www.revelations-articulations.com Open in urlscan Pro
52.222.236.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.prod1.emailing.notretemps.com/r/?id=h8c562508,61bfe553,8008cdc7&p1=bf394d10f88ba25d166a795f5a9d05d6
Effective URL:
https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salesco...
Submission: On January 22 via api (January 22nd 2024, 5:46:39 am UTC) from BE — Scanned from DE

Summary HTTP 105 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 29 domains to perform 105 HTTP transactions. The main IP is 52.222.236.99, located in United States and belongs to AMAZON-02, US. The main domain is www.revelations-articulations.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 9th 2024. Valid for: a year.

This is the only time www.revelations-articulations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.78.158.16 54.78.158.16	16509 (AMAZON-02) (AMAZON-02)
1 1	34.22.248.172 34.22.248.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.66.112.53 18.66.112.53	16509 (AMAZON-02) (AMAZON-02)
2	52.222.236.99 52.222.236.99	16509 (AMAZON-02) (AMAZON-02)
5	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.50 13.32.27.50	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2.18.97.54 2.18.97.54	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:480... 2a02:26f0:480:595::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	143.204.215.28 143.204.215.28	16509 (AMAZON-02) (AMAZON-02)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
4	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
6	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
2	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
105	35

1 54.78.158.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-158-16.eu-west-1.compute.amazonaws.com

t.prod1.emailing.notretemps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.22.248.172 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.248.22.34.bc.googleusercontent.com

a.pwspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.53 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-53.fra56.r.cloudfront.net

go.serenalpes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-99.fra56.r.cloudfront.net

www.revelations-articulations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-50.fra56.r.cloudfront.net

cdn.info-contenu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.97.54 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-54.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:595::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-28.fra53.r.cloudfront.net

profil.serenalpes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

innoviasante.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3581 i.vimeocdn.com — Cisco Umbrella Rank: 3376 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3504	327 KB
9	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2947 tr.outbrain.com — Cisco Umbrella Rank: 2812 wave.outbrain.com — Cisco Umbrella Rank: 2909	11 KB
7	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	274 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	340 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 c.clarity.ms — Cisco Umbrella Rank: 1351 q.clarity.ms — Cisco Umbrella Rank: 7008	28 KB
6	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 40531	3 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	104 KB
5	mgid.com a.mgid.com — Cisco Umbrella Rank: 12954	11 KB
5	center.io js.center.io — Cisco Umbrella Rank: 47100	20 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	882 B
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 trc.taboola.com — Cisco Umbrella Rank: 646 trc-events.taboola.com — Cisco Umbrella Rank: 2085	23 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	16 KB
4	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 46777	121 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	669 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	2 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	59 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1876 vimeo.com — Cisco Umbrella Rank: 1792	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	264 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	lpages.co innoviasante.lpages.co	47 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	revelations-articulations.com www.revelations-articulations.com	246 KB
2	serenalpes.com 1 redirects go.serenalpes.com profil.serenalpes.com	2 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 57769	15 KB
1	info-contenu.io cdn.info-contenu.io	2 KB
1	pwspace.com 1 redirects a.pwspace.com — Cisco Umbrella Rank: 295817	471 B
1	notretemps.com 1 redirects t.prod1.emailing.notretemps.com	462 B
105	29

	Domain	Requested by
7	connect.facebook.net	www.revelations-articulations.com connect.facebook.net
6	www.facebook.com	www.revelations-articulations.com
6	api.leadpages.io	js.center.io embed.lpcontent.net
5	tr.outbrain.com	amplify.outbrain.com
5	a.mgid.com	www.googletagmanager.com www.revelations-articulations.com
5	js.center.io	www.revelations-articulations.com js.center.io innoviasante.lpages.co
4	i.vimeocdn.com	player.vimeo.com www.revelations-articulations.com f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
4	static.leadpages.net	www.revelations-articulations.com static.leadpages.net innoviasante.lpages.co
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	ct.pinterest.com	s.pinimg.com www.revelations-articulations.com
3	wave.outbrain.com	amplify.outbrain.com
3	www.google.de	www.revelations-articulations.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.revelations-articulations.com
3	fonts.gstatic.com	fonts.googleapis.com
3	lh3.googleusercontent.com	www.revelations-articulations.com
3	www.googletagmanager.com	www.revelations-articulations.com www.googletagmanager.com
3	fonts.googleapis.com	www.revelations-articulations.com innoviasante.lpages.co
2	trc-events.taboola.com	cdn.taboola.com
2	q.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.com	www.revelations-articulations.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	innoviasante.lpages.co	embed.lpcontent.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.vimeo.com	www.revelations-articulations.com
2	www.revelations-articulations.com	www.revelations-articulations.com
1	c.bing.com	1 redirects
1	vimeo.com	f.vimeocdn.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	trc.taboola.com	cdn.taboola.com
1	profil.serenalpes.com	www.revelations-articulations.com
1	cdn.taboola.com	www.revelations-articulations.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	embed.lpcontent.net	www.revelations-articulations.com
1	cdn.info-contenu.io	www.revelations-articulations.com
1	go.serenalpes.com	1 redirects
1	a.pwspace.com	1 redirects
1	t.prod1.emailing.notretemps.com	1 redirects
105	43

This site contains links to these domains. Also see Links.

Domain
paiement-securise.serenalpes.com
www.serenalpes.com

Subject Issuer	Validity	Valid
www.revelations-articulations.com Amazon RSA 2048 M03	`2024-01-09` - `2025-02-06`	a year	crt.sh
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.info-contenu.io Amazon RSA 2048 M01	`2023-03-22` - `2024-04-19`	a year	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-12-01` - `2024-02-29`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.serenalpes.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-15`	a year	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Frame ID: 677E46E6A60CD98F996F3F0DA2934DD1
Requests: 78 HTTP requests in this frame

Frame: https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Frame ID: 640EE9711908AADA0CD85717B9661D0C
Requests: 14 HTTP requests in this frame

Frame: https://innoviasante.lpages.co/serve-leadbox/2UT5qpmGfyt2tHTZNHzSzn/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765
Frame ID: C6CA071D2B73FCE28E27064E87C19CB6
Requests: 5 HTTP requests in this frame

Frame: https://innoviasante.lpages.co/serve-leadbox/UvTe9QfSjUE3gXwnJcWv7V/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765
Frame ID: 0980EB93B8761D01DF956ADC081CA0D6
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 6EE0D604A62942511F40C0821E607217
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 21462D82EA439B183F4735AEB08D08E8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: FE467B2F98411B994DA1038468105267
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Articulations : Les 2 erreurs à ne pas faire

Page URL History Show full URLs

https://t.prod1.emailing.notretemps.com/r/?id=h8c562508,61bfe553,8008cdc7&p1=bf394d10f88ba25d166a795f5a9d05d6 HTTP 302
https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=2 HTTP 302
https://go.serenalpes.com/l/fUc66?ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50 HTTP 302
https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

