urlscan.io logo urlscan.io
SecurityTrails logo

www.regenere8.com Open in urlscan Pro
185.34.32.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm....
Effective URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_sour...
Submission: On April 22 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 7 countries across 24 domains to perform 51 HTTP transactions. The main IP is 185.34.32.130, located in France and belongs to OCTOPUCE-AS Customers , FR. The main domain is www.regenere8.com.
TLS certificate: Issued by R3 on April 3rd 2022. Valid for: 3 months.
This is the only time www.regenere8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.12 31688 (SPLIO-AS)
2 3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:41d0:203... 16276 (OVH)
1 2 63.34.227.194 16509 (AMAZON-02)
2 2 35.190.16.14 15169 (GOOGLE)
1 1 2600:1901:0:3... 15169 (GOOGLE)
6 185.34.32.130 28855 (OCTOPUCE-...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 85.17.54.17 60781 (LEASEWEB-...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 108.138.17.88 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 185.34.32.128 28855 (OCTOPUCE-...)
1 52.222.236.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.28 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
51 26
1    91.190.170.12 (France)

ASN31688 (SPLIO-AS, FR)
PTR: s3s.fr
s3s-main.net
3    2606:4700:3034::ac43:9272 (United States)

ASN13335 (CLOUDFLARENET, US)
wtm.la-meteo-mail.fr
2    2001:41d0:203:9304:: (France)

ASN16276 (OVH, FR)
r.phywi.org
2    63.34.227.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-227-194.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
2    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    2600:1901:0:37f::a:1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pws.la-meteo-mail.fr
6    185.34.32.130 (France)

ASN28855 (OCTOPUCE-AS Customers , FR)
PTR: bluesteelweb2.octopuce.fr
www.regenere8.com
www.bluesteel.fr
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    85.17.54.17 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
go.obfity.net
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
1    108.138.17.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-88.fra56.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    185.34.32.128 (France)

ASN28855 (OCTOPUCE-AS Customers , FR)
PTR: bluesteelweb1.octopuce.fr
s2s.nutrisolution.fr
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 obfity.net
go.obfity.net
8 KB
4 regenere8.com
www.regenere8.com
68 KB
4 la-meteo-mail.fr
wtm.la-meteo-mail.fr — Cisco Umbrella Rank: 903202
pws.la-meteo-mail.fr
4 KB
3 google.fr
www.google.fr — Cisco Umbrella Rank: 15352
762 B
3 google.com
analytics.google.com — Cisco Umbrella Rank: 637
www.google.com — Cisco Umbrella Rank: 2
1004 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
2 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 591
script.hotjar.com — Cisco Umbrella Rank: 840
vars.hotjar.com — Cisco Umbrella Rank: 885
67 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
59 KB
3 gstatic.com
fonts.gstatic.com
100 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137
114 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
146 KB
2 bluesteel.fr
www.bluesteel.fr
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212
82 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2248
42 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9852
522 B
2 cloud-media.fr
er.cloud-media.fr — Cisco Umbrella Rank: 235432
421 B
2 phywi.org
r.phywi.org — Cisco Umbrella Rank: 106118
1 KB
1 nutrisolution.fr
s2s.nutrisolution.fr
955 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 103
15 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
8 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 610
24 KB
1 s3s-main.net
s3s-main.net — Cisco Umbrella Rank: 180287
1 KB
51 24
Domain Requested by
5 go.obfity.net www.regenere8.com
go.obfity.net
4 www.regenere8.com wtm.la-meteo-mail.fr
www.regenere8.com
3 www.google.fr www.regenere8.com
3 www.google-analytics.com www.googletagmanager.com
www.regenere8.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.regenere8.com
3 wtm.la-meteo-mail.fr 2 redirects
2 www.facebook.com www.regenere8.com
2 www.google.com www.regenere8.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net s3s-main.net
connect.facebook.net
2 www.googletagmanager.com www.regenere8.com
www.googletagmanager.com
2 www.bluesteel.fr www.regenere8.com
2 cdnjs.cloudflare.com www.regenere8.com
cdnjs.cloudflare.com
2 stackpath.bootstrapcdn.com www.regenere8.com
2 redirect.frontend.weborama.fr 2 redirects
2 er.cloud-media.fr 1 redirects wtm.la-meteo-mail.fr
2 r.phywi.org wtm.la-meteo-mail.fr
1 vars.hotjar.com static.hotjar.com
1 analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 script.hotjar.com static.hotjar.com
1 s2s.nutrisolution.fr s3s-main.net
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.jsdelivr.net www.regenere8.com
1 code.jquery.com www.regenere8.com
1 pws.la-meteo-mail.fr 1 redirects
1 s3s-main.net
51 29

This site contains no links.

