre.alternatif-bien-etre.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 01 Jul 2024 18:28:12 GMT
content-encoding
br
via
1.1 google
server
Google Frontend
age
1175729
etag
"paxv1b"
vary
Accept-Encoding, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13679
fr
aggregator.service.usercentrics.eu/aggregate/ Frame
0
0
Preflight
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/fr?templates=1XvFW-Y2k@1.1.5,3ctYrxMohDLcUm@1.1.0,AH6TVUNbT@1.0.6,BJ59EidsWQ@25.7.28,BJz7qNsdj-7@15.8.19,BkeKqEjuoZQ@9.4.11,H1GSqEodjZX@5.4.2,H1Vl5NidjWX@40.17.45,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,HkrZ5NjusWX@6.2.1,HyEX5Nidi-m@12.6.1,S1_9Vsuj-Q@15.7.22,S1hmcVouiZm@6.2.2,Skj79NodobQ@8.1.3,W-HOHMTVq@5.1.5,WIsTFheVXwKLM4@5.4.2,XYQZBUojc@9.6.4,_SUFlQuxf@3.2.2,a_Dw7zFT7@4.3.1,dUzxiHb6Q@1.1.4,ko1w5PpFl@23.12.21,qEs4t49Rg@1.1.1,r1EWc4iuj-X@9.5.9,r1PkZcEs_iWQ@6.1.2,rJJjcVouoZ7@8.3.6,twMyStLkn@15.9.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://la-lettre.alternatif-bien-etre.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 15 Jul 2024 09:03:40 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
90707ee030398c0100b029afce5d7a71
DefaultUI-93f82132-74bb0f6d.js
app.usercentrics.eu/browser-ui/3.49.0/
2 KB
791 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:20:34 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420187
x-guploader-uploadid
ACJd0Nq6wnCG-QLbPiwBNVZ4Z-Dn13kA5PQLsRNlpAe4wvOyTM7XJiY30YEJonFviHY_3LQdus3q5oSr_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
760
last-modified
Wed, 10 Jul 2024 12:15:34 GMT
server
UploadServer
etag
"10c32ac19dd53c922e09af9f02040e3f"
x-goog-generation
1720613734310883
x-goog-hash
crc32c=VY8ATQ==, md5=EMMqwZ3VPJIuCa+fAgQOPw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
760
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:20:34 GMT
FirstLayerCustomization-3660def5-e9841303.js
app.usercentrics.eu/browser-ui/3.49.0/
3 KB
1 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/FirstLayerCustomization-3660def5-e9841303.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420386
x-guploader-uploadid
ACJd0NqT1WyGQdgNaM3_ZlQit2TTJzXG5JLK_3EW37XZuXQtuYy_0MP8kiVy6sV9IFvWjz200Rg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1075
last-modified
Wed, 10 Jul 2024 12:15:35 GMT
server
UploadServer
etag
"48d0d71e2e1cad22108f84c46fd452f6"
x-goog-generation
1720613734986681
x-goog-hash
crc32c=cKtaCA==, md5=SNDXHi4crSIQj4TEb9RS9g==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1075
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
ButtonsCustomization-26072404-0ac5d5e4.js
app.usercentrics.eu/browser-ui/3.49.0/
473 B
269 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/ButtonsCustomization-26072404-0ac5d5e4.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:20:34 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420187
x-guploader-uploadid
ACJd0NpO4AI5sfUuODjQpuEzui3SjH0UHi2EQmHYVUHlzjIT2xsat3B9e9NJ8lDw0v18VXhAXPg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
last-modified
Wed, 10 Jul 2024 12:15:32 GMT
server
UploadServer
etag
"44fa6f049dc262cb7d1af37d49dbb488"
x-goog-generation
1720613732675879
x-goog-hash
crc32c=rJgjqA==, md5=RPpvBJ3CYst9GvN9Sdu0iA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
236
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:20:34 GMT
SecondLayerUI-d3f79250-37637b61.js
app.usercentrics.eu/browser-ui/3.49.0/
567 B
348 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/SecondLayerUI-d3f79250-37637b61.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420386
x-guploader-uploadid
ACJd0No2FBzAKKwuVsFITNH4O2DeCV_YLpqLldTIOYLN4cp7vtuFKUYsC05NZtfWxJ3s7jDcJCU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
last-modified
Wed, 10 Jul 2024 12:15:36 GMT
server
UploadServer
etag
"077fb920e21878714ba5089b1ca48810"
x-goog-generation
1720613736701874
x-goog-hash
crc32c=al0SBQ==, md5=B3+5IOIYeHFLpQibHKSIEA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
317
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
Taglogger-dbcfe06b-f2aa9244.js
app.usercentrics.eu/browser-ui/3.49.0/
1 KB
724 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/Taglogger-dbcfe06b-f2aa9244.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420386
x-guploader-uploadid
ACJd0Np-ftM7sU1qhsr7RFk8gi13rdpiZhTvaZtmhBmL2tooyh2Reg9sd3HcOD7oudaaBTr7aQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
688
last-modified
Wed, 10 Jul 2024 12:15:37 GMT
server
UploadServer
etag
"a2fc5675b26eb21527e3c8acc32f46d1"
x-goog-generation
1720613737347581
x-goog-hash
crc32c=oJEojA==, md5=ovxWdbJushUn48iswy9G0Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
688
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame
0
0

3
consent-api.service.consent.usercentrics.eu/consent/uw/
0
0

PrivacyButton-424771a3.js
app.usercentrics.eu/browser-ui/3.49.0/
5 KB
2 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/PrivacyButton-424771a3.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420386
x-guploader-uploadid
ACJd0Np8BNxYSI0yttcsMw91mBpxRek9Medbdho44omGO4-hvzzKqa2HTYPZwDsu0K4S2Y9ccQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2449
last-modified
Wed, 10 Jul 2024 12:15:35 GMT
server
UploadServer
etag
"18bc04fa9a600da08c6ba90a93ec9188"
x-goog-generation
1720613735789431
x-goog-hash
crc32c=1qA9MA==, md5=GLwE+ppgDaCMa6kKk+yRiA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2449
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
index-edbe4c91.js
app.usercentrics.eu/browser-ui/3.49.0/
2 KB
851 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/index-edbe4c91.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://la-lettre.alternatif-bien-etre.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420386
x-guploader-uploadid
ACJd0NrsJTakib5m7t4xgrkOkvvvfAymdrSWAVFrXcy-3tBYJdxluJCOl5Mh1C1qKZPXkCj5gHM
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
811
last-modified
Wed, 10 Jul 2024 12:15:43 GMT
server
UploadServer
etag
"9abc518bd878dffef779fd17395dcd29"
x-goog-generation
1720613743089507
x-goog-hash
crc32c=vPvimg==, md5=mrxRi9h43/73ef0XOV3NKQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
811
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
uct
uct.service.usercentrics.eu/
0
0

index-151c6d6d.js
app.usercentrics.eu/browser-ui/3.49.0/
0
0

grapesjs-preset-webpage.front.css
cdn-common.pubfac.com/falcon/
199 KB
30 KB
Stylesheet
General
Full URL
https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fa1ca6159924a0df8f302a83894fa85bf2c27c41932a257f8d813ea694b8ab1

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
VabO3SVA0mhb8nTq053JPoU2mCAsPZAB
content-encoding
gzip
via
1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 06:36:54 GMT
last-modified
Mon, 08 Jul 2024 08:34:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
8808
x-amz-server-side-encryption
AES256
etag
W/"bb2c43f50b6ddbd82401461aaf1fb0e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
jssIMkmUss6gHGFJLuN1tMRPwVtBXLXvOULq9BTbA5HkzOVF-nt9fQ==
boot.js
cdn-common.pubfac.com/falcon/
11 KB
5 KB
Script
General
Full URL
https://cdn-common.pubfac.com/falcon/boot.js
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b606f07ad4254e17faf3cd68fcadf84719616c7baa837df6aef893ec0bf63c20

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
MyC0_Hez4Y0PFN1MxnpYzgUjtdqaYT6o
content-encoding
gzip
via
1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 09:03:42 GMT
last-modified
Mon, 08 Jul 2024 08:34:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
etag
W/"bf5b7748f6642aed1714b7d12a756353"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
6Pnpo-UpkjLaykwUKArboJqGOl14AyKesQNs7Wiqadbir7XFXYKdPg==
campaign-stats.js
cdn-cs.totale-sante.com/
27 KB
11 KB
Script
General
Full URL
https://cdn-cs.totale-sante.com/campaign-stats.js
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcb5ea8c4245e69ac628e2092b3f13942372ea5593937b62f12385e2307d19ce

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
pb.ctuNQGlDGezRE.eYZU0iup3scutmD
content-encoding
gzip
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 09:03:42 GMT
last-modified
Mon, 08 Jul 2024 14:05:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
etag
W/"c5a2c1b03e679cf4478c523af8309ba3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
BLaG6jEPFAs3VTyJOPEP3HvSq5F3UStTD2VW7YSJnKVxYkS2ChAsHA==
kpj1xra.css
use.typekit.net/
5 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/kpj1xra.css
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd552233b624058329da2a35a229521ec2618b4e84c768f4b023fdea903f3299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 15 Jul 2024 09:03:41 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
846
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://edition.totale-sante.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
12952718
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-lhr-egll1980038-LHR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1721034221.308230,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
329074, 347061
Mabibledesalimentsquisoignent.png
pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/BCS/Bible%20Aliments/
135 KB
135 KB
Image
General
Full URL
https://pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/BCS/Bible%20Aliments/Mabibledesalimentsquisoignent.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4fc949b486aaff95dcc20c0de5cf648abfa96c16b8c6418e6528edc0c9ff156d