105
Requests

99 %
HTTPS

45 %
IPv6

29
Domains

43
Subdomains

35
IPs

6
Countries

1642 kB
Transfer

4667 kB
Size

35
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://paiement-securise.serenalpes.com/ARG-2023121585135765?salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50&urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765
Title: Je veux essayer ce produit (cliquez ici)

Search URL Search Domain Scan URL

URL: https://www.serenalpes.com/mentions-legales/?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.serenalpes.com/politique-de-confidentialite/?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Title: Confidentialité

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.prod1.emailing.notretemps.com/r/?id=h8c562508,61bfe553,8008cdc7&p1=bf394d10f88ba25d166a795f5a9d05d6 HTTP 302
https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=2 HTTP 302
https://go.serenalpes.com/l/fUc66?ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50 HTTP 302
https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D43239116EA343A3863783E03B038E90&RedC=c.clarity.ms&MXFR=358D966CACFC61B527058262A8FC6FE5 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D43239116EA343A3863783E03B038E90&MUID=0285C1D7C631696D2F66D5D9C7E3689F

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request vd-arg-vdt-2023-obn Show response
www.revelations-articulations.com/
Redirect Chain

https://t.prod1.emailing.notretemps.com/r/?id=h8c562508,61bfe553,8008cdc7&p1=bf394d10f88ba25d166a795f5a9d05d6
https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=2
https://go.serenalpes.com/l/fUc66?ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569Q...

121 KB
23 KB

286ms
23ms

Document
text/html

52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9322c395eecd1f8349069ee6210d2dd1e54da2df8e038ec65c88fbbfef4b784

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2214242
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Wed, 27 Dec 2023 14:42:32 GMT
etag: W/"bc7cd38f513d0ef2059f37629e3a5ce1"
last-modified: Thu, 12 Oct 2023 08:05:29 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-id: S-QT7jbs2nWJDfO5QFF_fuVHUJvWL07iI4Yrnvo5cMkuHT6jznTouA==
x-amz-cf-pop: FRA56-P4
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: E0fV9t_4Orn4EgdpdHyYHOfUzI.rMudk
x-cache: Hit from cloudfront

Redirect headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1025
content-type: text/plain
date: Mon, 22 Jan 2024 05:46:34 GMT
etag: "b8f54c6a77d9cb10a88d57b712ec3f14"
last-modified: Mon, 18 Dec 2023 14:35:02 GMT
location: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
server: AmazonS3
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-id: pCFUe7LBOOI_YMUANJL0LQWE-UzOJAxfTZZ-qkNrQFd1pGTy4d_TQA==
x-amz-cf-pop: FRA56-P5
x-amz-meta-config: %7B%22type%22:%22AB_LINK%22,%22slug%22:%22fUc66%22,%22partnerId%22:10,%22domainOrigin%22:%22go.serenalpes.com%22,%22full_url_slug%22:%22https://go.serenalpes.com/l/fUc66%22,%22slug_version%22:2,%22test_name%22:%22BDC%20ARG%20PWS%20controle%20vs%20Pro%20BCL%22,%22description%22:%22Version%20A%20:%20controle%20/%20version%20B%20:%20pro-bcl%22,%22created_at%22:%222023-12-18T14:05:19.855Z%22,%22updated_at%22:%222023-12-18T14:35:00.959Z%22,%22valid_start_datetime%22:%222023-12-18T14:35:00.959Z%22,%22valid_end_datetime%22:%222123-12-18T14:35:00.959Z%22,%22config%22:%7B%22versions%22:%5B%7B%22code%22:%22A%22,%22link%22:%22https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-202352295845928&salescode=E_202312_VD_ARGBCL_01_NA_PWS_D&ci=2569QZX&e=453a82915967093&qci=%7BclickId%7D%22,%22thresholdStart%22:0,%22thresholdEnd%22:50%7D,%7B%22code%22:%22B%22,%22link%22:%22https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci=%7BclickId%7D%22,%22thresholdStart%22:51,%22thresholdEnd%22:100%7D%5D%7D%7D
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: h2iQoySdwX8ejVPt4mq40O_R7DjzbQ1j
x-cache: Miss from cloudfront

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 128ms
23ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:21:48 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1697085
etag: "nt2STQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: b00004e7914e822f5bfe75d2a0ec3d19
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Wed, 01 Jan 2025 14:21:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Fjalla+One:300,400,500,700

Requested by

Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bb5cc3487d743810a11935b5f4fb7171551f37210e2e7b7386674ebe156034f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:46:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 05:46:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 82ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162156209-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53a9b39e2f03b82e1827b280c49f0cd467c1d034e5d22f2d745884afe18e3a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68454
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jan 2024 05:46:33 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 106ms
32ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 01:13:54 GMT
Date: Mon, 22 Jan 2024 05:46:33 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish
Age: 158
X-Cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11228
X-Served-By: cache-fra-eddf8230045-FRA
x-player-backend: g
Server: cloudflare
X-Timer: S1705902394.542837,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-bapp-server
Accept-Ranges: bytes
CF-RAY: 84957f479a3a2bba-FRA
X-Cache-Hits: 44

GET
H2 200 0_original.png
www.revelations-articulations.com/vd-arg-vdt-2023-obn_assets/img/ 223 KB
223 KB 26ms
26ms Image
image/png 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn_assets/img/0_original.png
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 193e3fd9bf66cf1071a25b304a450e39f98dedd47e96af1d4e6642b794924f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 14:42:32 GMT
x-amz-version-id: v6tJ7RuvgPWw3Lx7SvctfZ1.kiu5mv2L
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 2214242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 228161
last-modified: Thu, 12 Oct 2023 08:05:29 GMT
server: AmazonS3
etag: "3fa2d1cae71f3ced3d7c6eec1a6c4817"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: tv3dm_SMDXyfKV18KmHav9TDxTpyMST14lxOhEuZoHoHEFoVuarhRw==

GET
H2 200 preserveParamsV2.js Show response
cdn.info-contenu.io/assets/ 5 KB
2 KB 118ms
24ms Script
application/javascript 13.32.27.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.info-contenu.io/assets/preserveParamsV2.js
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-50.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b21ef5f944698b476cebea28d628ad623311c3f4b32a26a8b5a332bbf9aade0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:19:35 GMT
content-encoding: gzip
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 09:40:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1146419
etag: W/"81f93250e11c2400dc122f8190b00bd3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KrHPQWb4TqDk3O27fqAVZHGHxsqb43_JvSiMkm-BC9uOzczFToolbw==

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 200ms
23ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:42:17 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 256
etag: "MP3rjQ"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 7336c21692140a60e05b1d8a6a5616f8
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Mon, 22 Jan 2024 05:47:17 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 205ms
30ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:44:02 GMT
content-encoding: gzip
server: Google Frontend
age: 151
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 2c30f79d0c383919c5e31394d66eafc4
cache-control: public, max-age=300
content-length: 5417
expires: Mon, 22 Jan 2024 05:49:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
103 KB 103ms
68ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4339ddfa924a84db3539d2dc1648e0287f49289d6d852acd67c6980346e00ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105249
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jan 2024 05:46:33 GMT

GET
H/1.1 200
OK 839694121 Show response
player.vimeo.com/video/ Frame 640E 19 KB
9 KB 304ms
304ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