Subject Issuer Validity Valid
s3s.fr
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-05-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
*.phywi.org
Gandi Standard SSL CA 2		 2022-01-13 -
2023-02-13		 a year crt.sh
www.regenere8.com
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
go.obfity.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-12 -
2022-12-13		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
www.bluesteel.fr
R3		 2022-03-27 -
2022-06-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
s2s.nutrisolution.fr
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Frame ID: F33FB2C4200B80A816CAD6FB499CF3B0
Requests: 50 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 3E9A0534B38D4D7BBD18191E356226C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

La chose simple que j’ai faite avant de me coucher pour perdre 27 kilos

Page URL History Show full URLs

  1. https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&... Page URL
  2. https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA... HTTP 302
    https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e... HTTP 302
    https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-m... Page URL
  3. https://pws.la-meteo-mail.fr/ndc/GZ7L86V0?ps_ee=39564c48f263b3f97a20af52fd48b15d&ps_ee=542609b2c7ce1a52b8... HTTP 302
    https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspac... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

51
Requests

96 %
HTTPS

64 %
IPv6

24
Domains

29
Subdomains

26
IPs

7
Countries

750 kB
Transfer

1902 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm.la-meteo-mail.fr%2Fr%2FeNqFkFtvozAQhX8N%252B9biO%252FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%252F44PH8PQnwL8GKDUV38%252B3X%252FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%252B9O7tQGe%252F5YoQOy%252FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%252B%252FGP0w1e3Lasx%252Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%252BkCrqvpcHR4qUxSQpEu5X%252BAFWmpZP Page URL
  2. https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%2F44PH8PQnwL8GKDUV38%2B3X%2FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%2B9O7tQGe%2F5YoQOy%2FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%2B%2FGP0w1e3Lasx%2Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%2BkCrqvpcHR4qUxSQpEu5X%2BAFWmpZP HTTP 302
    https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e6e1db12/2/2/a/?u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D HTTP 302
    https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D Page URL
  3. https://pws.la-meteo-mail.fr/ndc/GZ7L86V0?ps_ee=39564c48f263b3f97a20af52fd48b15d&ps_ee=542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b&ps_g=Mme&ps_a=1963&ps_z=$CODE_POSTAL$&z=1 HTTP 302
    https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%2F44PH8PQnwL8GKDUV38%2B3X%2FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%2B9O7tQGe%2F5YoQOy%2FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%2B%2FGP0w1e3Lasx%2Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%2BkCrqvpcHR4qUxSQpEu5X%2BAFWmpZP HTTP 302
  • https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e6e1db12/2/2/a/?u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D HTTP 302
  • https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Request Chain 3
  • https://er.cloud-media.fr/r/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 4
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1201091407 HTTP 302
  • https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=2ZcXc3Fp7y/0nySm3lazjO

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1637535747.html
s3s-main.net/fw19c3/19563171/10111665/ 		652 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm.la-meteo-mail.fr%2Fr%2FeNqFkFtvozAQhX8N%252B9biO%252FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%252F44PH8PQnwL8GKDUV38%252B3X%252FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%252B9O7tQGe%252F5YoQOy%252FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%252B%252FGP0w1e3Lasx%252Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%252BkCrqvpcHR4qUxSQpEu5X%252BAFWmpZP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.12 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
3e5c6bc4ffab491210b3183ddedf7ac83cc29ff724ccec4de2c60ae4dd0181f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin, content-type, accept
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Length
652
Content-Type
text/html
Date
Fri, 22 Apr 2022 21:15:28 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Pragma
no-cache
Server
Apache
X-Robots-Tag
noindex,nofollow
redirection.html
wtm.la-meteo-mail.fr/
Redirect Chain
  • https://wtm.la-meteo-mail.fr/r/eNqFkFtvozAQhX8N%2B9biO%2FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%2F44PH8PQnwL8GKDU...
  • https://wtm.la-meteo-mail.fr/w/559948/39564c48f263b3f97a20af52fd48b15d/1835/105/768940bdf462d1f2eb026686e6e1db12/2/2/a/?u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b...
  • https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:9272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64a00116508e902e97094a1e3a6f81d461cae478982edc06460f5c728378301
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm.la-meteo-mail.fr%2Fr%2FeNqFkFtvozAQhX8N%252B9biO%252FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%252F44PH8PQnwL8GKDUV38%252B3X%252FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%252B9O7tQGe%252F5YoQOy%252FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%252B%252FGP0w1e3Lasx%252Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%252BkCrqvpcHR4qUxSQpEu5X%252BAFWmpZP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
700160037bb50863-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 22 Apr 2022 21:15:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwF6%2BQJXLDL1vIwOU1yUCV9DxBtESbXImlbuqw4J94FRd6goqjB8aLWd8cmMCTaz1dcvuruBbu9cydD6F%2FNl2TOwb%2FT2SkQz0iP9ZHwhe%2FNNI0bfk0Q3ThQmROz%2B0sjflWQMb8EIBj%2BMLa7rKvFf24K%2Blw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-request-id
8D6545DB:BBFA_33B2446D:0050_62631AEA_5294F7:0008