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 09:03:42 GMT
Content-Encoding
x-amz-version-id
CY47Ehmi3hy0ci8j2c1mz5_ZM4z4BG28
Last-Modified
Mon, 20 Feb 2023 14:40:08 GMT
Server
AmazonS3
x-amz-request-id
SVMPPDMXX1Z49RXX
ETag
"284bf937002a4dbd0b07bc4521d8b1fe"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
138102
x-amz-id-2
YsM0AC9UO55FEbffyJpKgkmhB+SecJGgc6ghA5C+E6kyzAegm59TmhqqFcBzfFtZr8Zs4q1GfHo=
cc-bdc.png
pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/
9 KB
10 KB
Image
General
Full URL
https://pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/cc-bdc.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1759f6494d53963ebd22fa4821f518e93dea2c29e5aa6674ee56ddb1fa8162c3

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 09:03:42 GMT
Content-Encoding
x-amz-version-id
lrGNGgvj_ggHDoC1JgqKebIfj.k03txV
Last-Modified
Wed, 29 Jun 2022 16:03:46 GMT
Server
AmazonS3
x-amz-request-id
SVMPF25X93PTCKXH
ETag
"51ef34b41ace94a089642f50915ba835"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
9711
x-amz-id-2
aqtNU/1JSo/qeZcy/ynECKnrVMJqJx3O0M/ESzFfuI3JvhlFHSfU3r1Sst2ELJ1ZGr7tFqNIQLk=
f4368559-e7f0-467b-9ee5-2eadd6fd0651.jpg
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
137 KB
137 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/f4368559-e7f0-467b-9ee5-2eadd6fd0651.jpg
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8abc1af951bb59965fd2eafa35bb49b4325e5e18f11fc800eb3b36ac271ef668

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/f4368559-e7f0-467b-9ee5-2eadd6fd0651.jpg
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:39 GMT
Server
AkamaiNetStorage
ETag
"04733b30b0cae858ff22a8eb0c454516:1692430779.04015"
Content-Type
image/jpeg
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
139830
0e8bcc2b-2ef4-488e-8106-47fb0ebc348d.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
922 KB
922 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/0e8bcc2b-2ef4-488e-8106-47fb0ebc348d.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f1c39d46daa0a5ba0e0208a8bce6d2171326f5f766bd4314af27b6b09663aa98

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/0e8bcc2b-2ef4-488e-8106-47fb0ebc348d.png
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:36 GMT
Server
AkamaiNetStorage
ETag
"83ad6176b1fed1d2f4ac95668c2502da:1692430776.005652"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
944065
773ea07b-811b-4053-812c-584d66b950a5.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
204 KB
204 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/773ea07b-811b-4053-812c-584d66b950a5.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ea26f9c0dd322d3220460ec69656ae541123de3d540af3aec84a9abe04a7288d

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/773ea07b-811b-4053-812c-584d66b950a5.png
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:39 GMT
Server
AkamaiNetStorage
ETag
"a6f56d1b38dc6a5e326386e89526a4d0:1692430779.628775"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
208431
7499e84e-e3df-492c-b890-67a93d48f18c.gif
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
2 MB
2 MB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/7499e84e-e3df-492c-b890-67a93d48f18c.gif
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3057ce921b914885321b8e8eae363bc14bda21f375e85150cfd97a7db2f59b00

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/7499e84e-e3df-492c-b890-67a93d48f18c.gif
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:06 GMT
Server
AkamaiNetStorage
ETag
"6de0f5df3f72253fff926296d44f9a5c:1692430746.22756"
Content-Type
image/gif
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2063011
fc9dd6dd-a29f-43f2-aa75-e614d3fae062.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
481 KB
481 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/fc9dd6dd-a29f-43f2-aa75-e614d3fae062.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
82eff52e1ed0125b4a7474b3600087c90237b04bfe0c8b18ab4da68331a4020b

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/fc9dd6dd-a29f-43f2-aa75-e614d3fae062.png
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:36 GMT
Server
AkamaiNetStorage
ETag
"e687270fb62411874a05b04b2576c191:1692430776.72944"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
492460
af189f42-e420-41f2-aeda-e79d106d88b8.jpg
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
145 KB
145 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/af189f42-e420-41f2-aeda-e79d106d88b8.jpg
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8825666143b92e1717458c42219e83233ceae9703be91160668c4304c8c74ef7

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/af189f42-e420-41f2-aeda-e79d106d88b8.jpg
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:27 GMT
Server
AkamaiNetStorage
ETag
"f56f227f4a7092979ab8ba55d68c8ad7:1692430767.96609"
Content-Type
image/jpeg
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
148511
eaadaeeb-a8b7-4738-b567-ffbfeca2b56f.jpg
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
167 KB
168 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/eaadaeeb-a8b7-4738-b567-ffbfeca2b56f.jpg
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5cc15667c610552ba71ba0cef0035c4e784384c654306e54e27cf94db8345371

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/eaadaeeb-a8b7-4738-b567-ffbfeca2b56f.jpg
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:27 GMT
Server
AkamaiNetStorage
ETag
"aff18b49c39af230e0578dc3ffa947e9:1692430767.40495"
Content-Type
image/jpeg
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
171294
b830c0f3-312e-44c6-a1ad-65478eae55a0.jpg
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
50 KB
50 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/b830c0f3-312e-44c6-a1ad-65478eae55a0.jpg
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
85fa61e1e0f865a9d5b90baf5b5c77874ccf7fbe175f758a0bda91226ac692ec

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/b830c0f3-312e-44c6-a1ad-65478eae55a0.jpg
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:02 GMT
Server
AkamaiNetStorage
ETag
"8a00ce30e0ce38d3b2526327beffd00c:1692430742.064089"
Content-Type
image/jpeg
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50997
2471b3b1-c5ec-47e8-993f-1c0e3526512e.jpg
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
166 KB
166 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/2471b3b1-c5ec-47e8-993f-1c0e3526512e.jpg
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a86bc34501a5877525b39267f89939bb8f2608f2fd2758e35632f2813c4dde92

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/2471b3b1-c5ec-47e8-993f-1c0e3526512e.jpg
Date
Mon, 15 Jul 2024 09:03:41 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:26 GMT
Server
AkamaiNetStorage
ETag
"4f942a2d26db12933b5194367bcef85f:1692430766.89516"
Content-Type
image/jpeg
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
169765
24ed5a23-aa9d-463d-a9b6-667e9f9b71b5.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
279 KB
280 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/24ed5a23-aa9d-463d-a9b6-667e9f9b71b5.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9ffec53f346348fcb8a39a3cc13c3e107809c73a1cac4c1afafb86a306811456

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/24ed5a23-aa9d-463d-a9b6-667e9f9b71b5.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:25 GMT
Server
AkamaiNetStorage
ETag
"db92f24f06f334d54e5dd17b0d533820:1692430765.36707"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
285820
78844532-a0b5-45cd-8241-40d511ecf90f.jpg
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
168 KB
168 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/78844532-a0b5-45cd-8241-40d511ecf90f.jpg
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2ae9895be851c3f446ecb88145bb0308c1ed8a05979896aacfe6ca5dfea26508

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/78844532-a0b5-45cd-8241-40d511ecf90f.jpg
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:26 GMT
Server
AkamaiNetStorage
ETag
"8bce86641cbfe2d2d73bfbbdb2514f14:1692430766.418721"
Content-Type
image/jpeg
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
171966
bd3ff20a-538a-402f-8c59-1e136772ffef.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
177 KB
177 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/bd3ff20a-538a-402f-8c59-1e136772ffef.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
414c24157ee0d8cfa05d950866152de250b6d1f1277e0c55d3130e41cd980938

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/bd3ff20a-538a-402f-8c59-1e136772ffef.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:23 GMT
Server
AkamaiNetStorage
ETag
"87a87859fd141a15c18db6c645bb9cc9:1692430763.929406"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180891
461af1f2-d6d6-4ebf-90f9-cb39c23c61cc.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
212 KB
212 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/461af1f2-d6d6-4ebf-90f9-cb39c23c61cc.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8497faef577d573ac5cbf74a28522face7496b68da656095213dd6d9b3089061

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/461af1f2-d6d6-4ebf-90f9-cb39c23c61cc.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:04 GMT
Server
AkamaiNetStorage
ETag
"296bb8eb10124e728ccf90fb3dfefd37:1692430744.856814"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
216971
anne-portier.png
alternatif-bien-etre.com/wp-content/uploads/2023/09/
21 KB
21 KB
Image
General
Full URL
https://alternatif-bien-etre.com/wp-content/uploads/2023/09/anne-portier.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-79.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
065c9fccb09dabf4deeff28ae55bfcffec0572bd62808f216b867410d8059b8b

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:31:18 GMT
via
1.1 0254a3d4b384cab4933ea28efe6685c2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 16:08:52 GMT
server
Apache
x-amz-cf-pop
FRA60-P5
age
12743
etag
"549d-6048ab9f476a0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
21661
x-amz-cf-id
QndnL8co6hyqJOsngA6bb4ucwPLX4DrRAKbOire5SF5sHCqrhTiaQA==
f4ee6088-44c3-48f3-88aa-9245675fd0b8.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
230 KB
231 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/f4ee6088-44c3-48f3-88aa-9245675fd0b8.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d12f867132eb1b6f82c3892a2e6842ccc968d2b9a7123ec9aa7e853d3f360b9c

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/f4ee6088-44c3-48f3-88aa-9245675fd0b8.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Fri, 11 Aug 2023 07:33:28 GMT
Server
AkamaiNetStorage
ETag
"21b81916b897b3eb5d752a69786ad73c:1691739208.735113"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
236012
9ca00501-f93d-4dae-9f03-78cdf4ef1adb.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
173 KB
174 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/9ca00501-f93d-4dae-9f03-78cdf4ef1adb.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bd13486c4b035bbadf25ac1eaa1716fa5ca0e0ef25a88ff1697322f7dfe47f01

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/9ca00501-f93d-4dae-9f03-78cdf4ef1adb.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Fri, 11 Aug 2023 07:33:27 GMT
Server
AkamaiNetStorage
ETag
"0a3aaa8926aebb91fe283fdd89e4ad72:1691739207.828918"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
177463
7d4ebf58-5ba7-4cea-8e8c-625d7ad80f45.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
238 KB
238 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/7d4ebf58-5ba7-4cea-8e8c-625d7ad80f45.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a208fc28fb1ac05c4b31fb5ce1b33e8b8ac10cdba8a15b191afcad9fe0f822b

