ua.oriflame.com Open in urlscan Pro
20.93.235.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ua.oriflame.com/
Effective URL:
https://ua.oriflame.com/
Submission: On April 05 via api (April 5th 2024, 6:52:52 am UTC) from US — Scanned from NL

Summary HTTP 161 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 13 domains to perform 161 HTTP transactions. The main IP is 20.93.235.242, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ua.oriflame.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on July 4th 2023. Valid for: a year.

This is the only time ua.oriflame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	20.93.235.242 20.93.235.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
69	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
20	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	20.103.99.71 20.103.99.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	20.93.237.24 20.93.237.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2.22.242.224 2.22.242.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:212... 2600:9000:2127:fe00:1f:ae8e:2440:93a1	16509 (AMAZON-02) (AMAZON-02)
6	23.48.23.14 23.48.23.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.48.23.39 23.48.23.39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	54.154.82.5 54.154.82.5	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.48.23.22 23.48.23.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	54.93.145.252 54.93.145.252	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	65.9.95.124 65.9.95.124	16509 (AMAZON-02) (AMAZON-02)
1	34.22.171.98 34.22.171.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.192.191.9 18.192.191.9	16509 (AMAZON-02) (AMAZON-02)
161	26

12 20.93.235.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ua.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

static.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-we-cdn.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-static.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

clientapp-cdn.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.103.99.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

we-api.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.93.237.24 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

graphql-we.oriflame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.22.242.224 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-22-242-224.deploy.static.akamaitechnologies.com

photorankapi-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:fe00:1f:ae8e:2440:93a1 (United States)

ASN16509 (AMAZON-02, US)

d38knilzwtuys1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.48.23.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-14.deploy.static.akamaitechnologies.com

z2photorankmedia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.23.39 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-39.deploy.static.akamaitechnologies.com

z1photorankmedia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.82.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-82-5.eu-west-1.compute.amazonaws.com

510008967.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.23.22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-22.deploy.static.akamaitechnologies.com

photorankmedia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.145.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-145-252.eu-central-1.compute.amazonaws.com

apps.mypurecloud.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-124.prg50.r.cloudfront.net

api-cdn.mypurecloud.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.22.171.98 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.171.22.34.bc.googleusercontent.com

sst.revieve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.191.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-191-9.eu-central-1.compute.amazonaws.com

apps.mypurecloud.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
117	oriflame.com ua.oriflame.com static.oriflame.com — Cisco Umbrella Rank: 634359 assets-we-cdn.oriflame.com clientapp-cdn.oriflame.com — Cisco Umbrella Rank: 623604 we-api.oriflame.com — Cisco Umbrella Rank: 660770 graphql-we.oriflame.com — Cisco Umbrella Rank: 949294 api-static.oriflame.com — Cisco Umbrella Rank: 522293	2 MB
12	akamaihd.net photorankapi-a.akamaihd.net — Cisco Umbrella Rank: 36539 z2photorankmedia-a.akamaihd.net — Cisco Umbrella Rank: 56269 z1photorankmedia-a.akamaihd.net — Cisco Umbrella Rank: 57224 photorankmedia-a.akamaihd.net — Cisco Umbrella Rank: 56624	171 KB
6	mypurecloud.de apps.mypurecloud.de — Cisco Umbrella Rank: 58747 api-cdn.mypurecloud.de — Cisco Umbrella Rank: 118347	81 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	459 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2709	22 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	152 B
3	cloudfront.net d38knilzwtuys1.cloudfront.net	31 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 10823	563 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	74 KB
1	revieve.com sst.revieve.com — Cisco Umbrella Rank: 304887	483 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	274 B
1	igodigital.com 510008967.collect.igodigital.com	2 KB
161	13

	Domain	Requested by
40	api-static.oriflame.com	assets-we-cdn.oriflame.com
24	assets-we-cdn.oriflame.com	ua.oriflame.com assets-we-cdn.oriflame.com
20	clientapp-cdn.oriflame.com	ua.oriflame.com clientapp-cdn.oriflame.com assets-we-cdn.oriflame.com
12	graphql-we.oriflame.com	assets-we-cdn.oriflame.com
12	ua.oriflame.com	assets-we-cdn.oriflame.com
6	z2photorankmedia-a.akamaihd.net	ua.oriflame.com
5	www.googletagmanager.com	clientapp-cdn.oriflame.com ua.oriflame.com www.googletagmanager.com
5	static.oriflame.com	ua.oriflame.com static.oriflame.com
4	apps.mypurecloud.de	clientapp-cdn.oriflame.com apps.mypurecloud.de
4	we-api.oriflame.com	assets-we-cdn.oriflame.com
3	googleads.g.doubleclick.net	ua.oriflame.com www.googletagmanager.com
3	www.google.com	1 redirects ua.oriflame.com
3	www.google-analytics.com	ua.oriflame.com www.google-analytics.com
3	d38knilzwtuys1.cloudfront.net	assets-we-cdn.oriflame.com
2	api-cdn.mypurecloud.de	assets-we-cdn.oriflame.com
2	www.google.nl	ua.oriflame.com
2	photorankmedia-a.akamaihd.net	ua.oriflame.com
2	connect.facebook.net	ua.oriflame.com connect.facebook.net
2	z1photorankmedia-a.akamaihd.net	ua.oriflame.com
2	photorankapi-a.akamaihd.net	assets-we-cdn.oriflame.com
1	sst.revieve.com	www.googletagmanager.com
1	www.facebook.com	ua.oriflame.com
1	stats.g.doubleclick.net	assets-we-cdn.oriflame.com
1	region1.google-analytics.com	www.googletagmanager.com
1	510008967.collect.igodigital.com	www.googletagmanager.com
161	25

This site contains no links.