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
70016003189f32c4-CDG
content-length
0
date
Fri, 22 Apr 2022 21:15:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 01 Jan 2014 00:00:00 GMT
location
https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu7ZkQ4kZJQDUvU6qLkldXNgHlytgu6JNpcej1BQVpWStDx2cqiYlACDISBCH%2BhJ0GoacFKQWm1hdJOrlWbAYwVm%2Bb7%2BiJHkIBHG3MCfXnWcBPnaUd8z2KLNIuhb48IzHM5a55L5%2FdtvOfTpST6hgvZHWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
x-request-id
8D654452:B65C_33592B57:0050_62631AF1_537DD4:0008
cl.gif
r.phywi.org/ 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/cl.gif?m=39564c48f263b3f97a20af52fd48b15d
Requested by
Host: wtm.la-meteo-mail.fr
URL: https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9304:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://wtm.la-meteo-mail.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:29 GMT
server
nginx
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id
200141D0000D364D0000000000000006:90A6_200141D0020393040000000000000000:01BB_62631AF1_4061CD:0009
expires
Sun, 01 Jan 2014 00:00:00 GMT
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/
Redirect Chain
  • https://er.cloud-media.fr/r/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.la-meteo-mail.fr
URL: https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Protocol
H2
Server
63.34.227.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-227-194.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://wtm.la-meteo-mail.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:29 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/39564c48f263b3f97a20af52fd48b15d/20305b1d-4a14-4990-b6a1-7765863e4041
date
Fri, 22 Apr 2022 21:15:29 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D39564c48f263b3f97a20af52fd48b15d%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1201091407
  • https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=2ZcXc3Fp7y/0nySm3lazjO
43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=2ZcXc3Fp7y/0nySm3lazjO
Requested by
Host: wtm.la-meteo-mail.fr
URL: https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Protocol
H2
Server
2001:41d0:203:9304:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://wtm.la-meteo-mail.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:29 GMT
server
nginx
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
x-request-id
200141D0000D364D0000000000000006:90A6_200141D0020393040000000000000000:01BB_62631AF1_4061D4:0009
expires
Sun, 01 Jan 2014 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:29 GMT
via
1.1 google
last-modified
Fri, 22 Apr 2022 21:15:29 GMT
server
nginx/1.18.0
location
https://r.phywi.org/webo.gif?md=39564c48f263b3f97a20af52fd48b15d&wb=2ZcXc3Fp7y/0nySm3lazjO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request actu-rm1c.php
www.regenere8.com/
Redirect Chain
  • https://pws.la-meteo-mail.fr/ndc/GZ7L86V0?ps_ee=39564c48f263b3f97a20af52fd48b15d&ps_ee=542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b&ps_g=Mme&ps_a=1963&ps_z=$CODE_POSTAL$&z=1
  • https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Requested by
Host: wtm.la-meteo-mail.fr
URL: https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.34.32.130 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb2.octopuce.fr
Software
nginx /
Resource Hash
c53e330a44eeda6a2d85f636f7b86483270d12b2181dc294f693345a75cb1b52

Request headers

Referer
https://wtm.la-meteo-mail.fr/redirection.html?m=39564c48f263b3f97a20af52fd48b15d&u=https%3A%2F%2Fpws.la-meteo-mail.fr%2Fndc%2FGZ7L86V0%3Fps_ee%3D39564c48f263b3f97a20af52fd48b15d%26ps_ee%3D542609b2c7ce1a52b854134bac26c9050031e89065dd79aef5e6ebb0a0c9914b%26ps_g%3DMme%26ps_a%3D1963%26ps_z%3D%24CODE_POSTAL%24%26z%3D1&dc=rmWOUu7vCbCFbFhEzMRJwie0VExfLI%2BYtgUkCb2ZGtjOxFo%2FMLir%2FQDbZiP8Le9G6DzVZ6tj1WusSeuLW8tuHjT%2FSHUjBBGaFO9%2Fk1oiGubadg9oPHp3%2BO1LQSCVacHgtZFgzfTZg6JN0UzUpN%2Fkk8%2BCn4U7mvPnf4MF6C4EME8%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-length
4085
content-type
text/html; charset=UTF-8
date
Fri, 22 Apr 2022 21:15:29 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Apr 2022 21:15:29 GMT
location
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
server
nginx/1.19.1
trace-id
b38c2c04656141f8
via
1.1 google
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.regenere8.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
602, 601
age
406543
cdn-cachedat
2021-11-10 22:12:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
eba62edac9a6d12af0956d19c858aad5
cf-ray
70016008bb3639c9-CDG
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
lp1a.css
www.regenere8.com/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regenere8.com/assets/css/lp1a.css
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.34.32.130 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb2.octopuce.fr
Software
nginx /
Resource Hash
f863090ab67a710bd717de480bee57b7ce9fc7f310d0c597743e35123e6556a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:29 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 16:15:03 GMT
server
nginx
etag
"207e-5ce52618fafc0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
1672
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ffb4029120353a7a4668f34191dda6737df5f6a23244b73d7bfd21c8aa19028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 19:56:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 21:15:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 21:15:30 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
750473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RMVf7JpS9%2B%2B6uN5KrmiCIx7kMz9Sbq9IdOmTciIuSR0xAcaRFVEcRVPYnJcGJN%2BMme2C1FaIXN2HAbnlJGatAl1VKD3t%2BdFe3RLo2Fy%2BhfTvmlilbx1BLGe4a4f%2BVO38Zyfpm%2FA%2B32bcniny8gKM07B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70016008bc263bda-CDG
expires
Wed, 12 Apr 2023 21:15:30 GMT
css2
fonts.googleapis.com/ 		2 KB
554 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cabin:wght@400;500&display=swap
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
797ee5b057d84bb5c7db215b7dc903c02f4e539120b3f7bd87d21bee0acaf400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 21:15:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 21:15:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 21:15:30 GMT
view.js
go.obfity.net/ 		203 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.obfity.net/view.js
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e0fcee6ac31454aa54b3b34ae4d67ee047448466deb205f29fad0324e9548877