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/7d4ebf58-5ba7-4cea-8e8c-625d7ad80f45.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Fri, 11 Aug 2023 07:33:28 GMT
Server
AkamaiNetStorage
ETag
"90ed4255bf6df3e2289ec23eef083855:1691739208.312655"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243296
0f36d4fe-4f24-4f5b-b000-8ef17e8f9024.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
244 KB
244 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/0f36d4fe-4f24-4f5b-b000-8ef17e8f9024.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
49b672c6a3aef8fb720ce42678dfceb19220dfa07c8b701defb84251a82c86e4

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/0f36d4fe-4f24-4f5b-b000-8ef17e8f9024.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Fri, 11 Aug 2023 07:33:25 GMT
Server
AkamaiNetStorage
ETag
"e016dcfe75ff717a0c5f8c21bde76091:1691739205.759065"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249599
86073a82-4034-4989-a58e-b1507a26f15a.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
153 KB
154 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/86073a82-4034-4989-a58e-b1507a26f15a.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4181af7024c9e5f827b8b338b6f43f2e68977cecc74ae2fc187de384198c5523

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/86073a82-4034-4989-a58e-b1507a26f15a.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:38 GMT
Server
AkamaiNetStorage
ETag
"29b91e140cf05b90cffda20d6b1271b5:1692430778.350426"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157010
dtx19.png
totale-sante-cdn.pubfac.io/uploads/ABF/
284 KB
285 KB
Image
General
Full URL
https://totale-sante-cdn.pubfac.io/uploads/ABF/dtx19.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:1c00:12:108e:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c87795c27b01de316384c13cd12350ef0ea1b376a2169330d267129044ee5434

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-version-id
r_JzZzzU2PvAVAH5WNzvrFTva94OQ1iT
last-modified
Tue, 05 Sep 2023 07:20:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"b4d08b0646900e977a6e6dd2494fb59e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
290820
x-amz-cf-id
ZESbFlI1lDJNVdSiB16984J0MuTclrLdEH6U9N4tgx_5K4Sqg362KA==
1809c5b3-77ab-4830-a335-9a29c5e0cfd5.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
372 KB
373 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/1809c5b3-77ab-4830-a335-9a29c5e0cfd5.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7d96a42b137473b8e169e2526d856ce3d887911313e9eef8986b0b47899c0dbf

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/1809c5b3-77ab-4830-a335-9a29c5e0cfd5.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:21 GMT
Server
AkamaiNetStorage
ETag
"c4925e2c50aa42dfc97b399222423e1f:1692430761.26404"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
381390
3aa880cf-c5b3-4075-9e5c-b1a5d7d130df.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
371 KB
371 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/3aa880cf-c5b3-4075-9e5c-b1a5d7d130df.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
98241f0244c75e6719a65c55a23e2a3597e00bcc335be427248c8e694440845e

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/3aa880cf-c5b3-4075-9e5c-b1a5d7d130df.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:07 GMT
Server
AkamaiNetStorage
ETag
"1737171d96b8a8a2ad0516982a4ad584:1692430747.589729"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
379733
c00770ba-c7ac-4d75-9a80-38647de7a318.png
image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/
966 KB
966 KB
Image
General
Full URL
https://image.mail1.alternatif-bien-etre.info/lib/fe3f11707564057d751175/m/1/c00770ba-c7ac-4d75-9a80-38647de7a318.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2f9c56d8362df7d4ec4bb54fde3efd85653479505d9cdcf461865a492299690d

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

NSLOCATION
/lib/fe3f11707564057d751175/m/1/c00770ba-c7ac-4d75-9a80-38647de7a318.png
Date
Mon, 15 Jul 2024 09:03:42 GMT
Last-Modified
Sat, 19 Aug 2023 07:39:03 GMT
Server
AkamaiNetStorage
ETag
"48d0478de510392c10364a15c9edd2eb:1692430743.603208"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
988794
abf_dcv_bdc_choice_papier_1.png
totale-sante-cdn.pubfac.io/uploads/Acquisition/ABF/DCV%20(DTX)/
61 KB
61 KB
Image
General
Full URL
https://totale-sante-cdn.pubfac.io/uploads/Acquisition/ABF/DCV%20(DTX)/abf_dcv_bdc_choice_papier_1.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:1c00:12:108e:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc9e5a850ea9aad22b262cc3a90e593fca6d9a05fa9a1fa2ee543c2301564ab5

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-version-id
s4Ge6jkKOFEP5vZf6bAz3j2cHc5TirpE
last-modified
Thu, 07 Dec 2023 14:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"1e20cd68c400e28a355a91de5814b025"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
62163
x-amz-cf-id
YFniUWuu4iEwMpcdqOnAkTd8q2DFFjWLNQNl0XbE1LGea2TZhY_jyA==
abf_dcv_bdc_choice_digital_1.png
totale-sante-cdn.pubfac.io/uploads/Acquisition/ABF/DCV%20(DTX)/
59 KB
60 KB
Image
General
Full URL
https://totale-sante-cdn.pubfac.io/uploads/Acquisition/ABF/DCV%20(DTX)/abf_dcv_bdc_choice_digital_1.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:1c00:12:108e:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e90a5860b19224adf0a49ea72abd667324038f300a33548e02d7fc04b8d76d1e

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-version-id
Jlm64u5zC_EBAo0sys68frk9HvgB7Ciq
last-modified
Thu, 07 Dec 2023 14:40:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"d43a757065f883b858ac5eddb6fe32e7"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
60746
x-amz-cf-id
IM8USXYwdqOj9hAM_0gma7epk-GuYYIMwQGZK0mDwkeVUk8eU9Wz1A==
sepa_avec_transparence.png
totale-sante-cdn.pubfac.io/uploads/
17 KB
17 KB
Image
General
Full URL
https://totale-sante-cdn.pubfac.io/uploads/sepa_avec_transparence.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:1c00:12:108e:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8165f45fb1e3cb054e381d552e11f0ea15d056284011e336f6dffd0d3404ea3a

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
dflDAPQwqPwjjEooXFSe9WQsVJwMM1P3
content-encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 09:03:42 GMT
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17240
last-modified
Wed, 21 Apr 2021 08:51:28 GMT
server
AmazonS3
etag
"771eac632a9a7b1735ee438e4502e83a"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
gfZUdPRM0uYEOQgwAY4N68P2PuVB1V9V1HMhtVEsl7MvXxwnzFjEXg==
refund.png
pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/
30 KB
30 KB
Image
General
Full URL
https://pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/refund.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c5e788e017315f9800f3bea9e6f66f087ed5044545f21cd4fed29c39b2950603

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 09:03:42 GMT
Content-Encoding
x-amz-version-id
3OcRhdIWReNMnFhfinAk_xHUFhpPmBiG
Last-Modified
Wed, 29 Jun 2022 15:04:48 GMT
Server
AmazonS3
x-amz-request-id
SVMQ8C4FXYJ3X9GA
ETag
"f38396cf1658f845873c305bc20a36c5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
30650
x-amz-id-2
ISqFeAHlxXBBLxdpVjJ6ZWFZBDltQEaYX9vF4ElHegY1QZ405ESgmjJLGAywA6G4MaN27JAxjsU=
enquiry.png
pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/
23 KB
23 KB
Image
General
Full URL
https://pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/enquiry.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dbf172d6583173d343a5383165015e50c9769765dfd841a6e53421c376865f7e

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 09:03:42 GMT
Content-Encoding
x-amz-version-id
JBJogEdsJx7O_qMel2Yuh00ZPVQhFDEk
Last-Modified
Wed, 29 Jun 2022 15:04:48 GMT
Server
AmazonS3
x-amz-request-id
SVMRV833CSWECXH0
ETag
"d2d6525abdfb6fde9fe50614020ef1e9"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
23062
x-amz-id-2
Ta64fKtUJwMiHo43pg5AyC4WVYrMopHb0HOGyAx3dY1tRFTjcDywk8mvo/fu8Oag+z6HJvg6okE=
contract.png
pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/
25 KB
26 KB
Image
General
Full URL
https://pubfac-cdn.s3.amazonaws.com/totale-sante/uploads/MODELE/Guarantees/contract.png
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.75.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0c88fcc2cbc43d7a5905efd7949685377707a7d1965938b4689b729a7de9921