028cec65df2b56e458e0c54478e56456a7ef58930259a3cdbab397b321f3ad26

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.revelations-articulations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84957f47fb002bba-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 05:46:33 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230079-FRA
X-Timer: S1705902394.608993,VS0,VE268
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-56984f7f47-q2rdq
x-content-type-options: nosniff
x-host: player-backend-56984f7f47-q2rdq
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 200 FZzm-cPtyjIwp9NYN3u7feEwqhREfbMuN8Xh9BTxvMCAW2dcTe0R9rdSCOhKX1abD4463y65HXyEMuwS5RzM4tNKAaTH9ADe_Q=s16
lh3.googleusercontent.com/ 517 B
814 B 79ms
31ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/FZzm-cPtyjIwp9NYN3u7feEwqhREfbMuN8Xh9BTxvMCAW2dcTe0R9rdSCOhKX1abD4463y65HXyEMuwS5RzM4tNKAaTH9ADe_Q=s16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ebd810f4e65f3fbf68e5c6d53a56aa6c911e8899d3ebe8d131b0c7c7416a18c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 Jan 2024 05:46:33 GMT

GET
H2 200 FZzm-cPtyjIwp9NYN3u7feEwqhREfbMuN8Xh9BTxvMCAW2dcTe0R9rdSCOhKX1abD4463y65HXyEMuwS5RzM4tNKAaTH9ADe_Q=w16
lh3.googleusercontent.com/ 496 B
559 B 79ms
32ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/FZzm-cPtyjIwp9NYN3u7feEwqhREfbMuN8Xh9BTxvMCAW2dcTe0R9rdSCOhKX1abD4463y65HXyEMuwS5RzM4tNKAaTH9ADe_Q=w16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d62d58137392aec32ab3d03e6db9f329d8eee06676d794b524345ea78f2a806e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 Jan 2024 05:46:33 GMT

GET
H2 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 44 KB
44 KB 95ms
45ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Fjalla+One:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.revelations-articulations.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:38:31 GMT
x-content-type-options: nosniff
age: 414482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44584
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 10:38:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 76ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Fjalla+One:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.revelations-articulations.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 401305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H3 200 fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 78 KB
78 KB 65ms
22ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://www.revelations-articulations.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 20:39:29 GMT
via: 1.1 google
server: Google Frontend
age: 1242424
etag: "nt2STQ"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: f833914697c78134ea0ec61beb482c34
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80148
expires: Mon, 06 Jan 2025 20:39:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Fjalla+One:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.revelations-articulations.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 444760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H2 200 FZzm-cPtyjIwp9NYN3u7feEwqhREfbMuN8Xh9BTxvMCAW2dcTe0R9rdSCOhKX1abD4463y65HXyEMuwS5RzM4tNKAaTH9ADe_Q=w1600
lh3.googleusercontent.com/ 58 KB
58 KB 62ms
33ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/FZzm-cPtyjIwp9NYN3u7feEwqhREfbMuN8Xh9BTxvMCAW2dcTe0R9rdSCOhKX1abD4463y65HXyEMuwS5RzM4tNKAaTH9ADe_Q=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c35b1ea8a4bd3ac0d9a2b7ea4745eb228a3c2e41c1a8efaf73e604b980865de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59105
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 Jan 2024 05:46:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162156209-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 03:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jan 2024 05:48:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
94 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8GT9ERX7F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43fd6e05013726b8d6b4c5708a4ec0e4db80131239a508d051f4762026b90ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 05:46:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57023
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: YyUFWrbCrONAxkYRQ20/+RhGrsXQDozq7lkc1Owkg9SjQ9FWAGBHqw+dd9l8rxeeltJZXF1mXYt0BviAIpOUbQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 26 KB
8 KB 95ms
28ms Script
application/x-javascript 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 13:05:28 GMT
Server: AkamaiNetStorage
ETag: "928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7779
Expires: Mon, 22 Jan 2024 06:06:33 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 175ms
118ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1705902393741&source=gtm

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 212b591a-d46e-46d5-86cc-98e80a0573a0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84957f494be13a8a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 106ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 Jan 2024 05:46:33 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28A63FB039F142369721CB6F54B55D54 Ref B: FRAEDGE1306 Ref C: 2024-01-22T05:46:33Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 95ms
24ms Script
application/javascript 2a02:26f0:480:595::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:595::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1836

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10829538367/ 3 KB
2 KB 101ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10829538367/?random=1705902393743&cv=11&fst=1705902393743&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830978393&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&hn=www.googleadservices.com&frm=0&tiba=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&auid=532771945.1705902394&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTHWV8M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7811820eb154a9815fe4cfb4cb904f82545e3f0e51bf2713c39b9078168908b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1453
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 173ms
121ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1705902393746

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: ba851a95-305f-4c35-9bcf-b08d7ec6129b
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84957f494bde3a8a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1369808/ 66 KB
20 KB 75ms
20ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1369808/tfa.js
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73aa70142cdc2441638cb27e10529b089c9c56eabe256663cfefd41bf4c95eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 3jDmTnYdwXxPG.pJaGxGqf4HoOdVIjnL
content-encoding: gzip
via: 1.1 varnish
date: Mon, 22 Jan 2024 05:46:33 GMT
x-amz-request-id: RRS73WF3QFSCM2BZ
age: 108
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 20423
x-amz-id-2: 0nXMJvttWHgvtTRIqG/u7XzjEOi6V167YRjsucqrw9zesBd9ZngajhjBtlddMMOiGyxrouN+CtA=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Sun, 21 Jan 2024 11:18:23 GMT
server: AmazonS3
x-timer: S1705902394.849172,VS0,VE1
etag: "398de926be31a9828b1b58a959912fd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 82
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 salescode.gif
profil.serenalpes.com/ 0
446 B 156ms
62ms Image
image/gif 143.204.215.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profil.serenalpes.com/salescode.gif?salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&gtmcb=2038146176
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-28.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-trace-id: Root=1-65ae0139-7ef41c4977c76a9a34ce155e;Sampled=0;lineage=911fbb0c:0
x-amzn-requestid: 049794c1-3262-4728-b492-861f12f56b27
x-cache: Miss from cloudfront
content-type: image/gif
x-amz-apigw-id: R7UhGGO3DoEEQfQ=
content-length: 0
x-amz-cf-id: lAx5V3Ez4NCTip4_tVju6khkDtwJghll0WUFFhez0_VPOuemZoL8lQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
219 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=770727193&t=pageview&_s=1&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&ul=en-us&de=UTF-8&dt=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1154940703&gjid=2067554083&cid=1307527647.1705902394&tid=UA-162156209-1&_gid=1820428338.1705902394&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1763594124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.revelations-articulations.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.revelations-articulations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
innoviasante.lpages.co/serve-leadbox/2UT5qpmGfyt2tHTZNHzSzn/ Frame C6CA 87 KB
18 KB 577ms
262ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://innoviasante.lpages.co/serve-leadbox/2UT5qpmGfyt2tHTZNHzSzn/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