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 21:15:30 GMT
Server
nginx/1.21.3
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
203
vendor2.png
www.regenere8.com/assets/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regenere8.com/assets/img/vendor2.png
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.34.32.130 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb2.octopuce.fr
Software
nginx /
Resource Hash
e626f7480ff5b49d5d65ccb092b82e780e6c5df8c58f0cad4dd6145ac7e4fef5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
last-modified
Tue, 02 Nov 2021 09:00:12 GMT
server
nginx
etag
"2bfd-5cfca8566bf00"
content-type
image/png
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
11261
lemon.jpg
www.regenere8.com/assets/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regenere8.com/assets/img/lemon.jpg
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.34.32.130 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb2.octopuce.fr
Software
nginx /
Resource Hash
3df261af2d5a01cf6746d413eac5843328e00a6dafb5a922b81899f8a9f2b562

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
last-modified
Thu, 14 Oct 2021 16:16:37 GMT
server
nginx
etag
"cc42-5ce52672a0340"
content-type
image/jpeg
cache-control
max-age=15552000, public
accept-ranges
bytes
content-length
52290
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://www.regenere8.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
"620cd6ff-1157d"
vary
Accept-Encoding
x-hw
1650662130.dop201.pa1.t,1650662130.cds220.pa1.hn,1650662130.cds210.pa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.regenere8.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
715638
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19160-FRA, cache-cdg20747-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxH29eZFfnIYcxmNOFvIJxblhNp7zOxoyM9Wqv7jdRxwUvL6faXuKHSIf1r61E2i29yyd28yYhqu1Sr7O5FugN87B5CvqtGqD2xOQKiCxuNzBXlqIJEjQt7ZEPeYDC1HHR0N26Q4dNVVXwLWzd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
70016009d84004a3-CDG
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.regenere8.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
602
age
1511383
cdn-cachedat
09/26/2021 21:38:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
022c0827df7573d348085ca322102500
cf-ray
70016009ceb00497-CDG
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
bl.js
www.bluesteel.fr/_minisite/v2/assets/js/common/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bluesteel.fr/_minisite/v2/assets/js/common/bl.js
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.34.32.130 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb2.octopuce.fr
Software
nginx /
Resource Hash
f375ca68fe0550974a2ad7d1ee3b009a72b0b0a0e75ebd25a8e56f90217e2541