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 09:03:42 GMT
Content-Encoding
x-amz-version-id
KENu_zkIOz6ZajZMAjfYGTaVynIFQ7pw
Last-Modified
Wed, 29 Jun 2022 15:04:48 GMT
Server
AmazonS3
x-amz-request-id
SVMGFNN41XQKVK5V
ETag
"778f8d7e23e0ab91ca7743455540816f"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
25949
x-amz-id-2
VuAotI0F5WB268ENCuRyJYIZxNS9r5UzWZZXbdpeVFLz2boSOBLOShxZ9XdLBP+vtKRyKX126Qw=
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/
79 KB
11 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2910016
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10883
x-served-by
cache-fra-etou8220090-FRA, cache-lga21953-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjcOOZAX9mM6udAI%2F6ay7KAzK1pka4SHkqlg%2BIb4wEGwRV2vV%2FsalDzSVtB6Sgbp%2F%2Bxwv4izu3GURonfbdxTBH%2B0RPiJlGNtodQ%2BOr76nuz29STIaKVjBi09Yz6mgv5bKZA6SD4uXDJ4rpZOTbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a3894abfaad3da6-LHR
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
237766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skCrV8g%2F%2FxKVbcEpetmwbihhtucq4iY3GQiztkOwOk2BEN3%2F8MkWBK8u%2FfdVjNOs8gLBRezJPNkehQyX2DLfQnOvZKE7jy4lb0WokafMqNFcdSsve7A9bfqTtegcb5wSh1RRO8O9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a3894abcbec6437-LHR
expires
Sat, 05 Jul 2025 09:03:41 GMT
css2
fonts.googleapis.com/
7 KB
927 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:11:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc8a498ab080c0cd3f6e54104117af3bd95a3c776ae248fb4df9e5575e38bf51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:14:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
4 KB
697 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb6b9d24b54fb097fb66a94256247dba599489e0e92aa7512346ab1ecd19483b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:45:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
9 KB
922 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 09:00:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
10 KB
979 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4aa4f5145772c28ad2c0818de2aefe9750269caaf35f87c77f35e8d2864d9331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:58:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
3 KB
564 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4357c93ecfd38fb8a8082a4f41c429be60b3e0f5ab2d3e47d3d9308f0b117a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 07:50:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1740b635b6ed1d7b8e50f782bdfb84c7ac462bbaecd9a80efbea5688b47ad5a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:44:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
5 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 07:28:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
7 KB
756 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c29a9407b5ed27f0c6e3f6810fde9dfe829442e10472da42704e5d0803c41cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:41:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
10 KB
873 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a543810a4a53c9e050f3dcb2cb608a587dac3b7a00dd13276cc4ee4d359f3615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:55:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
799 B
471 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Slabo+27px&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af1108dc8b93c371224e9936e052668edaaf28bc60d0afe09e87230fa7a01897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:32:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
css2
fonts.googleapis.com/
10 KB
947 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7745a4ab990e7588b287347aa568a65ca11b2b13c6f39e423dfed9bf13fc259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-common.pubfac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 08:35:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 09:03:41 GMT
gtm.js
www.googletagmanager.com/
310 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5N42CHP
Requested by
Host: edition.totale-sante.com
URL: https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc16553cd105f41e244b96d782937fa54937239ebea92e5fc0436e2f6df88cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103962
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jul 2024 09:03:41 GMT
p.css
p.typekit.net/
5 B
173 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=kpj1xra&ht=tk&f=12393.12394.12395.12396.12397.12398.12399&a=8659561&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kpj1xra.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
process
cs.totale-sante.com/ Frame
0
0
Preflight
General
Full URL
https://cs.totale-sante.com/process
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-100.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://edition.totale-sante.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 15 Jul 2024 09:03:41 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-apigw-id
a8jdMFmYliAEM3w=
x-amz-cf-id
PN2xQbCnTIMDyTvBg5jZYn1rnz_F3fpOiDGsv2KzOjY7zHxQix2y0Q==
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
ce0d1f65-42f9-42c0-8526-e149678508bc
x-cache
Miss from cloudfront
process
cs.totale-sante.com/
110 B
469 B
XHR
General
Full URL
https://cs.totale-sante.com/process
Requested by
Host: cdn-cs.totale-sante.com
URL: https://cdn-cs.totale-sante.com/campaign-stats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-100.fra60.r.cloudfront.net
Software
/
Resource Hash
7616c669fa5bf81f8c368ac8593eaa85a314e34d1a01fa64e4dc87269592b86e

Request headers

Accept
application/json
Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amzn-trace-id
Root=1-6694e5ed-3ca6fae5213a9e077157f133
x-amzn-requestid
c9e63e8c-3b64-4456-96a1-ce7ed9d717a0
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
a8jdMGiyliAEXbg=
content-length
110
x-amz-cf-id
R6U5f1rl3Xnff0B58Cp_lPUDKzSXkNKi9nevDIJUSAs3zRvcfdLV7A==
l
use.typekit.net/af/030e54/000000000000000077359ef9/30/
27 KB
27 KB
Font
General
Full URL
https://use.typekit.net/af/030e54/000000000000000077359ef9/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kpj1xra.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7db8d8b564c2516d8c43725b00cc6df8f74599a0e69ab04081b817cc1ace5edf

Request headers

Referer
https://use.typekit.net/kpj1xra.css
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
server
nginx
etag
"e8e1e4f7a0db3cfff156be30d82bfbf3b26965c6"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27328
manifest.json
cdn-common.pubfac.com/falcon/
320 B
815 B
XHR
General
Full URL
https://cdn-common.pubfac.com/falcon/manifest.json
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7994a80d1000beea3a4b65d6fc85118f46e18de4ecb1fd9a6fbc7c0297a5e0b

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ir0BiFSRobyYAQPfa04QO46j9_3hHM67
date
Mon, 15 Jul 2024 09:03:42 GMT
via
1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
PENDING
content-length
320
last-modified
Mon, 15 Jul 2024 09:03:14 GMT
server
AmazonS3
etag
"e847f890cb74ecf5c5e545ef147d3351"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
qbAIvyausz4NA6VkC2-34Ni5ygFOhpg_rbCT2pd_LrspyNNflPNY-w==
l
use.typekit.net/af/1d9a3d/000000000000000077359ef5/30/
26 KB
27 KB
Font
General
Full URL
https://use.typekit.net/af/1d9a3d/000000000000000077359ef5/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kpj1xra.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e9c6246dcf00603810c5d3e5dd2d23292b9add8a5f44cc3394c62766e4d46ee9

Request headers

Referer
https://use.typekit.net/kpj1xra.css
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
server
nginx
etag
"303c1ef4e2db60adb2a6898263148e471acdf22a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27064
l
use.typekit.net/af/e749f8/000000000000000077359ef1/30/
27 KB
27 KB
Font
General
Full URL
https://use.typekit.net/af/e749f8/000000000000000077359ef1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kpj1xra.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
71f19bab2b8751932c9ff30be879c8f8d17b946ced7cb329553c832b1cfe3368

Request headers

Referer
https://use.typekit.net/kpj1xra.css
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
server
nginx
etag
"4904726539ab11011dc549c8395245a43cfaa78a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27568
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
244018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtuYoRNxa3bIOjqDduMPpelXCiMW%2FTtxh%2Fp%2BG2mTUElxWEggCGs059cmhmtEoqIBW2CjsvRpKMOUwkGWggnFNxaUhzbdV1JKYg00VA%2FLPjJXv%2B3To6DmEcfufShFStHGO1R79zUw"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a3894ae69f0be9c-LHR
expires
Sat, 05 Jul 2025 09:03:41 GMT
l
use.typekit.net/af/fe2617/000000000000000077359efc/30/
26 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/fe2617/000000000000000077359efc/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kpj1xra.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d6d83fe931f69d533fe292d325703da4bda66c490361f998d52622cf4b0ab8a

Request headers

Referer
https://use.typekit.net/kpj1xra.css
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:41 GMT
server
nginx
etag
"3f9b00fd2fb234fc0c76cb43ed6b41604a622934"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26884
grapesjs-preset-webpage.front-4b928bd766f646d992da.js
cdn-common.pubfac.com/falcon/
266 KB
81 KB
Script
General
Full URL
https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6000:11:2cd5:2700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81ad35ffaccf6b9914113bd2fef009a3aea50c79804f00512bff99f20b52ba72

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:40 GMT
x-amz-version-id
FY0lHS_qzHKxMFzC3Y_aPIZ5DuQVIzAd
content-encoding
gzip
last-modified
Mon, 15 Jul 2024 09:03:11 GMT
server
AmazonS3
via
1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
etag
W/"d4406573a67b8a48308e692b80311426"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
2
x-amz-replication-status
COMPLETED
x-amz-cf-id
PEpp57_iD-xq7zlhpUzWL4WftmUPA4xUOA2g0WsUPfGbwXCp6RgaLw==
config.json
edition.totale-sante.com/
451 B
862 B
XHR
General
Full URL
https://edition.totale-sante.com/config.json
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4930f2d8894bd3bfffe4d898500ee04e6729af2430a075f22cd9b641b7d4012

Request headers

Accept
application/json, text/plain, */*
Referer
https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
lp19X44q2m6MDWba2P6dQEdIPr5sscZ3
date
Mon, 15 Jul 2024 09:03:43 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Wed, 25 Oct 2023 08:26:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"15c215fef9f98e55bc0f5a865330185f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
451
x-amz-cf-id
ygfsani6oBEe9tGuY0vZ1J_kzqvMZDi2Dt3FddVIm-Dq76x6MZiBhA==
config.json
edition.totale-sante.com/abf-dcv-landing-ldv-bdc/
457 B
873 B
XHR
General
Full URL
https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/config.json
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce5251c43cf1847ef7d22e637c438b0e21545c6aef4c057c1fc7350d6dc90412

Request headers

Accept
application/json, text/plain, */*
Referer
https://edition.totale-sante.com/abf-dcv-landing-ldv-bdc/index.html?walletId=&source=TSA494450061&typePage=bdc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
nTCEO_0kJqTK.y6nsW2AflrtyTYTIWDV
date
Mon, 15 Jul 2024 09:03:43 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 12:44:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
"97dc829b4dca4f9bddc12573738cccc2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
457
x-amz-cf-id
aoKiGg36wJYdqMD11n79WCqey3VWJ9isKDs-du-8xSJ2TOWbLePfYg==
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/
156 KB
29 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://edition.totale-sante.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1074
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9943870
cdn-cachedat
10/31/2023 20:13:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"7cc40c199d128af6b01e74a28c5900b0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3aeab402d0ee42a5e0391e5611a9ece
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
8a3894b1ab4493f2-LHR
cdn-requestpullsuccess
True
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/
49 KB
16 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: cdn-common.pubfac.com
URL: https://cdn-common.pubfac.com/falcon/grapesjs-preset-webpage.front-4b928bd766f646d992da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1073
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1413478
cdn-cachedat
04/04/2024 23:34:09
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ce6e785579ae4cb555c9de311d1b9271"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6bafa25a51dd307687644511977a53b0
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
8a3894b16f816379-LHR
cdn-requestpullsuccess
True
loader.js
app.usercentrics.eu/browser-ui/latest/
33 KB
9 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N42CHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
222c6a6e4b84110dc96baa6d6c1711278d887dbd3c6b74e763834474421037a9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 08:20:40 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2582
x-guploader-uploadid
ACJd0NqrIPwolZgYDMDMSJzepQ9njZo2oizwRZAQbZKUJoS_M1XjREijdPyHVTwTzeavLPW7lZWD7aeOvA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
last-modified
Wed, 10 Jul 2024 12:16:06 GMT
server
UploadServer
etag
"abf92fb805252b33a6b2fb5f99eddc1e"
x-goog-generation
1720613766917362
x-goog-hash
crc32c=kEtgHg==, md5=q/kvuAUlKzOmsvtfme3cHg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
8554
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Jul 2024 09:20:40 GMT
landing
pagead2.googlesyndication.com/pagead/
42 B
64 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3l3l5&tag_exp=0&rnd=486311403.1721034222&url=https%3A%2F%2Fedition.totale-sante.com%2Fabf-dcv-landing-ldv-bdc%2Findex.html&dma=0&npa=0&gtm=45He4790n815N42CHPv811370676za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N42CHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2024 09:03:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
303 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DPB7XPJ8X5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N42CHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f72811f0a2f2a6ff4cd4f5febcc7d86dc7188048b9306f3b73051a089ee08150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104641
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jul 2024 09:03:42 GMT
muu1at405t
www.clarity.ms/tag/
637 B
1002 B
Script
General
Full URL
https://www.clarity.ms/tag/muu1at405t?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N42CHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
875bd4163e7ec5b91cc46c3de01f8938bc075cbace99cdc0ac7237c66a6a5905