68e3001eee71add7b97289841faa37b58d3d8d3dd1aed3dc521d15649523e2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.revelations-articulations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Mon, 22 Jan 2024 05:46:34 GMT
etag: W/"bdaf56d4593139f22f41d865a6fc3319"
last-modified: Thu, 12 Oct 2023 08:04:16 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 / Show response
innoviasante.lpages.co/serve-leadbox/UvTe9QfSjUE3gXwnJcWv7V/ Frame 0980 128 KB
29 KB 701ms
387ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://innoviasante.lpages.co/serve-leadbox/UvTe9QfSjUE3gXwnJcWv7V/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

31dd4d7d45cf891def34501b7b6cbd02c832d8a618e46b796fd150b8b3ecf2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.revelations-articulations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Mon, 22 Jan 2024 05:46:34 GMT
etag: W/"6bd6544efd7350470d12675d6592ce33"
last-modified: Thu, 12 Oct 2023 08:04:16 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
266 B 83ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8GT9ERX7F&gtm=45je41h0v884531467z8830978393&_p=1705902393586&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1307527647.1705902394&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705902393&sct=1&seg=0&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&dt=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&en=page_view&_fv=1&_ss=1&tfd=1333
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8GT9ERX7F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.revelations-articulations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 87ms
29ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8GT9ERX7F&cid=1307527647.1705902394&gtm=45je41h0v884531467z8830978393&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8GT9ERX7F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.revelations-articulations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 84ms
34ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8GT9ERX7F&cid=1307527647.1705902394&gtm=45je41h0v884531467z8830978393&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=504046771

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
361 B 80ms
29ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-162156209-1&cid=1307527647.1705902394&jid=1154940703&gjid=2067554083&_gid=1820428338.1705902394&_u=YEBAAUAAAAAAACAAI~&z=1782821546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.revelations-articulations.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.revelations-articulations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 6EE0 4 KB
2 KB 30ms
29ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://www.revelations-articulations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Mon, 22 Jan 2024 05:46:08 GMT
etag: "OMWYXg"
expires: Mon, 22 Jan 2024 05:51:08 GMT
server: Google Frontend
x-cloud-trace-context: fbab125e9b5d62f8ea1c756c09de7fc5

GET
H2 200 main.43c0095c.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 22ms
22ms Script
application/javascript 2a02:26f0:480:595::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:595::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19076

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 414ms
102ms Ping
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=04582801439001334&referrer=&cht=gtm&marketerId=0003088723cf2e304d9aeb88b15f05f7d7%2C002064bfa5a941ab058f02ba99c93e6060%2C006e3ffb6d5d5ed0f9890ba7ed000382ea&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: cd0c8da53db75037274b18f12dcf176a
Content-Length: 54
Content-Type: image/gif;

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 411ms
101ms Ping
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=022538754386740334&referrer=&marketerId=0003088723cf2e304d9aeb88b15f05f7d7%2C002064bfa5a941ab058f02ba99c93e6060%2C006e3ffb6d5d5ed0f9890ba7ed000382ea&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: d492bdb0768b7bdecef33c4fed7ba52c
Content-Length: 54
Content-Type: image/gif;

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 417ms
102ms Ping
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08971491648272856&referrer=&marketerId=0003088723cf2e304d9aeb88b15f05f7d7%2C002064bfa5a941ab058f02ba99c93e6060%2C006e3ffb6d5d5ed0f9890ba7ed000382ea&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 024b550defa0536b7502a626453b8fff
Content-Length: 54
Content-Type: image/gif;

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 359ms
104ms Ping
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0081284616531899&referrer=&marketerId=0003088723cf2e304d9aeb88b15f05f7d7%2C002064bfa5a941ab058f02ba99c93e6060%2C006e3ffb6d5d5ed0f9890ba7ed000382ea&name=Content%20view%20ARG&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 1960c2323ea21c70dd4662c96f9a3476
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 402ms
103ms Script
application/javascript 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0003088723cf2e304d9aeb88b15f05f7d7,002064bfa5a941ab058f02ba99c93e6060,006e3ffb6d5d5ed0f9890ba7ed000382ea
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: br
X-TraceId: 484de7a8e74cd20e97a97ca803e2ff1b
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 0003088723cf2e304d9aeb88b15f05f7d7 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 150ms
65ms Script
text/html 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/0003088723cf2e304d9aeb88b15f05f7d7
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Content-Encoding: gzip
ob-sent-time: 1705826519048
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: df2d7ad5158130f21746d2f452710c5e
Content-Length: 22
Expires: Mon, 22 Jan 2024 05:47:34 GMT

GET
H/1.1 200
OK 002064bfa5a941ab058f02ba99c93e6060 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 104ms
25ms Script
text/html 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/002064bfa5a941ab058f02ba99c93e6060
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Content-Encoding: gzip
ob-sent-time: 1705827712893
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 86667953cb9abf111069f05aed196ee7
Content-Length: 22
Expires: Mon, 22 Jan 2024 05:47:34 GMT

GET
H/1.1 200
OK 006e3ffb6d5d5ed0f9890ba7ed000382ea Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 100ms
24ms Script
text/html 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/006e3ffb6d5d5ed0f9890ba7ed000382ea
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Content-Encoding: gzip
ob-sent-time: 1705852080445
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 3c2581aae47becefc5ac7bf01b4a2a0d
Content-Length: 22
Expires: Mon, 22 Jan 2024 05:47:34 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10829538367/ 42 B
455 B 85ms
34ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10829538367/?random=1705902393743&cv=11&fst=1705899600000&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830978393&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&frm=0&tiba=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_XB8j1Z-iclCZdT-zpafHfeX5b3c6rA&random=1011717668&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10829538367/ 42 B
154 B 35ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10829538367/?random=1705902393743&cv=11&fst=1705899600000&bg=ffffff&guid=ON&async=1&gtm=45He41h0v830978393&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&frm=0&tiba=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_XB8j1Z-iclCZdT-zpafHfeX5b3c6rA&random=1011717668&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 277618320799548 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/277618320799548?v=2.9.141&r=stable&domain=www.revelations-articulations.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

993980ed4422d82be70d117776d63d486fbd15bd0174f78d5da0660aefa9c208

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: l0rBY2FPCDL1fSvfgsQoQd7s3K1UKRJ4ag0ZHeKTXZDihRzYNQgVNW3vVbTKFTfBx8RRQTgKgGXXQr+OtHuGtA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27022720.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 46ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27022720.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e2e9253f380f2367ceb6ca2bd3090bcff80b1ae2a832f9a34b793edc6bb4d0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 22 Jan 2024 05:46:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 898231105A884F56A0DB25F2D93EC143 Ref B: FRAEDGE1306 Ref C: 2024-01-22T05:46:33Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 63ms
62ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27022720&tm=gtm002&Ver=2&mid=b434835c-f900-436f-af4e-18ba87a05eb8&sid=99961550b8e911ee877ecdf487842232&vid=99961640b8e911ee933999d30061175d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&p=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&r=&lt=1111&evt=pageLoad&sv=1&rn=666609