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 23:48:17 GMT
server
nginx
etag
"303c-5d55716539240-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
4162
gtm.js
www.googletagmanager.com/ 		244 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRNTPDP
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db2986664cc367652ae37f2ded60f4fa86248121e9be929db1f2cd34089801d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81118
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:15:30 GMT
css2
fonts.googleapis.com/ 		3 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/assets/css/lp1a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b275c50d1d98b37f05cc74f9d81815139902e53a9055b3761f6b3a0b98e2751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 21:12:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 21:15:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 21:15:30 GMT
view
go.obfity.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.obfity.net/view
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
253800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 22:45:30 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
172181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXTXlfZk%2FcxpgLwVh3Yw5yQ50dwxcKhs6te1%2Fj4UfNvxShkWHENOGYUZJ%2BH63EO4mbYN9DGe31magisj5%2FYRQZDElz4TEqWAzfn9cRj4hyLd5x5Kq9s%2FOkcoQlHOH11NIO4x%2FzQyV3NLHWYMUg8CIVNJ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70016009cf9a3acb-CDG
expires
Wed, 12 Apr 2023 21:15:30 GMT
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v24/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v24/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 23:10:14 GMT
x-content-type-options
nosniff
age
79516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26244
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:32:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 23:10:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.regenere8.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 08:55:44 GMT
x-content-type-options
nosniff
age
217186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 08:55:44 GMT
/
www.bluesteel.fr/_tk/ 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bluesteel.fr/_tk/?trk=1&bld=CJ-JtA9X-VV0bMX1B0Z-SZnZO&blv=BL-KsA68-PY4kLTKNAY-Z6MW0&blpc=powerspace&bldt1=FRstandard&bldt2=default&blpq=powerspace&bldt1q=FRstandard&rdm=ypUMU-XYGoWZt16q&part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&dom=www.regenere8.com&ref=https://wtm.la-meteo-mail.fr/&loc=https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&uag=mozilla/5.0%20(windows%20nt%2010.0;%20win64;%20x64)%20applewebkit/537.36%20(khtml,%20like%20gecko)%20chrome/100.0.4896.127%20safari/537.36&app=netscape&wW=1600&wH=1200
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.34.32.130 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb2.octopuce.fr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
server
nginx
content-length
0
content-type
text/html; charset=UTF-8
unilpclick.js
go.obfity.net/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.obfity.net/unilpclick.js?defaultcampaignid=61f796741cfe1c0001816be9&attribution=firstclick&regviewonce=false&cookiedomain=www.regenere8.com&cookieduration=30
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
555de8abe33e9871a213f6dd80284bd18688a1e3b7f5aa6c8bb8a6aa13dd54b6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 21:15:30 GMT
Server
nginx/1.21.3
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YCTQFXTTF6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNTPDP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec616f701447d70f390976ce7205faa4f1acda3c9d2dc3ea8a746c55a6fd0ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67881
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:15:30 GMT
optimize.js
www.google-analytics.com/gtm/ 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-K68HCQJ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNTPDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11ba512b874be580a6e253844aa423a26df1f0bdf8e99fb00ad6ea13eac5dac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39656
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:15:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNTPDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6040
date
Fri, 22 Apr 2022 19:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 22 Apr 2022 21:34:50 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNTPDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14897
x-xss-protection
0
server
cafe
etag
9926226332162747720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:15:30 GMT
hotjar-2735377.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2735377.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRNTPDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-88.fra56.r.cloudfront.net
Software
/
Resource Hash
44d1df995ac74bcd905739cf954eb316330e5583c0828544b85a33033d8a3896
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P7
etag
W/67e15b361785eaee1f6ba690481e64bc
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1918
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-id
Wze-QXfOQ4TTGovbIxT6Nbty6Zwp_6UchfTf9h-Khb46hXo9gtOJlw==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm.la-meteo-mail.fr%2Fr%2FeNqFkFtvozAQhX8N%252B9biO%252FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%252F44PH8PQnwL8GKDUV38%252B3X%252FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%252B9O7tQGe%252F5YoQOy%252FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%252B%252FGP0w1e3Lasx%252Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%252BkCrqvpcHR4qUxSQpEu5X%252BAFWmpZP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
5aZljPmjANXP6FjxX6hnzz1iHycIW4/0vVU3hKTr0f+N7DroN+QkaIB72MyKuL6e+rc6HwTAjYv0TjTPOe1/nw==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 22 Apr 2022 21:15:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
shared.php
s2s.nutrisolution.fr/ 		2 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s2s.nutrisolution.fr/shared.php
Requested by
Host: s3s-main.net
URL: https://s3s-main.net/fw19c3/19563171/10111665/1637535747.html?p=9c0ca0022c2ff4e81ae0028577f633fa&u=https%3A%2F%2Fwtm.la-meteo-mail.fr%2Fr%2FeNqFkFtvozAQhX8N%252B9biO%252FZDtWoIkK2gpE1IVF4qXylJSVADTcSvr6NonyuPLH3jM0dnfA4pFYLwEAvKiCbcIYYVdiKSCEhHkTOEK0hNCDmmIQQ0jBgXBCjjCEMGOmQVQIxxZpmFRkEUXo8M%252F44PH8PQnwL8GKDUV38%252B3X%252FKu84O9njXyfbz3n359sFof2d1lHO2AQFO%252B9O7tQGe%252F5YoQOy%252FlBLEgFBIR9pCSZHilEBMlNSIaQEoABhaLgCjxkRCWkd9WKWABFoISNTNqvFORWdvID1AwfCNJk8BInE5T96X5Wr9mHvyT9c%252B%252FGP0w1e3Lasx%252Bo5VnKr0I5mK16dza8Emubj8X4Bmb0NT7WOF6mzYlZf06Hcu8vb6AS9zVbdLnluRsfm0qdmwg9vxtLJjvuXDuNitvWi1qHazWSbTUnjaw2ObjUqaRhyXi96HnJUwf1nFG6kXzVCnzeTWdcOenkE1Vf3zdWTPvSo%252BkCrqvpcHR4qUxSQpEu5X%252BAFWmpZP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.34.32.128 , France, ASN28855 (OCTOPUCE-AS Customers , FR),
Reverse DNS
bluesteelweb1.octopuce.fr
Software
nginx /
Resource Hash
f3a1888363a17ddbdbe2a6265f149b91a0dc6912bd2fd1893fdbcb75d96ce357