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Mon, 15 Jul 2024 09:03:42 GMT
x-azure-ref
20240715T090342Z-r1d56846db97xmwcb4953bdk5400000007vg00000000w2p1
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
21 KB
7 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N42CHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 01:34:30 GMT
content-encoding
gzip
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P12
age
26954
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
_KGxvYyPF0uyuWP9t1N5pE2ZgGwCdZ9qT11lbZwLQQRg2wLyyWMD3g==
index.module.js
app.usercentrics.eu/browser-ui/3.49.0/
435 KB
117 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97121e0b2be0e9db9bd0ba5fdc33b21820943ebff48f6c8992afce23b46ba4f5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:08 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420394
x-guploader-uploadid
ACJd0No-Teex1IWknU7sYqhtAZQsf6oJY3HD50QasdWdEuScP55JC-dI2IXc5BIWJwYutKv3KFU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119540
last-modified
Wed, 10 Jul 2024 12:15:44 GMT
server
UploadServer
etag
"4810f53b131545e9e167eafa46c0c0e3"
x-goog-generation
1720613744549562
x-goog-hash
crc32c=m9oMaQ==, md5=SBD1OxMVRenhZ+r6RsDA4w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
119540
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:08 GMT
collect
cloud.tsapublications.com/g/
65 B
275 B
XHR
General
Full URL
https://cloud.tsapublications.com/g/collect?v=2&tid=G-DPB7XPJ8X5&gtm=45je4790v888137027z8811370676za200zb811370676&_p=1721034221572&gcs=G100&gcd=13p3p3l3l5&npa=0&dma=0&tag_exp=0&gdid=dOThhZD&cid=1036139254.1721034222&ecid=653468503&ul=en-gb&sr=1600x1200&_fplc=0&ur=GB&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=486311403.1721034222&sst.gse=1&sst.etld=google.co.uk&sst.gcsub=region1&sst.gcd=13p3p3l3l5&sst.adr=1&sst.tft=1721034221572&sst.ude=0&_s=1&sid=1721034222&sct=1&seg=0&dl=https%3A%2F%2Fedition.totale-sante.com%2Fabf-dcv-landing-ldv-bdc%2Findex.html%3FwalletId%3D%26source%3DTSA494450061%26typePage%3Dbdc&dr=https%3A%2F%2Fla-lettre.alternatif-bien-etre.com%2F&dt=Recevez%20d%C3%A8s%20maintenant...&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1721034222205.235747.1&ep.gtm_id=GTM-5N42CHP&ep.anonymize_ip=true&ep.measurement_id=G-DPB7XPJ8X5&tfd=1795&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DPB7XPJ8X5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://edition.totale-sante.com
cache-control
no-cache
access-control-allow-credentials
true
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 15:08:18 GMT
x-content-type-options
nosniff
age
496524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 15:08:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:36:54 GMT
x-content-type-options
nosniff
age
516408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:36:54 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 20:29:39 GMT
x-content-type-options
nosniff
age
304443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jul 2025 20:29:39 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:53:01 GMT
x-content-type-options
nosniff
age
515441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:53:01 GMT
clarity.js
www.clarity.ms/s/0.7.32/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/muu1at405t?ref=gtm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:42 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240715T090342Z-r1d56846db97xmwcb4953bdk5400000007vg00000000w2pr
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
96c004e4-701e-0001-5611-d07107000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
languages.json
api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://edition.totale-sante.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 09:03:42 GMT
expires
Mon, 15 Jul 2024 09:03:42 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
GB,
x-guploader-uploadid
ACJd0NrzAjcPAAM84KPs69uwDVK5Iz0YwyUqfuh5PDWUhGLwSWs2ke9RsT9lkF48xrEdi2ajPJ58gm9NRw
languages.json
api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/
61 B
589 B
Fetch
General
Full URL
https://api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9e932f61af911ddaca0b8a24460b8b51dc56bac4c87ef664ed5421ad5e53f0a7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:43 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
GB,
x-guploader-uploadid
ACJd0NrQ2cc3I8Vpi59nVEjRm3oBt65lDVJZBIq64OUURLnVETV7hdYHCv3AVkkfx6go-q4gC5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
last-modified
Mon, 01 Jul 2024 18:51:50 GMT
server
UploadServer
etag
"285d8c3e2a1292b3abadc9fbe5563c61"
vary
Accept-Encoding
x-goog-generation
1719859910312158
x-goog-hash
crc32c=QATD0Q==, md5=KF2MPioSkrOrrcn75VY8YQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
67
accept-ranges
bytes
content-type
application/json
expires
Mon, 15 Jul 2024 09:04:43 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=30FFE559EBDD4C039B0348BCCC263F37&RedC=c.clarity.ms&MXFR=2DF659E4CF556D301ED94D59CB556356
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=30FFE559EBDD4C039B0348BCCC263F37&MUID=0E3F09A584E96B3D1B611D1885226A1C
42 B
441 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=30FFE559EBDD4C039B0348BCCC263F37&MUID=0E3F09A584E96B3D1B611D1885226A1C
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2024 09:03:42 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 15 Jul 2024 09:03:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6672F6080863471BA5AE8C5625D7B30C Ref B: LTSEDGE1905 Ref C: 2024-07-15T09:03:43Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=30FFE559EBDD4C039B0348BCCC263F37&MUID=0E3F09A584E96B3D1B611D1885226A1C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ABF_favicon.png
totale-sante-cdn.pubfac.io/uploads/
51 KB
52 KB
Other
General
Full URL
https://totale-sante-cdn.pubfac.io/uploads/ABF_favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:1c00:12:108e:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84c489a325e169b434e696ad66d1c60d9d0823c8ad3d5890768fd8930f79a656