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 05:46:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 111AF32BDEC54CE384194537730A7194 Ref B: FRAEDGE1306 Ref C: 2024-01-22T05:46:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1369808/trc/3/ 3 KB
2 KB 43ms
35ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1369808/trc/3/json?tim=1705902393897&data=%7B%22id%22%3A419%2C%22ii%22%3A%22%2Fvd-arg-vdt-2023-obn%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1705902393873%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dinnoviasantfr-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1705902393896%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50%22%2C%22tos%22%3A21%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1369808/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f596dda7a8c3bf6f03c1c7a2a53f2888cf056ede511b2bd83261483e9545313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.1459375
x-fastly-to-nlb-rtt: 7451
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1705902394.942066,VS0,VE16
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.27.1/js/ Frame 640E 550 KB
133 KB 80ms
20ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.1/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e7ec42a88a8d272994204eac184e499af1bd1153362680feca7a3972d1620238

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000136-IAD, cache-fra-eddf8230074-FRA
date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 276147
x-timer: S1705902394.975467,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135777
x-cache-hits: 1, 58266

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.27.1/js/ Frame 640E 413 KB
99 KB 79ms
20ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.1/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 924f3744875def6fab39e41af1440a640d2231e66e92d7176a7d081984fd88da

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000169-IAD, cache-fra-eddf8230074-FRA
date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 299229
x-timer: S1705902394.975453,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101491
x-cache-hits: 5, 93718

GET
H2 200 player.css
f.vimeocdn.com/p/4.27.1/css/ Frame 640E 208 KB
22 KB 80ms
20ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.1/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8b0b2093ac1eb117447f7a4226d7fef12543d6d4bd523022f14c0e1f9053a026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-eddf8230032-FRA
date: Mon, 22 Jan 2024 05:46:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 299229
x-timer: S1705902394.975600,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21982
x-cache-hits: 5, 99593

GET
H2 200 1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d
i.vimeocdn.com/video/ Frame 640E 2 KB
2 KB 74ms
22ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4372a246bbc46de59c254cb8f84ba5c192db905414ab3a484f8d24139c9799e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:33 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1381604
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 2013
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120117-DFW, cache-fra-eddf8230100-FRA
x-timer: S1705902394.973748,VS0,VE1
etag: "ebd667591e68bfb31690bd8bed87e924"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 199, 1

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
694 B 414ms
136ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=3nJ39Ew3dQvtm9P52q9EjY&v=&e=&st=&lc=en-US&pid=5iFZfu3JaCXHBkSBytmpGH-default-prop&uid=RLYtNzHzeMB6EGAnEusSez&sid=UMjisZE65mEJcnSaeh7Zxj&cid=lp-3nJ39Ew3dQvtm9P52q9EjY&uri=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://www.revelations-articulations.com
X-Forwarded-For: 84.19.175.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00selok7rtmj7d4g4l6g

GET
H2 200 / Show response
ct.pinterest.com/user/ 300 B
418 B 97ms
48ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613966238857&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1705902393919&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fc3e54102f9718e4ac70fc9b3496a357d9b3ff38c3fd3545f0fdc12d2f0a8b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1704396584374464
content-length: 174
pin-unauth: dWlkPVpEUmpaVGxsWW1FdE5EaGtZeTAwWVRRMUxUZzVZamN0TTJKa09XUTJOelF3WXpVMA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.revelations-articulations.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
398 B 71ms
47ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613966238857&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705902393922
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:34 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1164092799335458
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27022720 Show response
www.clarity.ms/tag/uet/ 878 B
1 KB 742ms
220ms Script
application/x-javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/27022720
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/27022720.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0aa04a7c9a763a00ec39ab38ad56d3171ea323e99d4c2eb44816a2b465a3ace4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
date: Mon, 22 Jan 2024 05:46:34 GMT
x-azure-ref: 20240122T054634Z-anckhhwvy54152kksfeccrecfc00000003z000000000kh1v
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 878
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-162156209-1&cid=1307527647.1705902394&jid=1154940703&_u=YEBAAUAAAAAAACAAI~&z=62307622

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-162156209-1&cid=1307527647.1705902394&jid=1154940703&_u=YEBAAUAAAAAAACAAI~&z=62307622

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 683509802314889 Show response
connect.facebook.net/signals/config/ 143 KB
37 KB 102ms
102ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/683509802314889?v=2.9.141&r=stable&domain=www.revelations-articulations.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b036d9c8318a36aafe6cb4d5a0d01159644af6f7aa889302f99696de6f70a2f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2fT2gCNs6Dm0UK53AUjG9033IlNITkuWU+c1ONSUe3RzTKKvjnwNCMJZ9q/m0Y470zbG58Q81kw2rEWEESmoYw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
96 B 129ms
128ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=574412&type=c&tg=&r=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&nv=1&clid=&d=1705902394033

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 84957f4accbb3a8a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
130 B 117ms
116ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 84957f4accc23a8a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
96 B 117ms
117ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 84957f4aecd33a8a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 640E 2 KB
1 KB 20ms
19ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/839694121?badge=0&autopause=0&quality_selector=1&progress_bar=1&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230032-FRA
date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 90007
x-timer: S1705902394.080613,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 8, 25666

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 640E 4 KB
2 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.1/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 05:46:34 GMT

GET
H2 200 1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d
i.vimeocdn.com/video/ Frame 640E 33 KB
34 KB 22ms
22ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d?mw=1000&mh=563
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f309d4b1e54f8c0ce27a7a893126a06aef9745a33def3e8b8c85a7795af8997f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1676998
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 34184
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120020-DFW, cache-fra-eddf8230100-FRA
x-timer: S1705902394.104846,VS0,VE2
etag: "5f3bacf4ebf32eb86ae06a2748f0ec58"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 156, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 640E 0
142 B 186ms
120ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=79e1f76aee18d54728916c7abc45b229522cca631705902393
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.1/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 22 Jan 2024 05:46:34 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 902921060462472 Show response
connect.facebook.net/signals/config/ 144 KB
37 KB 94ms
94ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/902921060462472?v=2.9.141&r=stable&domain=www.revelations-articulations.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09ec8e3c1647e21b8905abeb8b4009402342d08593e2d72b06955413a2618999

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: io6+wAoib04p6EDt7JQ6W+NDfdNH+tCAjjbdMzHqnFClEdFMJynGPfPGmMwDQ2e27pgGuqd98lMfrcZ4Rze1OA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 640E 0
925 B 215ms
154ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=79e1f76aee18d54728916c7abc45b229522cca631705902393

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 17:46:34 GMT
Date: Mon, 22 Jan 2024 05:46:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000146-IAD, cache-fra-eddf8230072-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1705902394.211923,VS0,VE119
x-backend-proxy: webproxy1
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-6c9d99dc54-h4nhx
Accept-Ranges: bytes
CF-RAY: 84957f4bb98c2c02-FRA
X-Cache-Hits: 0, 0

GET
H2 200 1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d
i.vimeocdn.com/video/ Frame 640E 33 KB
33 KB 21ms
21ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d?mw=1000&mh=563
Requested by: Host: www.revelations-articulations.com
URL: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f309d4b1e54f8c0ce27a7a893126a06aef9745a33def3e8b8c85a7795af8997f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1676998
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 34184
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120020-DFW, cache-fra-eddf8230100-FRA
x-timer: S1705902394.150593,VS0,VE0
etag: "5f3bacf4ebf32eb86ae06a2748f0ec58"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 156, 2