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
gzip
server
nginx
content-length
847
vary
Accept-Encoding
content-type
application/javascript
61f796741cfe1c0001816be9
go.obfity.net/ 		188 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.obfity.net/61f796741cfe1c0001816be9?format=json&part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&sub19=undefined&sub20=undefined
Requested by
Host: go.obfity.net
URL: https://go.obfity.net/unilpclick.js?defaultcampaignid=61f796741cfe1c0001816be9&attribution=firstclick&regviewonce=false&cookiedomain=www.regenere8.com&cookieduration=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
6ef593a46c9378e8c916de3716c94decb553f1f7ea5d75e1370fe31e782c0a0c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 21:15:30 GMT
Server
nginx/1.21.3
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
188
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2735377.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
815184
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63817
access-control-allow-origin
*
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
etag
"838915b4bc2438e3190a8320d0520962"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
gT0Y9E9aTBQyHeU5uj5I0-pxx9T-tZuHcqDepz4DgolfMkpfSlLUMA==
view
go.obfity.net/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.obfity.net/view?clickid=62631af23eb8670001dffcc8
Requested by
Host: go.obfity.net
URL: https://go.obfity.net/unilpclick.js?defaultcampaignid=61f796741cfe1c0001816be9&attribution=firstclick&regviewonce=false&cookiedomain=www.regenere8.com&cookieduration=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 22 Apr 2022 21:15:30 GMT
Server
nginx/1.21.3
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/741862708/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/741862708/?random=1650662130492&cv=9&fst=1650662130492&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&ref=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&tiba=La%20chose%20simple%20que%20j%E2%80%99ai%20faite%20avant%20de%20me%20coucher%20pour%20perdre%2027%20kilos&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e90c58e3d13d2ffb0f1e7eae6fd1a646cd8b63dad29b5e28e00855277c3cba12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1196
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-YCTQFXTTF6&gtm=2oe4k0&_p=757994358&_z=ccd.NbB&_gaz=1&cid=2090214115.1650662131&ul=en-us&sr=1600x1200&_s=1&sid=1650662130&sct=1&seg=0&dl=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&dr=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&dt=La%20chose%20simple%20que%20j%E2%80%99ai%20faite%20avant%20de%20me%20coucher%20pour%20perdre%2027%20kilos&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YCTQFXTTF6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.regenere8.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YCTQFXTTF6&cid=2090214115.1650662131&gtm=2oe4k0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YCTQFXTTF6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.regenere8.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YCTQFXTTF6&cid=2090214115.1650662131&gtm=2oe4k0&aip=1&z=37218699
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-183901988-1&cid=2090214115.1650662131&jid=675011435&gjid=633432371&_gid=352141064.1650662131&_u=aCDAgEABQAAAAE~&z=1074113435
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.regenere8.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 22 Apr 2022 21:15:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.regenere8.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=757994358&t=pageview&_s=1&dl=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&dr=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&ul=en-us&de=UTF-8&dt=La%20chose%20simple%20que%20j%E2%80%99ai%20faite%20avant%20de%20me%20coucher%20pour%20perdre%2027%20kilos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQ~&jid=675011435&gjid=633432371&cid=2090214115.1650662131&tid=UA-183901988-1&_gid=352141064.1650662131&gtm=2wg4k0TRNTPDP&z=139845463
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 17:06:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14913
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
671812849921469
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/671812849921469?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7aa61f18983685de4980a700f1204713593ed622e31fd5dc534eb3f795d7f6e7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89254
x-xss-protection
0
pragma
public
x-fb-debug
cR3wUac/pkYNcZun7SwBdBVyH/ml2rMBgLPLP0henrZyjd0PJyp34ydgbD2LSbDpPDc9TcJWHa93JEuOFWhthA==
x-frame-options
DENY
date