Subject Issuer	Validity	Valid
*.oriflame.com Trusted Secure Certificate Authority 5	`2023-07-04` - `2024-07-16`	a year	crt.sh
sni358c2gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-22` - `2025-02-25`	a year	crt.sh
sni2a484gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-20` - `2024-06-19`	a year	crt.sh
clientapp-cdn.oriflame.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-30` - `2024-10-30`	a year	crt.sh
sni33490gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-11-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M02	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-13` - `2024-04-12`	3 months	crt.sh
mypurecloud.de Amazon RSA 2048 M02	`2023-08-20` - `2024-09-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.revieve.com R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ua.oriflame.com/
Frame ID: B2E283ED8FDD3C2DC097D4F9BD9FBA75
Requests: 140 HTTP requests in this frame

Frame: https://apps.mypurecloud.de/messenger/messenger.html
Frame ID: C2D641FBB96A4B8BD99227D7198987D9
Requests: 1 HTTP requests in this frame

Frame: https://apps.mypurecloud.de/messenger/messenger-renderer.html
Frame ID: 43ACF9145B7A8DA3E042773B0A6AE87E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oriflame | Oriflame Cosmetics

Page URL History Show full URLs

http://ua.oriflame.com/ HTTP 307
https://ua.oriflame.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

161
Requests

99 %
HTTPS

40 %
IPv6

13
Domains

25
Subdomains

26
IPs

5
Countries

2428 kB
Transfer

7180 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ua.oriflame.com/ HTTP 307
https://ua.oriflame.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3rPr2r5&rnd=1482143357.1712299968&url=https%3A%2F%2Fua.oriflame.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4430v9180593378za200&auid=1117721501.1712299968 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3rPr2r5&rnd=1482143357.1712299968&url=https%3A%2F%2Fua.oriflame.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4430v9180593378za200&auid=1117721501.1712299968

161 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ua.oriflame.com/
Redirect Chain

http://ua.oriflame.com/
https://ua.oriflame.com/

102 KB
23 KB

137ms
58ms

Document
text/html

20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bff0303823a5dc0f3b6aa69e4461f99c4b7157eb94b46c1d294ddf4eb675b629

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: s-maxage=1200, stale-while-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Apr 2024 06:52:47 GMT
ETag: "wtgs819a8y23e2"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
request-context: appId=cid-v1:
x-nextjs-cache: HIT

Redirect headers

Location: https://ua.oriflame.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 font-sans-ori.css
static.oriflame.com/fonts/v2/ 1 KB
582 B 142ms
17ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AC) /
Resource Hash: a2aac6320b1399d98e193000ee859ebcfbb4c29b72939e5770487e385d711101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
content-md5: o3NyudBIIqumAmcnkaTB4A==
age: 446690
x-cache: HIT
content-length: 261
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 14:07:21 GMT
server: ECAcc (ama/48AC)
etag: 0x8DC48E70FA124FE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7606b161-c01e-00a0-5815-83e49d000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Fri, 12 Apr 2024 06:52:47 GMT

GET
H2 200 sans-regular.woff2
static.oriflame.com/fonts/v2/fonts/ 48 KB
48 KB 142ms
18ms Font
font/woff2 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/fonts/sans-regular.woff2
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CF) /
Resource Hash: 376b936162580acef2fb006d53dfb5be47031613e2b373411e6f3bf35baab7bd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-md5: 7gly7J4j6fNmUCw4ga6ckg==
age: 446341
x-cache: HIT
content-length: 48876
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 14:07:21 GMT
server: ECAcc (ama/48CF)
etag: 0x8DC48E70FA124FE
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: dff4eba5-901e-0059-1016-83e7bf000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 12 Apr 2024 06:52:47 GMT

GET
H2 200 font-sans-condensed-ori.css
static.oriflame.com/fonts/v2/ 1 KB
398 B 157ms
33ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/font-sans-condensed-ori.css
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489D) /
Resource Hash: a150bb5483cb315d11a809402e98626d9e66a7d2aa1be6afe6cacb55895e4aa6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
content-md5: m8TKYxcl8oGnwcXVvsTPWg==
age: 446670
x-cache: HIT
content-length: 269
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 14:07:21 GMT
server: ECAcc (ama/489D)
etag: 0x8DC48E70F9B807C
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 69bd3368-201e-0063-0d15-83fdc7000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Fri, 12 Apr 2024 06:52:47 GMT

GET
H2 200 0bf69f48bfa7bea4.css
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/css/ 979 B
545 B 140ms
17ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/css/0bf69f48bfa7bea4.css