GET
H2 200 1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d
i.vimeocdn.com/video/ Frame 640E 2 KB
2 KB 21ms
20ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1737217383-5f340edf9cbb253977f7084694730a5e45a4390e71e461f663f580b3b355c82a-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.1/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4372a246bbc46de59c254cb8f84ba5c192db905414ab3a484f8d24139c9799e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1381604
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 2013
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120117-DFW, cache-fra-eddf8230100-FRA
x-timer: S1705902394.160608,VS0,VE0
etag: "ebd667591e68bfb31690bd8bed87e924"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 199, 2

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 640E 35 KB
12 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 22 Jan 2024 05:46:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 640E 50 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 23:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 22 Jan 2024 23:20:19 GMT

GET
H3 200 289941145995751 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 90ms
90ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/289941145995751?v=2.9.141&r=stable&domain=www.revelations-articulations.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b4d802c7d7f4224d8b9ac3ad92e995729c5be19d3c1e3e4eb3226bc08287f30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: D4/4jJJBc7Er81UMcWlV6FgmWcTb0sAVmbVqg8PuvkueqOVvT4TCC9CME6xOrmSmhNWv7TuT5nrYDbCf7v4Vjg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
456 B 387ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=bPdP8BMT6ctf3wwBfCnSW3&kind=text,text,timer&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load&value=2UT5qpmGfyt2tHTZNHzSzn,UvTe9QfSjUE3gXwnJcWv7V,337.3999996185303
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:34 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.revelations-articulations.com
X-Forwarded-For: 84.19.175.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00sfcpkqsgcdls4ceh00

GET
H3 200 4500863423275375 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 96ms
95ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4500863423275375?v=2.9.141&r=stable&domain=www.revelations-articulations.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6187e9836d781bf4bf7e6b1d1f2e8b5b8cccf0888f967907e139f9f3888530f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: gR7QrRHSyippu/s/nrm4oC2Xq8LPSFHHoD69dejKgtNUaNAKJdt3X7SDrA7f1jinwfLG0OjN8xoEaD0LRrS/2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame C6CA 58 KB
14 KB 24ms
22ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: innoviasante.lpages.co
URL: https://innoviasante.lpages.co/serve-leadbox/2UT5qpmGfyt2tHTZNHzSzn/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:21:48 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1697086
etag: "nt2STQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: b00004e7914e822f5bfe75d2a0ec3d19
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Wed, 01 Jan 2025 14:21:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6CA 8 KB
846 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: innoviasante.lpages.co
URL: https://innoviasante.lpages.co/serve-leadbox/2UT5qpmGfyt2tHTZNHzSzn/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innoviasante.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 04:23:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 05:46:34 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame C6CA 12 KB
5 KB 29ms
29ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: innoviasante.lpages.co
URL: https://innoviasante.lpages.co/serve-leadbox/2UT5qpmGfyt2tHTZNHzSzn/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innoviasante.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:45:15 GMT
content-encoding: gzip
server: Google Frontend
age: 79
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: b4fc0d70e855a629e3681303396702d3
cache-control: public, max-age=300
content-length: 5417
expires: Mon, 22 Jan 2024 05:50:15 GMT

GET
H3 200 1354017925135531 Show response
connect.facebook.net/signals/config/ 143 KB
37 KB 97ms
97ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1354017925135531?v=2.9.141&r=stable&domain=www.revelations-articulations.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

559f94813d4e9f407c246e4faa3d52406888c10c62294ec6d5fb065db880dad3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 36j/3RktYZCW4Z/QvtvmdkJWtISN8Ze/nStkl/qYLfwp558qd5aFkbt4tqgy9DnIme9LTmDfqpemI6gYpXMTrg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 2146 4 KB
2 KB 28ms
28ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://innoviasante.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 183
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Mon, 22 Jan 2024 05:43:31 GMT
etag: "OMWYXg"
expires: Mon, 22 Jan 2024 05:48:31 GMT
server: Google Frontend
x-cloud-trace-context: ca6adc2360b1d86ee0856167ec638fe0

GET
H3 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 0980 58 KB
14 KB 24ms
23ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: innoviasante.lpages.co
URL: https://innoviasante.lpages.co/serve-leadbox/UvTe9QfSjUE3gXwnJcWv7V/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:56:36 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2447398
etag: "nt2STQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 70b2aa5347141525c490a5f65c20cf04
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Mon, 23 Dec 2024 21:56:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0980 8 KB
750 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: innoviasante.lpages.co
URL: https://innoviasante.lpages.co/serve-leadbox/UvTe9QfSjUE3gXwnJcWv7V/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innoviasante.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:09:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 05:46:34 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 0980 12 KB
5 KB 29ms
28ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: innoviasante.lpages.co
URL: https://innoviasante.lpages.co/serve-leadbox/UvTe9QfSjUE3gXwnJcWv7V/?ci=2569QZX&ci=2569QZX&e=453a82915967093&e=453a82915967093&paymentInModal=3&qci=69755ce1-3271-4344-b10b-aa1032e32e50&qci=%7BclickId%7D&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&urlBdc=https%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innoviasante.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:44:09 GMT
content-encoding: gzip
server: Google Frontend
age: 145
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 40a47f2efa914f0f117879e95c38e753
cache-control: public, max-age=300
content-length: 5417
expires: Mon, 22 Jan 2024 05:49:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 62ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277618320799548&ev=PageView&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rl=&if=false&ts=1705902394545&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705902394543.202550218&ler=empty&it=1705902393866&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683509802314889&ev=PageView&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rl=&if=false&ts=1705902394547&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705902394543.202550218&ler=empty&cs_est=true&it=1705902393866&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=902921060462472&ev=PageView&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rl=&if=false&ts=1705902394549&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705902394543.202550218&ler=empty&cs_est=true&it=1705902393866&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=289941145995751&ev=PageView&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rl=&if=false&ts=1705902394549&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705902394543.202550218&ler=empty&it=1705902393866&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4500863423275375&ev=PageView&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rl=&if=false&ts=1705902394550&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705902394543.202550218&ler=empty&it=1705902393866&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 62ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1354017925135531&ev=PageView&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&rl=&if=false&ts=1705902394551&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705902394543.202550218&ler=empty&cs_est=true&it=1705902393866&coo=false&cdl=&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 05:46:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 140ms
139ms Script
application/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/27022720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:46:34 GMT
content-encoding: br
last-modified: Thu, 18 Jan 2024 15:10:56 GMT
etag: W/"0x8DC1837ABBF2420"
vary: Accept-Encoding
x-azure-ref: 20240122T054634Z-anckhhwvy54152kksfeccrecfc00000003z000000000kh26
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ad59b650-c01e-0076-2a32-4aa493000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame FE46 565 B
402 B 47ms
46ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.revelations-articulations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 05:46:34 GMT
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6059681388907927