Fri, 22 Apr 2022 21:15:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 3E9A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2735377.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-28.fra60.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://www.regenere8.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
815184
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-id
X5umSfAbQB1P4ndGYFrwglfvr6uDqHMBLdsBzMaFmy3AsJBXaUtfBw==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-183901988-1&cid=2090214115.1650662131&jid=675011435&_u=aCDAgEABQAAAAE~&z=55889357
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-183901988-1&cid=2090214115.1650662131&jid=675011435&_u=aCDAgEABQAAAAE~&z=55889357
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/741862708/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/741862708/?random=1650662130492&cv=9&fst=1650661200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&ref=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&tiba=La%20chose%20simple%20que%20j%E2%80%99ai%20faite%20avant%20de%20me%20coucher%20pour%20perdre%2027%20kilos&async=1&fmt=3&is_vtc=1&random=2891657478&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/741862708/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/741862708/?random=1650662130492&cv=9&fst=1650661200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&ref=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&tiba=La%20chose%20simple%20que%20j%E2%80%99ai%20faite%20avant%20de%20me%20coucher%20pour%20perdre%2027%20kilos&async=1&fmt=3&is_vtc=1&random=2891657478&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 21:15:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=671812849921469&ev=PageView&dl=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&rl=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&if=false&ts=1650662130706&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650662130704.2020753064&it=1650662130543&coo=false&rqm=GET
Requested by
Host: www.regenere8.com
URL: https://www.regenere8.com/actu-rm1c.php?part=powerspace&data1=FRstandard&utm_campaign=RegenerPowerspaceFRstandard&utm_source=powerspace&utm_medium=cpc&cid=9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 22 Apr 2022 21:15:30 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=671812849921469&ev=Microdata&dl=https%3A%2F%2Fwww.regenere8.com%2Factu-rm1c.php%3Fpart%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d&rl=https%3A%2F%2Fwtm.la-meteo-mail.fr%2F&if=false&ts=1650662132210&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22La%20chose%20simple%20que%20j%E2%80%99ai%20faite%20avant%20de%20me%20coucher%20pour%20perdre%2027%20kilos%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650662130704.2020753064&it=1650662130543&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regenere8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 21:15:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 22 Apr 2022 21:15:32 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| currentDate number| day number| month number| year function| $ function| jQuery function| Popper object| bootstrap function| scv function| mnc function| rdmS function| trim function| getCookie function| setCookie function| deleteOneCookie function| deleteAllCookies function| gqs object| d object| w string| p string| u string| dT1 string| dT2 string| pQ string| pC string| bld string| visitorid object| urlParams object| urlParamsTab string| infParams undefined| _tvi string| _blp string| _bldT1 string| _bldT2 string| _bld string| _blpo undefined| _obTracking undefined| _taboolaclickid undefined| _ligTracking undefined| _ks undefined| _stn undefined| _crm undefined| _mforce undefined| _fbclid undefined| _gclid string| _cid undefined| _mxm undefined| _iid undefined| _obclid string| _powerspace function| geturlParams string| genericTracking undefined| _genericTracking object| img function| mobileAndTabletCheck function| loadRedTrackClickTracking function| waitAndTag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| gtag object| fks2sdata function| fks2s object| head object| script string| actualPage string| previousPage string| trackerPage function| redTrk object| campaignIds function| parseBool string| cookieDomain number| cookieDuration boolean| registerViewOncePerSession boolean| lastPaidClickAttribution boolean| firstClickAttribution string| attribution undefined| ourCookie string| rtkClickID function| removeParam string| locSearch undefined| rtkfbp undefined| rtkfbc string| pixelParams string| campaignID object| souceKey string| initialSrc object| rawData function| replaceLink function| setSessionClickID object| rtkxhr string| ip string| ua function| fks2sInit object| gaplugins object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| rtkxhrr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaGlobal function| onYouTubeIframeAPIReady object| google_optimize object| gaData