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ewodrj_AA6xsizXWAtjPrc92x_Y3IRlr
content-encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
date
Mon, 15 Jul 2024 09:03:44 GMT
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
52458
last-modified
Fri, 23 Feb 2024 13:07:45 GMT
server
AmazonS3
etag
"6c2636283ff9f41b9b766c2331cfae6c"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
fEml9e9BM4J496E_ibeaVr0GlmmtcIew5fPwBoN4KEfIQBL54O5TeA==
fr.json
api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/
34 KB
9 KB
Fetch
General
Full URL
https://api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/fr.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2faf125affe0e5df9028d1940387833956aacbaf85b9995b7d256b85c40bfe70
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:43 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0NrgyRyOJD1EGgnClZ40d7WsTxE3HIyPJumRqDrArErIVDma2uoab38dvCpwDL3zM5K9i7E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9007
last-modified
Mon, 01 Jul 2024 18:51:50 GMT
server
UploadServer
etag
"2be78148063bc7003bf2292ae5866e88"
vary
Accept-Encoding
x-goog-generation
1719859910316011
x-goog-hash
crc32c=VioCNQ==, md5=K+eBSAY7xwA78ikq5YZuiA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
9007
accept-ranges
bytes
content-type
application/json
expires
Mon, 15 Jul 2024 09:04:43 GMT
fr.json
api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/settings/_Y6fGfg-pvA50V/latest/fr.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://edition.totale-sante.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 09:03:43 GMT
expires
Mon, 15 Jul 2024 09:03:43 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0No7EbHuzAu2LqiVXGBsv7mui8n1POORKXhh4IXLorRVtr1nPqhEZXCBe0_YX599rBNnRCY
collect
a.clarity.ms/
0
288 B
XHR
General
Full URL
https://a.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://edition.totale-sante.com
Date
Mon, 15 Jul 2024 09:03:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.37.4/ Frame 33FC
0
0
Document
General
Full URL
https://app.usercentrics.eu/browser-sdk/4.37.4/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
420300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1142
content-type
text/html
date
Wed, 10 Jul 2024 12:18:43 GMT
etag
"75bfde215f8a001e6c0adf71196f3f8f"
expires
Fri, 09 Aug 2024 12:18:43 GMT
last-modified
Wed, 10 Jul 2024 12:15:23 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1720613722979668
x-goog-hash
crc32c=HFIoSw== md5=db/eIV+KAB5sCt9xGW8/jw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1142
x-guploader-uploadid
ACJd0NqUtu-XwwF4y8QiL4MjQwJ8nfsqVzHd7mJzj05DEOfrxDwN0lFCIRcnD-bgsETHkj6U__0
1px.png
app.usercentrics.eu/session/
489 B
820 B
Image
General
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=_Y6fGfg-pvA50V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 08:49:33 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
850
x-guploader-uploadid
ACJd0NqfozRzZvFBbWbxaPLH2Kk6kiHtuE61sfP7Xq3qw59SjeMyz7PXqKoDgdtwxWKPoXs1Ur8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Mon, 15 Jul 2024 09:19:33 GMT
DefaultData-d00127a3-6bf3d31a.js
app.usercentrics.eu/browser-ui/3.49.0/
2 KB
1000 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultData-d00127a3-6bf3d31a.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7e2472bd1f232c3d68ed4772d3c325f4a700133dc26901fb83cfbb86e32781ef
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:14 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420389
x-guploader-uploadid
ACJd0NrzoQ24uI1rsz4V6D_QTQaLbp2siiKHtk4Ye2MHOKY-oC9-NzKxppfgROhomptm8JP8qA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Wed, 10 Jul 2024 12:15:33 GMT
server
UploadServer
etag
"edc399e97ec7d1731b8b53d73e1c7877"
x-goog-generation
1720613733649121
x-goog-hash
crc32c=94xAWg==, md5=7cOZ6X7H0XMbi1PXPhx4dw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
969
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:14 GMT
translations-fr.json
api.usercentrics.eu/translations/
8 KB
3 KB
Fetch
General
Full URL
https://api.usercentrics.eu/translations/translations-fr.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8c6d60fa998237901001cb115ccf80460d2eb72436612d1910b9b2fd1cfee47
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 04:54:13 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
14970
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0Nr9zTxV34PQMPM9rF2YrjLuTTSq70MYOuwqq2QSn-9N39yRzuusXo4l13W0rSR1RrBrJBF9U8LMBg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2684
last-modified
Thu, 06 Jun 2024 08:55:09 GMT
server
UploadServer
etag
"4044ba7ff3e2561311fccc54aec9fa4c"
vary
Accept-Encoding
x-goog-generation
1717664109592595
x-goog-hash
crc32c=AqCSFA==, md5=QES6f/PiVhMR/MxUrsn6TA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2684
accept-ranges
bytes
content-type
application/json
expires
Tue, 16 Jul 2024 04:54:13 GMT
translations-fr.json
api.usercentrics.eu/translations/ Frame
0
0
Preflight
General
Full URL
https://api.usercentrics.eu/translations/translations-fr.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://edition.totale-sante.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 09:03:43 GMT
expires
Mon, 15 Jul 2024 09:03:43 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
GB,GBENG
x-guploader-uploadid
ACJd0NrqrmZG5lwwv-VblvJ7jo4kDgnTIjVVEHu-ZhdB4VGnUyoKoU6BnPP3PnFCrGaP2jFe2eM
fr
aggregator.service.usercentrics.eu/aggregate/
99 KB
13 KB
Fetch
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/fr?templates=1XvFW-Y2k@1.1.5,3ctYrxMohDLcUm@1.1.0,AH6TVUNbT@1.0.6,BJ59EidsWQ@25.7.28,BJz7qNsdj-7@15.8.19,BkeKqEjuoZQ@9.4.11,H1GSqEodjZX@5.4.2,H1Vl5NidjWX@40.17.45,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,HkrZ5NjusWX@6.2.1,HyEX5Nidi-m@12.6.1,S1_9Vsuj-Q@15.7.22,S1hmcVouiZm@6.2.2,Skj79NodobQ@8.1.3,W-HOHMTVq@5.1.5,WIsTFheVXwKLM4@5.4.2,XYQZBUojc@9.6.4,a_Dw7zFT7@4.3.1,dUzxiHb6Q@1.1.4,ko1w5PpFl@23.12.21,qEs4t49Rg@1.1.1,r1EWc4iuj-X@9.5.9,r1PkZcEs_iWQ@6.1.2,rJJjcVouoZ7@8.3.6,twMyStLkn@15.9.15
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c96c83185c91663b6cdc25a0ce964b3b7649fdaf3dbf44d0e0c4b635b50ee375

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 13 Jul 2024 12:28:56 GMT
content-encoding
br
via
1.1 google
server
Google Frontend
age
160487
etag
"1k3pztv"
vary
Accept-Encoding, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13419
fr
aggregator.service.usercentrics.eu/aggregate/ Frame
0
0
Preflight
General
Full URL
https://aggregator.service.usercentrics.eu/aggregate/fr?templates=1XvFW-Y2k@1.1.5,3ctYrxMohDLcUm@1.1.0,AH6TVUNbT@1.0.6,BJ59EidsWQ@25.7.28,BJz7qNsdj-7@15.8.19,BkeKqEjuoZQ@9.4.11,H1GSqEodjZX@5.4.2,H1Vl5NidjWX@40.17.45,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,HkrZ5NjusWX@6.2.1,HyEX5Nidi-m@12.6.1,S1_9Vsuj-Q@15.7.22,S1hmcVouiZm@6.2.2,Skj79NodobQ@8.1.3,W-HOHMTVq@5.1.5,WIsTFheVXwKLM4@5.4.2,XYQZBUojc@9.6.4,a_Dw7zFT7@4.3.1,dUzxiHb6Q@1.1.4,ko1w5PpFl@23.12.21,qEs4t49Rg@1.1.1,r1EWc4iuj-X@9.5.9,r1PkZcEs_iWQ@6.1.2,rJJjcVouoZ7@8.3.6,twMyStLkn@15.9.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://edition.totale-sante.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 15 Jul 2024 09:03:43 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
195acc956107c0c256c67b9588e00044
DefaultUI-93f82132-74bb0f6d.js
app.usercentrics.eu/browser-ui/3.49.0/
2 KB
791 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b0fb971150c2648f434530c43940ab05e42283a5487fa4805de32ae532526187
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:20:34 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420189
x-guploader-uploadid
ACJd0Nq6wnCG-QLbPiwBNVZ4Z-Dn13kA5PQLsRNlpAe4wvOyTM7XJiY30YEJonFviHY_3LQdus3q5oSr_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
760
last-modified
Wed, 10 Jul 2024 12:15:34 GMT
server
UploadServer
etag
"10c32ac19dd53c922e09af9f02040e3f"
x-goog-generation
1720613734310883
x-goog-hash
crc32c=VY8ATQ==, md5=EMMqwZ3VPJIuCa+fAgQOPw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
760
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:20:34 GMT
FirstLayerCustomization-3660def5-e9841303.js
app.usercentrics.eu/browser-ui/3.49.0/
3 KB
1 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/FirstLayerCustomization-3660def5-e9841303.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
78986c80bc7dab6173f3a57fd63086a6e46e58aae6f6b988a9ceac66d7503009
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0NqT1WyGQdgNaM3_ZlQit2TTJzXG5JLK_3EW37XZuXQtuYy_0MP8kiVy6sV9IFvWjz200Rg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1075
last-modified
Wed, 10 Jul 2024 12:15:35 GMT
server
UploadServer
etag
"48d0d71e2e1cad22108f84c46fd452f6"
x-goog-generation
1720613734986681
x-goog-hash
crc32c=cKtaCA==, md5=SNDXHi4crSIQj4TEb9RS9g==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1075
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
ButtonsCustomization-26072404-0ac5d5e4.js
app.usercentrics.eu/browser-ui/3.49.0/
473 B
267 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/ButtonsCustomization-26072404-0ac5d5e4.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7d1ffc76bba4dfe1b48e8ef5192e5f54e54b0a4206a9445c70f5a33b25fc9e95
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:20:34 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420189
x-guploader-uploadid
ACJd0NpO4AI5sfUuODjQpuEzui3SjH0UHi2EQmHYVUHlzjIT2xsat3B9e9NJ8lDw0v18VXhAXPg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
last-modified
Wed, 10 Jul 2024 12:15:32 GMT
server
UploadServer
etag
"44fa6f049dc262cb7d1af37d49dbb488"
x-goog-generation
1720613732675879
x-goog-hash
crc32c=rJgjqA==, md5=RPpvBJ3CYst9GvN9Sdu0iA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
236
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:20:34 GMT
SecondLayerUI-d3f79250-37637b61.js
app.usercentrics.eu/browser-ui/3.49.0/
567 B
350 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/SecondLayerUI-d3f79250-37637b61.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7d1231db395b79b095e4592679e6cf96da5048ea13c6e162a0bfb58557c25565
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultUI-93f82132-74bb0f6d.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0No2FBzAKKwuVsFITNH4O2DeCV_YLpqLldTIOYLN4cp7vtuFKUYsC05NZtfWxJ3s7jDcJCU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
last-modified
Wed, 10 Jul 2024 12:15:36 GMT
server
UploadServer
etag
"077fb920e21878714ba5089b1ca48810"
x-goog-generation
1720613736701874
x-goog-hash
crc32c=al0SBQ==, md5=B3+5IOIYeHFLpQibHKSIEA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
317
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
Taglogger-dbcfe06b-f2aa9244.js
app.usercentrics.eu/browser-ui/3.49.0/
1 KB
725 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/Taglogger-dbcfe06b-f2aa9244.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
846e95bdc7e94fb5877f9ecc9636594eeac05c10798a0c3fe1435e44c6ef3e42
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0Np-ftM7sU1qhsr7RFk8gi13rdpiZhTvaZtmhBmL2tooyh2Reg9sd3HcOD7oudaaBTr7aQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
688
last-modified
Wed, 10 Jul 2024 12:15:37 GMT
server
UploadServer
etag
"a2fc5675b26eb21527e3c8acc32f46d1"
x-goog-generation
1720613737347581
x-goog-hash
crc32c=oJEojA==, md5=ovxWdbJushUn48iswy9G0Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
688
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame
0
0
Preflight
General
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://edition.totale-sante.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 15 Jul 2024 09:03:43 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
1f82affc337f171064a2eeccb2b48af9
3
consent-api.service.consent.usercentrics.eu/consent/uw/
0
78 B
Fetch
General
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Request-ID
03707428-89e4-4475-9df3-c07aafb37b8b
content-type
application/json