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D43239116EA343A3863783E03B038E90&RedC=c.clarity.ms&MXFR=358D966CACFC61B527058262A8FC6FE5
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D43239116EA343A3863783E03B038E90&MUID=0285C1D7C631696D2F66D5D9C7E3689F

42 B
442 B

110ms
110ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D43239116EA343A3863783E03B038E90&MUID=0285C1D7C631696D2F66D5D9C7E3689F
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:34 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC75FDFEFE9A490C9811BA20732AC31F Ref B: FRAEDGE1306 Ref C: 2024-01-22T05:46:35Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D43239116EA343A3863783E03B038E90&MUID=0285C1D7C631696D2F66D5D9C7E3689F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
313 B 515ms
239ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.revelations-articulations.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.revelations-articulations.com
Date: Mon, 22 Jan 2024 05:46:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
456 B 130ms
129ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=bPdP8BMT6ctf3wwBfCnSW3&kind=timer,timer&label=lb_embed_leadbox_load,lb_embed_leadbox_load&value=690.7999992370605,770.3000001907349
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:35 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.revelations-articulations.com
X-Forwarded-For: 84.19.175.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00sfcpoqusuv6unaqft0

GET
H2 204 unip Show response
trc-events.taboola.com/1369808/log/3/ 0
259 B 104ms
26ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1369808/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=0&ssd=1&est=1705902393875&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1705902395453&vi=1705902393873&ri=44cc2f04cfa7f94802e03b8d2270d4f0&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1369808/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.revelations-articulations.com
pragma: no-cache
date: Mon, 22 Jan 2024 05:46:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
313 B 119ms
118ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.revelations-articulations.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.revelations-articulations.com
Date: Mon, 22 Jan 2024 05:46:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
456 B 130ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=bP5dCVWoa58EwyUMybgeTv&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=208.80000019073486,69.89999961853027,1,415.0999994277954
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:38 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://www.revelations-articulations.com
X-Forwarded-For: 84.19.175.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00selpkivforr5indvsg

GET
H2 204 unip Show response
trc-events.taboola.com/1369808/log/3/ 0
258 B 28ms
27ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1369808/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=0&ssd=1&est=1705902393875&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1705902398458&vi=1705902393873&ri=44cc2f04cfa7f94802e03b8d2270d4f0&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1369808/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.revelations-articulations.com
pragma: no-cache
date: Mon, 22 Jan 2024 05:46:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame C6CA 35 B
445 B 130ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=ASirfdcYCnArev8YJa8YEV&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=33.90000057220459,37.19999980926514,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innoviasante.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:38 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://innoviasante.lpages.co
X-Forwarded-For: 84.19.175.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00selplrtin9o7cb6hjg