31 Cookies

Domain/Path Name / Value
.s3s-main.net/ Name: wm_welcoming_v2
Value: %2Cfw_19563171%2C%3B3667825856
.phywi.org/ Name: pl
Value: a%3A1%3A%7Bi%3A0%3Bs%3A40%3A%220284%3A675d59g374c4g%3A8b31bg63ge59c26e05d52%22%3B%7D
.weborama.fr/ Name: AFFICHE_W
Value: 2ULDdoLN@JnZ51
.cloud-media.fr/ Name: l_id
Value: 39564c48f263b3f97a20af52fd48b15d
.la-meteo-mail.fr/ Name: pstuid
Value: ec60bf57-de2d-4b19-9780-b2dd3bdd95a1
www.regenere8.com/ Name: blv
Value: BL-KsA68-PY4kLTKNAY-Z6MW0
www.regenere8.com/ Name: blc
Value: 1
www.regenere8.com/ Name: blpc
Value: powerspace
www.regenere8.com/ Name: bl_dT1
Value: FRstandard
www.regenere8.com/ Name: bl_dT2
Value: default
www.regenere8.com/ Name: bld
Value: CJ-JtA9X-VV0bMX1B0Z-SZnZO
www.regenere8.com/ Name: cid_bltrk
Value: 9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
www.regenere8.com/ Name: powerspace_tracking
Value: 9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
www.regenere8.com/ Name: entry_prefix
Value: part%3Dpowerspace%26data1%3DFRstandard%26utm_campaign%3DRegenerPowerspaceFRstandard%26utm_source%3Dpowerspace%26utm_medium%3Dcpc%26cid%3D9017ae1a-e2b4-407b-939b-eb7dbcebcf3d
www.regenere8.com/ Name: entry_domain
Value: www.regenere8.com
.regenere8.com/ Name: _gcl_au
Value: 1.1.988231206.1650662130
www.regenere8.com/ Name: actual_page
Value: undefined
www.regenere8.com/ Name: previous_page
Value:
www.regenere8.com/ Name: test
Value: 0
.www.regenere8.com/ Name: rtkclickid-store
Value: 62631af23eb8670001dffcc8
.regenere8.com/ Name: _ga_YCTQFXTTF6
Value: GS1.1.1650662130.1.0.1650662130.60
.regenere8.com/ Name: _ga
Value: GA1.2.2090214115.1650662131
.regenere8.com/ Name: _gid
Value: GA1.2.352141064.1650662131
.regenere8.com/ Name: _dc_gtm_UA-183901988-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.regenere8.com/ Name: _hjSessionUser_2735377
Value: eyJpZCI6IjYwZTM0NDQ5LWJjMjgtNTQ4ZC1hZmYxLTkzY2U4NTk4YWRjZSIsImNyZWF0ZWQiOjE2NTA2NjIxMzA2MTYsImV4aXN0aW5nIjpmYWxzZX0=
.regenere8.com/ Name: _hjFirstSeen
Value: 1
www.regenere8.com/ Name: _hjIncludedInSessionSample
Value: 0
.regenere8.com/ Name: _hjSession_2735377
Value: eyJpZCI6IjNkMDViMzJlLTFmOGYtNDZkNy05MGRhLTczNDJjNTY5NDlmMyIsImNyZWF0ZWQiOjE2NTA2NjIxMzA2MzIsImluU2FtcGxlIjpmYWxzZX0=
.regenere8.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.regenere8.com/ Name: _fbp
Value: fb.1.1650662130704.2020753064

1 Console Messages

Source Level URL
Text
network error URL: https://go.obfity.net/view
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
er.cloud-media.fr
fonts.googleapis.com
fonts.gstatic.com
go.obfity.net
googleads.g.doubleclick.net
pws.la-meteo-mail.fr
r.phywi.org
redirect.frontend.weborama.fr
s2s.nutrisolution.fr
s3s-main.net
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
wtm.la-meteo-mail.fr
www.bluesteel.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.regenere8.com
108.138.17.88
142.250.185.98
18.66.139.28
185.34.32.128
185.34.32.130
2001:41d0:203:9304::
2001:4de0:ac18::1:a:2b
2600:1901:0:37f::a:1
2606:4700:3034::ac43:9272
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.190.16.14
52.222.236.122
63.34.227.194
85.17.54.17
91.190.170.12
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ba512b874be580a6e253844aa423a26df1f0bdf8e99fb00ad6ea13eac5dac7
1b275c50d1d98b37f05cc74f9d81815139902e53a9055b3761f6b3a0b98e2751
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3df261af2d5a01cf6746d413eac5843328e00a6dafb5a922b81899f8a9f2b562
3e5c6bc4ffab491210b3183ddedf7ac83cc29ff724ccec4de2c60ae4dd0181f6
44d1df995ac74bcd905739cf954eb316330e5583c0828544b85a33033d8a3896
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
555de8abe33e9871a213f6dd80284bd18688a1e3b7f5aa6c8bb8a6aa13dd54b6
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6ef593a46c9378e8c916de3716c94decb553f1f7ea5d75e1370fe31e782c0a0c
6ffb4029120353a7a4668f34191dda6737df5f6a23244b73d7bfd21c8aa19028
797ee5b057d84bb5c7db215b7dc903c02f4e539120b3f7bd87d21bee0acaf400
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aa61f18983685de4980a700f1204713593ed622e31fd5dc534eb3f795d7f6e7
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
c53e330a44eeda6a2d85f636f7b86483270d12b2181dc294f693345a75cb1b52
c64a00116508e902e97094a1e3a6f81d461cae478982edc06460f5c728378301
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db2986664cc367652ae37f2ded60f4fa86248121e9be929db1f2cd34089801d4
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e0fcee6ac31454aa54b3b34ae4d67ee047448466deb205f29fad0324e9548877
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e626f7480ff5b49d5d65ccb092b82e780e6c5df8c58f0cad4dd6145ac7e4fef5
e90c58e3d13d2ffb0f1e7eae6fd1a646cd8b63dad29b5e28e00855277c3cba12
ec616f701447d70f390976ce7205faa4f1acda3c9d2dc3ea8a746c55a6fd0ca1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f375ca68fe0550974a2ad7d1ee3b009a72b0b0a0e75ebd25a8e56f90217e2541
f3a1888363a17ddbdbe2a6265f149b91a0dc6912bd2fd1893fdbcb75d96ce357
f863090ab67a710bd717de480bee57b7ce9fc7f310d0c597743e35123e6556a2