Response headers

date
Mon, 15 Jul 2024 09:03:43 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
af0f70f0758d6f0bee5573e2e0d6f3f0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PrivacyButton-424771a3.js
app.usercentrics.eu/browser-ui/3.49.0/
5 KB
2 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/PrivacyButton-424771a3.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
916d7072bc55f9f78640da47220b0af32cbbf15d78ce8e2d778b056d84e69d33
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0Np8BNxYSI0yttcsMw91mBpxRek9Medbdho44omGO4-hvzzKqa2HTYPZwDsu0K4S2Y9ccQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2449
last-modified
Wed, 10 Jul 2024 12:15:35 GMT
server
UploadServer
etag
"18bc04fa9a600da08c6ba90a93ec9188"
x-goog-generation
1720613735789431
x-goog-hash
crc32c=1qA9MA==, md5=GLwE+ppgDaCMa6kKk+yRiA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2449
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
index-edbe4c91.js
app.usercentrics.eu/browser-ui/3.49.0/
2 KB
851 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/index-edbe4c91.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a4d5bca843401471dbda3ee7fe80c5fd24d960e7a0a098eea73f729783e660e7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0NrsJTakib5m7t4xgrkOkvvvfAymdrSWAVFrXcy-3tBYJdxluJCOl5Mh1C1qKZPXkCj5gHM
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
811
last-modified
Wed, 10 Jul 2024 12:15:43 GMT
server
UploadServer
etag
"9abc518bd878dffef779fd17395dcd29"
x-goog-generation
1720613743089507
x-goog-hash
crc32c=vPvimg==, md5=mrxRi9h43/73ef0XOV3NKQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
811
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
uct
uct.service.usercentrics.eu/
35 B
268 B
Image
General
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=_Y6fGfg-pvA50V&t=1&abv=&r=https%3A%2F%2Fedition.totale-sante.com%2Fabf-dcv-landing-ldv-bdc%2Findex.html&cb=1721034223620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:03:43 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
x-powered-by
Express
content-type
image/gif
x-cloud-trace-context
ba80015a3b12b625c81229f91c77d6b9
cache-control
no-store
function-execution-id
jdqiw1x1h85e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
index-151c6d6d.js
app.usercentrics.eu/browser-ui/3.49.0/
5 KB
2 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/index-151c6d6d.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8bdd800bc92f19f91b3596b18939d9c0919ca9ba4b0ae9aaa82a8c9e62e8e394
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index.module.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:20:35 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420188
x-guploader-uploadid
ACJd0NpkH6Dar_0L9AXjMlP7t86rWc6y6e2dssckehR2oMTaiT2ZZoW5XMEi4aQp2WCKccAeWBI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2108
last-modified
Wed, 10 Jul 2024 12:15:42 GMT
server
UploadServer
etag
"606a5f5a9b6cb097296b9b6bd03fb9ab"
x-goog-generation
1720613742459613
x-goog-hash
crc32c=0WaZgA==, md5=YGpfWptssJcpa5tr0D+5qw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2108
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:20:35 GMT
SaveButton-781ac3df.js
app.usercentrics.eu/browser-ui/3.49.0/
1 KB
654 B
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/SaveButton-781ac3df.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4412e6ebd666f6204ddac3f0b95bfc4777f5fbae13d24bb100cc2a33c5ab5ef2
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index-151c6d6d.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:18:07 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420336
x-guploader-uploadid
ACJd0NrHwnAriA7uE_TH4YTlSbI9XnVWJU61eFsTXg_GG_Rh8tSTMklGzjcnT1gxuxEp9kLXihI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
614
last-modified
Wed, 10 Jul 2024 12:15:36 GMT
server
UploadServer
etag
"efdf76c743e83198650f3e359254b203"
x-goog-generation
1720613736398666
x-goog-hash
crc32c=i+jB9g==, md5=7992x0PoMZhlDz41klSyAw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
614
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:18:07 GMT
VirtualServiceItem-ea9deb71.js
app.usercentrics.eu/browser-ui/3.49.0/
156 KB
48 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/VirtualServiceItem-ea9deb71.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b148c330626c7ea64a19725ff6c20e1aa3878a38f182c035941e44560ffe72be
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index-151c6d6d.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0NqJT1qmbYC4_tR6QpflQQhYoSgSE0alVgdC6axZ7onhL8eve16NMLqfOXD62vsQa2pxkYU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48646
last-modified
Wed, 10 Jul 2024 12:15:38 GMT
server
UploadServer
etag
"11f00ea932550ad5d73e4b92cc22ad8f"
x-goog-generation
1720613738418667
x-goog-hash
crc32c=swhVXg==, md5=EfAOqTJVCtXXPkuSzCKtjw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
48646
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
DefaultTabs-634437e5.js
app.usercentrics.eu/browser-ui/3.49.0/
4 KB
2 KB
Script
General
Full URL
https://app.usercentrics.eu/browser-ui/3.49.0/DefaultTabs-634437e5.js
Requested by
Host: la-lettre.alternatif-bien-etre.com
URL: https://la-lettre.alternatif-bien-etre.com/hotdcv-1t-redirect-replay-entry-gauntlet/already.html?b=141&d=LABE&e=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&isBat=false&j=2757967&l=140&senddate=2024-06-29&sfId=&sid=25872009&sk=cm9iaW5fY2hyaXN0aWFuZUB5YWhvby5jb20%3D&s_source=TSA562390004&utm_campaign=GSD002%20-%20ENTRY%20LABE%20V4%20-%20DCV%20-%20LN%20N%C2%B07&utm_medium=email&utm_source=sfmc&walletId=&typePage=bdc&hemail=1d8b4309fd9273045fdf41489960870f1a8f56c7c21a36ca3598b7e49edd4a8e&subscriberKey=sk_f4bc1013b276174ab1cdd768efb67983be7af81cb28dfb601e2befddaba15f7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
47faa20050a18d7914b64c5023ca662552dcd16a0e03bcebdbc4fd6e65b0091d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.49.0/index-151c6d6d.js
Origin
https://edition.totale-sante.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 12:17:15 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
420388
x-guploader-uploadid
ACJd0NoDcNy83MOYUEGYzKNgeFhT-kXV71Ua8stxDwoOkeRlEy1qz8H4BRRUiZ5IWGdyWEHLDnk
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1691
last-modified
Wed, 10 Jul 2024 12:15:34 GMT
server
UploadServer
etag
"0a318c2586d75c4e647b5f72073c5e70"
x-goog-generation
1720613733985005
x-goog-hash
crc32c=bW+ZZQ==, md5=CjGMJYbXXE5ke19yBzxecA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1691
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Jul 2025 12:17:15 GMT
collect
a.clarity.ms/
0
288 B
XHR
General
Full URL
https://a.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://edition.totale-sante.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://edition.totale-sante.com
Date
Mon, 15 Jul 2024 09:03:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
consent-api.service.consent.usercentrics.eu
URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Domain
consent-api.service.consent.usercentrics.eu
URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Domain
uct.service.usercentrics.eu
URL
https://uct.service.usercentrics.eu/uct?v=1&sid=MhKKnsmCQScvw8&t=1&abv=&r=https%3A%2F%2Fla-lettre.alternatif-bien-etre.com%2Fhotdcv-1t-redirect-replay-entry-gauntlet%2Falready.html&cb=1721034221167
Domain
app.usercentrics.eu
URL
https://app.usercentrics.eu/browser-ui/3.49.0/index-151c6d6d.js

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| campaignStatsApplication string| campaignStatsStep string| pageId object| regeneratorRuntime object| dataLayer string| pageUid string| pageType function| Waypoint function| openExitPopup function| GetUrlParameter function| $ function| jQuery function| terms_changed1 function| head number| uidEvent object| __SENTRY__ object| bootstrap object| journey object| campaign object| grapesjs-preset-webpage.front-4b928bd766f646d992da number| timeToAppearAfterScroll object| exitPopUp object| stickyBar object| google_tag_manager object| google_tag_data string| settingsId string| _randomPageId function| clarity function| onYouTubeIframeAPIReady object| gaGlobal object| Trustpilot function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill function| gtag object| UC_UI