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 0980 35 B
445 B 181ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Sn3pHYaEvukk2C28uRPAsW&origin=center-js&kind=counter,timer&label=ident-cache,load-center&value=1,32.29999923706055
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innoviasante.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 05:46:38 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://innoviasante.lpages.co
X-Forwarded-For: 84.19.175.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00selpmst5t3bib8msd0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8GT9ERX7F&gtm=45je41h0v884531467&_p=1705902393586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1307527647.1705902394&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705902393&sct=1&seg=0&dl=https%3A%2F%2Fwww.revelations-articulations.com%2Fvd-arg-vdt-2023-obn%3FurlBdc%3Dhttps%3A%2F%2Fpaiement-securise.serenalpes.com%2FARG-2023121585135765%26salescode%3DE_202312_VD_ARGBCL_02_NA_PWS_D%26paymentInModal%3D3%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D%7BclickId%7D%26ci%3D2569QZX%26e%3D453a82915967093%26qci%3D69755ce1-3271-4344-b10b-aa1032e32e50&dt=Articulations%20%3A%20Les%202%20erreurs%20%C3%A0%20ne%20pas%20faire&en=scroll&epn.percent_scrolled=90&_et=15&tfd=6354
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8GT9ERX7F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.revelations-articulations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 05:46:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.revelations-articulations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 17:53:08	Name: view.5iFZfu3JaCXHBkSBytmpGH-default-prop.3nJ39Ew3dQvtm9P52q9EjY Value: 1705902394000
go.serenalpes.com/l	1969-12-31 23:59:59	Name: config-fUc66 Value: 85
.notretemps.com/	1970-01-21 03:13:18	Name: AMCV_551310525D816F350A495C48%40AdobeOrg Value: MCMID%7C75615261821690183673169403839715475455
.notretemps.com/	1969-12-31 23:59:59	Name: nlid Value: 8c562508\|61bfe553
.notretemps.com/	1970-01-21 03:13:18	Name: nllastdelid Value: 61bfe553
.pwspace.com/	1970-01-21 02:37:18	Name: pstuid Value: c42c56af-908e-4e5a-aaa6-3f15fe3f8c56
.vimeo.com/	1970-01-20 17:51:44	Name: __cf_bm Value: A575KQGRzB4Hqkbm5prbTvZgZzJlb9d6xiRvFBrXuOY-1705902393-1-AQbJx8GeqOJaOLePz3EQnJkLpv3WptpooY/mKTNNbCZEC8PRXBMIoymvSm6aS4JyeOZVhE2V9BWeF4FuTlS2ufo=
.revelations-articulations.com/	1970-01-20 20:01:18	Name: _gcl_au Value: 1.1.532771945.1705902394
.revelations-articulations.com/	1970-01-20 17:53:08	Name: _gid Value: GA1.2.1820428338.1705902394
.revelations-articulations.com/	1970-01-20 17:51:42	Name: _gat_gtag_UA_162156209_1 Value: 1
.revelations-articulations.com/	1970-01-21 03:27:42	Name: _ga Value: GA1.1.1307527647.1705902394
.revelations-articulations.com/	1970-01-21 03:27:42	Name: _ga_K8GT9ERX7F Value: GS1.1.1705902393.1.0.1705902393.60.0.0
.doubleclick.net/	1970-01-20 17:51:43	Name: test_cookie Value: CheckForPermission
.revelations-articulations.com/	1970-01-20 17:53:08	Name: _uetsid Value: 99961550b8e911ee877ecdf487842232
.revelations-articulations.com/	1970-01-21 03:13:18	Name: _uetvid Value: 99961640b8e911ee933999d30061175d
js.center.io/	1970-01-21 03:27:42	Name: centerVisitorId Value: RLYtNzHzeMB6EGAnEusSez
.mgid.com/	1970-01-20 17:51:44	Name: __cf_bm Value: X_Ni.67OCPpzA7gvoPKRriET0uwSV5ZvACO526iwTjc-1705902393-1-Aaz1jSb8a4BtTPHBgnba8YoRTEYADZeyxZpARWqWaEInWyUIglR6xKVDiYOB9PiJWsvjveO1nV0DhsNkv/3KPzQ=
.revelations-articulations.com/	1970-01-20 20:01:18	Name: MgidSensorNVis Value: 1
.revelations-articulations.com/	1970-01-20 20:01:18	Name: MgidSensorHref Value: https://www.revelations-articulations.com/vd-arg-vdt-2023-obn?urlBdc=https://paiement-securise.serenalpes.com/ARG-2023121585135765&salescode=E_202312_VD_ARGBCL_02_NA_PWS_D&paymentInModal=3&ci=2569QZX&e=453a82915967093&qci={clickId}&ci=2569QZX&e=453a82915967093&qci=69755ce1-3271-4344-b10b-aa1032e32e50
.bing.com/	1970-01-21 03:13:18	Name: MUID Value: 0285C1D7C631696D2F66D5D9C7E3689F
.serenalpes.com/	1970-01-20 17:53:08	Name: salescode Value: E_202312_VD_ARGBCL_02_NA_PWS_D
.pinterest.com/	1970-01-21 02:37:18	Name: ar_debug Value: 1
.revelations-articulations.com/	1970-01-21 02:37:18	Name: _pin_unauth Value: dWlkPVpEUmpaVGxsWW1FdE5EaGtZeTAwWVRRMUxUZzVZamN0TTJKa09XUTJOelF3WXpVMA
.vimeo.com/	1970-01-21 03:27:42	Name: vuid Value: pl1672220865.438753507
www.revelations-articulations.com/	1970-01-20 17:51:42	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1705902394268%7D
.revelations-articulations.com/	1970-01-20 20:01:18	Name: _fbp Value: fb.1.1705902394543.202550218
www.clarity.ms/	1970-01-21 02:37:18	Name: CLID Value: c908e019aef0464989d7602c548898d2.20240122.20250121
.revelations-articulations.com/	1970-01-21 02:37:18	Name: _clck Value: 1u8ivcn%7C2%7Cfim%7C0%7C1482
.c.bing.com/	1970-01-20 18:01:47	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:13:18	Name: SRM_B Value: 0285C1D7C631696D2F66D5D9C7E3689F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:13:18	Name: MUID Value: 0285C1D7C631696D2F66D5D9C7E3689F
.c.clarity.ms/	1970-01-20 18:01:47	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:51:42	Name: ANONCHK Value: 0
.revelations-articulations.com/	1970-01-20 17:53:08	Name: _clsk Value: 972e7s%7C1705902395482%7C1%7C1%7Cq.clarity.ms%2Fcollect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
a.pwspace.com
amplify.outbrain.com
api.leadpages.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.info-contenu.io
cdn.taboola.com
connect.facebook.net
ct.pinterest.com
embed.lpcontent.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
go.serenalpes.com
googleads.g.doubleclick.net
i.vimeocdn.com
innoviasante.lpages.co
js.center.io
lh3.googleusercontent.com
player.vimeo.com
profil.serenalpes.com
q.clarity.ms
region1.analytics.google.com
s.pinimg.com
static.leadpages.net
stats.g.doubleclick.net
t.prod1.emailing.notretemps.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
vimeo.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.revelations-articulations.com
13.107.246.45
13.32.27.50
141.226.228.48
143.204.215.28
146.75.118.109
151.101.128.217
151.101.193.44
151.101.64.84
162.159.128.61
18.66.112.53
2.18.97.54
20.231.53.73
2001:4860:4802:32::36
2001:4860:4802:36::15
2606:4700:1::6813:814c
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9a
2a02:26f0:480:595::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.107.203.240
34.120.202.204
34.22.248.172
35.192.151.63
35.202.21.90
52.222.236.99
54.78.158.16
64.202.112.255
68.219.88.97
028cec65df2b56e458e0c54478e56456a7ef58930259a3cdbab397b321f3ad26
09ec8e3c1647e21b8905abeb8b4009402342d08593e2d72b06955413a2618999
0aa04a7c9a763a00ec39ab38ad56d3171ea323e99d4c2eb44816a2b465a3ace4
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
193e3fd9bf66cf1071a25b304a450e39f98dedd47e96af1d4e6642b794924f56
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
31dd4d7d45cf891def34501b7b6cbd02c832d8a618e46b796fd150b8b3ecf2d3
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bb5cc3487d743810a11935b5f4fb7171551f37210e2e7b7386674ebe156034f
4339ddfa924a84db3539d2dc1648e0287f49289d6d852acd67c6980346e00ddb
4372a246bbc46de59c254cb8f84ba5c192db905414ab3a484f8d24139c9799e4
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
43fd6e05013726b8d6b4c5708a4ec0e4db80131239a508d051f4762026b90ce1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53a9b39e2f03b82e1827b280c49f0cd467c1d034e5d22f2d745884afe18e3a03
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
559f94813d4e9f407c246e4faa3d52406888c10c62294ec6d5fb065db880dad3
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6187e9836d781bf4bf7e6b1d1f2e8b5b8cccf0888f967907e139f9f3888530f3
68e3001eee71add7b97289841faa37b58d3d8d3dd1aed3dc521d15649523e2a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
73aa70142cdc2441638cb27e10529b089c9c56eabe256663cfefd41bf4c95eb1
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7f596dda7a8c3bf6f03c1c7a2a53f2888cf056ede511b2bd83261483e9545313
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b0b2093ac1eb117447f7a4226d7fef12543d6d4bd523022f14c0e1f9053a026
8b4d802c7d7f4224d8b9ac3ad92e995729c5be19d3c1e3e4eb3226bc08287f30
924f3744875def6fab39e41af1440a640d2231e66e92d7176a7d081984fd88da
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
993980ed4422d82be70d117776d63d486fbd15bd0174f78d5da0660aefa9c208
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b036d9c8318a36aafe6cb4d5a0d01159644af6f7aa889302f99696de6f70a2f6
b21ef5f944698b476cebea28d628ad623311c3f4b32a26a8b5a332bbf9aade0a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c35b1ea8a4bd3ac0d9a2b7ea4745eb228a3c2e41c1a8efaf73e604b980865de8
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
c9322c395eecd1f8349069ee6210d2dd1e54da2df8e038ec65c88fbbfef4b784
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d62d58137392aec32ab3d03e6db9f329d8eee06676d794b524345ea78f2a806e
d7811820eb154a9815fe4cfb4cb904f82545e3f0e51bf2713c39b9078168908b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2e9253f380f2367ceb6ca2bd3090bcff80b1ae2a832f9a34b793edc6bb4d0c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
e7ec42a88a8d272994204eac184e499af1bd1153362680feca7a3972d1620238
ebd810f4e65f3fbf68e5c6d53a56aa6c911e8899d3ebe8d131b0c7c7416a18c2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309d4b1e54f8c0ce27a7a893126a06aef9745a33def3e8b8c85a7795af8997f
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fc3e54102f9718e4ac70fc9b3496a357d9b3ff38c3fd3545f0fdc12d2f0a8b80

www.revelations-articulations.com Open in urlscan Pro 52.222.236.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

99 %HTTPS

45 %IPv6

29 Domains

43 Subdomains

35 IPs

6 Countries

1642 kBTransfer

4667 kBSize

35 Cookies

3 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.revelations-articulations.com Open in urlscan Pro
52.222.236.99 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

99 %
HTTPS

45 %
IPv6

29
Domains

43
Subdomains

35
IPs

6
Countries

1642 kB
Transfer

4667 kB
Size

35
Cookies

105 HTTP transactions
0 data transactions