16 Cookies

Domain/Path Name / Value
.alternatif-bien-etre.com/ Name: falcon-lead-email
Value: robin_christiane@yahoo.com
.alternatif-bien-etre.com/ Name: atlas-lead-email
Value: robin_christiane@yahoo.com
.alternatif-bien-etre.com/ Name: email
Value: robin_christiane@yahoo.com
.alternatif-bien-etre.com/ Name: parentPageUid
Value: 2f3c6be9ab72289709a955647fcbab2996eedfe6
.totale-sante.com/ Name: atlasData
Value: {"sfId":""}
.totale-sante.com/ Name: parentPageUid
Value: e6d3c114d30bebf67a696c4e7fbd9cadd2566011
www.clarity.ms/ Name: CLID
Value: b541bbe673a24d5b890d5dfcb9c0e889.20240715.20250715
.totale-sante.com/ Name: _clck
Value: 11pt3bg%7C2%7Cfnh%7C0%7C1657
.bing.com/ Name: MUID
Value: 0E3F09A584E96B3D1B611D1885226A1C
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0E3F09A584E96B3D1B611D1885226A1C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0E3F09A584E96B3D1B611D1885226A1C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.totale-sante.com/ Name: _clsk
Value: 1ttvnoo%7C1721034223543%7C1%7C1%7Ca.clarity.ms%2Fcollect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
aggregator.service.usercentrics.eu
alternatif-bien-etre.com
api.usercentrics.eu
app.usercentrics.eu
atlas.totale-sante.com
c.bing.com
c.clarity.ms
cdn-common.pubfac.com
cdn-cs.alternatif-bien-etre.com
cdn-cs.totale-sante.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
click.mail1.alternatif-bien-etre.info
cloud.alternatif-bien-etre.com
cloud.tsapublications.com
code.jquery.com
consent-api.service.consent.usercentrics.eu
cs.alternatif-bien-etre.com
cs.totale-sante.com
curiosity.alternatif-bien-etre.com
edition.totale-sante.com
fonts.googleapis.com
fonts.gstatic.com
image.mail1.alternatif-bien-etre.info
la-lettre.alternatif-bien-etre.com
maxcdn.bootstrapcdn.com
p.typekit.net
pagead2.googlesyndication.com
pubfac-cdn.s3.amazonaws.com
stackpath.bootstrapcdn.com
totale-sante-cdn.pubfac.io
uct.service.usercentrics.eu
use.typekit.net
widget.trustpilot.com
www.clarity.ms
www.googletagmanager.com
app.usercentrics.eu
consent-api.service.consent.usercentrics.eu
uct.service.usercentrics.eu
104.17.24.14
104.17.25.14
104.18.11.207
104.45.184.134
108.138.7.43
13.224.189.118
13.32.121.82
13.32.27.109
13.74.129.1
142.250.185.130
161.71.82.92
18.172.112.2
18.173.205.129
18.173.205.68
18.245.31.12
18.245.60.79
18.66.122.12
18.66.147.100
2001:4860:4802:32::15
2001:4860:4802:34::15
216.58.206.72
2600:1901:0:1e38::
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:2724:6000:11:2cd5:2700:93a1
2600:9000:275b:1c00:12:108e:d340:93a1
2606:4700::6812:bb1f
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:812::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:829::200a
2a02:26f0:3100::1735:2a28
2a02:26f0:3100::1735:2a43
2a02:26f0:3100::1735:2bb9
2a04:4e42:200::485
2a04:4e42:400::649
34.95.108.180
35.190.14.188
35.241.3.184
52.219.169.83
52.219.75.201
0073551570215dc2c66863435cfa34fb42b262f83f9bb1a5554de52a4454c402
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
065c9fccb09dabf4deeff28ae55bfcffec0572bd62808f216b867410d8059b8b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0f3d7534a03767b0c3c0bfc20f992a2cfa2412dcc6afba6797aefe878468f262
1740b635b6ed1d7b8e50f782bdfb84c7ac462bbaecd9a80efbea5688b47ad5a4
1759f6494d53963ebd22fa4821f518e93dea2c29e5aa6674ee56ddb1fa8162c3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
222c6a6e4b84110dc96baa6d6c1711278d887dbd3c6b74e763834474421037a9
2a208fc28fb1ac05c4b31fb5ce1b33e8b8ac10cdba8a15b191afcad9fe0f822b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae9895be851c3f446ecb88145bb0308c1ed8a05979896aacfe6ca5dfea26508
2c29a9407b5ed27f0c6e3f6810fde9dfe829442e10472da42704e5d0803c41cc
2f9c56d8362df7d4ec4bb54fde3efd85653479505d9cdcf461865a492299690d
2faf125affe0e5df9028d1940387833956aacbaf85b9995b7d256b85c40bfe70
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3057ce921b914885321b8e8eae363bc14bda21f375e85150cfd97a7db2f59b00
3c08409af5c78f0990a963d7793dbeb3462ff28c79ebd82ed56cdd663ea9367e
414c24157ee0d8cfa05d950866152de250b6d1f1277e0c55d3130e41cd980938
4181af7024c9e5f827b8b338b6f43f2e68977cecc74ae2fc187de384198c5523
4357c93ecfd38fb8a8082a4f41c429be60b3e0f5ab2d3e47d3d9308f0b117a5b
4412e6ebd666f6204ddac3f0b95bfc4777f5fbae13d24bb100cc2a33c5ab5ef2
47faa20050a18d7914b64c5023ca662552dcd16a0e03bcebdbc4fd6e65b0091d
49b672c6a3aef8fb720ce42678dfceb19220dfa07c8b701defb84251a82c86e4
4aa4f5145772c28ad2c0818de2aefe9750269caaf35f87c77f35e8d2864d9331
4fc949b486aaff95dcc20c0de5cf648abfa96c16b8c6418e6528edc0c9ff156d
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5cc15667c610552ba71ba0cef0035c4e784384c654306e54e27cf94db8345371
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
71f19bab2b8751932c9ff30be879c8f8d17b946ced7cb329553c832b1cfe3368
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
7616c669fa5bf81f8c368ac8593eaa85a314e34d1a01fa64e4dc87269592b86e
78986c80bc7dab6173f3a57fd63086a6e46e58aae6f6b988a9ceac66d7503009
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c553146dcadba36a0b843c60b885d753021bfc8b44c514ed9c683a8eb425a9e
7d1231db395b79b095e4592679e6cf96da5048ea13c6e162a0bfb58557c25565
7d1ffc76bba4dfe1b48e8ef5192e5f54e54b0a4206a9445c70f5a33b25fc9e95
7d96a42b137473b8e169e2526d856ce3d887911313e9eef8986b0b47899c0dbf
7db8d8b564c2516d8c43725b00cc6df8f74599a0e69ab04081b817cc1ace5edf
7e2472bd1f232c3d68ed4772d3c325f4a700133dc26901fb83cfbb86e32781ef
7fa1ca6159924a0df8f302a83894fa85bf2c27c41932a257f8d813ea694b8ab1
8165f45fb1e3cb054e381d552e11f0ea15d056284011e336f6dffd0d3404ea3a
81ad35ffaccf6b9914113bd2fef009a3aea50c79804f00512bff99f20b52ba72
82eff52e1ed0125b4a7474b3600087c90237b04bfe0c8b18ab4da68331a4020b
846e95bdc7e94fb5877f9ecc9636594eeac05c10798a0c3fe1435e44c6ef3e42
8497faef577d573ac5cbf74a28522face7496b68da656095213dd6d9b3089061
84c489a325e169b434e696ad66d1c60d9d0823c8ad3d5890768fd8930f79a656
85fa61e1e0f865a9d5b90baf5b5c77874ccf7fbe175f758a0bda91226ac692ec
875bd4163e7ec5b91cc46c3de01f8938bc075cbace99cdc0ac7237c66a6a5905
8825666143b92e1717458c42219e83233ceae9703be91160668c4304c8c74ef7
8abc1af951bb59965fd2eafa35bb49b4325e5e18f11fc800eb3b36ac271ef668
8bdd800bc92f19f91b3596b18939d9c0919ca9ba4b0ae9aaa82a8c9e62e8e394
8d6d83fe931f69d533fe292d325703da4bda66c490361f998d52622cf4b0ab8a
916d7072bc55f9f78640da47220b0af32cbbf15d78ce8e2d778b056d84e69d33
91f7de4208b2d01ea4337708d292c81eaf2092a722c9c77ef6c835a576962f71
97121e0b2be0e9db9bd0ba5fdc33b21820943ebff48f6c8992afce23b46ba4f5
98241f0244c75e6719a65c55a23e2a3597e00bcc335be427248c8e694440845e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e932f61af911ddaca0b8a24460b8b51dc56bac4c87ef664ed5421ad5e53f0a7
9ffec53f346348fcb8a39a3cc13c3e107809c73a1cac4c1afafb86a306811456
a4d5bca843401471dbda3ee7fe80c5fd24d960e7a0a098eea73f729783e660e7
a543810a4a53c9e050f3dcb2cb608a587dac3b7a00dd13276cc4ee4d359f3615
a86bc34501a5877525b39267f89939bb8f2608f2fd2758e35632f2813c4dde92
af1108dc8b93c371224e9936e052668edaaf28bc60d0afe09e87230fa7a01897
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0fb971150c2648f434530c43940ab05e42283a5487fa4805de32ae532526187
b148c330626c7ea64a19725ff6c20e1aa3878a38f182c035941e44560ffe72be
b606f07ad4254e17faf3cd68fcadf84719616c7baa837df6aef893ec0bf63c20
b7745a4ab990e7588b287347aa568a65ca11b2b13c6f39e423dfed9bf13fc259
bd13486c4b035bbadf25ac1eaa1716fa5ca0e0ef25a88ff1697322f7dfe47f01
c0c88fcc2cbc43d7a5905efd7949685377707a7d1965938b4689b729a7de9921
c4930f2d8894bd3bfffe4d898500ee04e6729af2430a075f22cd9b641b7d4012
c5e788e017315f9800f3bea9e6f66f087ed5044545f21cd4fed29c39b2950603
c87795c27b01de316384c13cd12350ef0ea1b376a2169330d267129044ee5434
c96c83185c91663b6cdc25a0ce964b3b7649fdaf3dbf44d0e0c4b635b50ee375
cc16553cd105f41e244b96d782937fa54937239ebea92e5fc0436e2f6df88cb2
ccc5c5758a3a7eb482dc56903ee635afc6f39040227e110e3dff187b231b1352
cd552233b624058329da2a35a229521ec2618b4e84c768f4b023fdea903f3299
ce5251c43cf1847ef7d22e637c438b0e21545c6aef4c057c1fc7350d6dc90412
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d12f867132eb1b6f82c3892a2e6842ccc968d2b9a7123ec9aa7e853d3f360b9c
d501416a171804e5fd11d8986b8e5ffc5bc5c14102cce017a8b925b0f44d8bcd
d62a14fc4e7ccb38f06a07f211d701b9e7f4e62b7beb715fcdfdc6bc593868e3
d88aca6d621409b7c9801807f09a617fe1bff60bc0779256f289abab663985d8
dbf172d6583173d343a5383165015e50c9769765dfd841a6e53421c376865f7e
dc8a498ab080c0cd3f6e54104117af3bd95a3c776ae248fb4df9e5575e38bf51
dcb5ea8c4245e69ac628e2092b3f13942372ea5593937b62f12385e2307d19ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e90a5860b19224adf0a49ea72abd667324038f300a33548e02d7fc04b8d76d1e
e9c6246dcf00603810c5d3e5dd2d23292b9add8a5f44cc3394c62766e4d46ee9
ea26f9c0dd322d3220460ec69656ae541123de3d540af3aec84a9abe04a7288d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c39d46daa0a5ba0e0208a8bce6d2171326f5f766bd4314af27b6b09663aa98
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72811f0a2f2a6ff4cd4f5febcc7d86dc7188048b9306f3b73051a089ee08150
f7994a80d1000beea3a4b65d6fc85118f46e18de4ecb1fd9a6fbc7c0297a5e0b
f8c6d60fa998237901001cb115ccf80460d2eb72436612d1910b9b2fd1cfee47
fb6b9d24b54fb097fb66a94256247dba599489e0e92aa7512346ab1ecd19483b
fc9e5a850ea9aad22b262cc3a90e593fca6d9a05fa9a1fa2ee543c2301564ab5