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B0) /

Resource Hash

69c640fc7411481ddfce3e87f9c8d4bfc121c5bbeee048c40e457baa0778e2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/48B0)
age: 678282
etag: W/"3d3-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 288
request-context: appId=cid-v1:

GET
H2 200 webpack-87ef72fb46c4c35b.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 7 KB
3 KB 137ms
29ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A8) /

Resource Hash

9aec408f11dbf01d65968b0b6ac966385783b2022bea87dac54894979219c76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/48A8)
age: 678285
etag: W/"1af5-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 3091
request-context: appId=cid-v1:

GET
H2 200 framework-71f103e42fd5fcc2.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 147 KB
47 KB 140ms
33ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/framework-71f103e42fd5fcc2.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C2) /

Resource Hash

44a3c1b04217cc5427e85f1b2cd5840396e4862ecd76c4c999920e00cec8d442

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 20 Mar 2024 07:51:40 GMT
server: ECAcc (ama/48C2)
age: 1051138
etag: W/"24b8f-18e5ad82ae0"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 47795
request-context: appId=cid-v1:

GET
H2 200 main-9f556ff80afb4a17.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 118 KB
34 KB 125ms
18ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/main-9f556ff80afb4a17.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B8) /

Resource Hash

8c9de0958940a236b21de58b5d4060f36b0d9f85dba9cf4abfb9068fdd01ca9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 20 Mar 2024 07:51:41 GMT
server: ECAcc (ama/48B8)
age: 1051138
etag: W/"1d8bb-18e5ad82ec8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 34665
request-context: appId=cid-v1:

GET
H2 200 _app-26ae3dd2296770e8.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/ 295 KB
95 KB 143ms
36ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48ED) /

Resource Hash

81dfdcd201a18edc118a4a57fa07bbdd1da94c525131ac161a9d3c6358694d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:56 GMT
server: ECAcc (ama/48ED)
age: 678285
etag: W/"49d30-18e848b75e0"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 97559
request-context: appId=cid-v1:

GET
H2 200 d49f66ef-58f443a34a63847f.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 6 KB
1 KB 157ms
49ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/d49f66ef-58f443a34a63847f.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48EA) /

Resource Hash

1d9a91b98c4d61a2c0d89919072a718fd2cf282df9a3e433b7742d97d27e01b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 20 Mar 2024 07:51:39 GMT
server: ECAcc (ama/48EA)
age: 1051048
etag: W/"1719-18e5ad826f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 1133
request-context: appId=cid-v1:

GET
H2 200 b146a4c1-4d8c4d09c87a5927.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 6 KB
1 KB 31ms
29ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/b146a4c1-4d8c4d09c87a5927.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F8) /

Resource Hash

c56ef88f573697a7f1942be9714c3a3d0bbed32501f3bd814e3ab6c07f657f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/48F8)
age: 678285
etag: W/"18da-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 1311
request-context: appId=cid-v1:

GET
H2 200 2416-020340acba5bdbb4.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 159 KB
45 KB 31ms
30ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48CE) /

Resource Hash

824ba8df70d2602971ac123675a4d02311c1158e69d4597963f979833ee4c77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/48CE)
age: 678292
etag: W/"27b1c-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 45904
request-context: appId=cid-v1:

GET
H2 200 853-9fac0a37077b6e7c.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 40 KB
12 KB 39ms
38ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/853-9fac0a37077b6e7c.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4903) /

Resource Hash

88b6fab9476eff09a650dd87d9f8d8571605336e28cc3a244e2179072013ac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/4903)
age: 678285
etag: W/"9e32-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 12630
request-context: appId=cid-v1:

GET
H2 200 7708-ecf945753d25a439.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 1 MB
363 KB 39ms
38ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/7708-ecf945753d25a439.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B0) /

Resource Hash

a1fd186daf9c21430d06435ffd2ca8f96e43702b2d6aebd0523a1429c3f77f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:56 GMT
server: ECAcc (ama/48B0)
age: 678291
etag: W/"12f322-18e848b75e0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 371692
request-context: appId=cid-v1:

GET
H2 200 3009-9631ca6a2dbd380e.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 75 KB
25 KB 60ms
59ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/3009-9631ca6a2dbd380e.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F5) /

Resource Hash

476414fa1315ab3614857a4a4acff8f112667bf97bc8106e83bf5add09345006

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:56 GMT
server: ECAcc (ama/48F5)
age: 678292
etag: W/"12ac4-18e848b75e0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 25975
request-context: appId=cid-v1:

GET
H2 200 %5Blanguage%5D-bd7ed135b0f971ba.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/internal/%5Btenant%5D/ 56 KB
14 KB 60ms
59ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/internal/%5Btenant%5D/%5Blanguage%5D-bd7ed135b0f971ba.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4895) /

Resource Hash

9f1fadf61f30a3aadd8ea1c876ccfcff4ca193d2a5e58ae716b81e457557fb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/4895)
age: 678285
etag: W/"e08d-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 13856
request-context: appId=cid-v1:

GET
H2 200 _buildManifest.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/sgpzdN3zuDb04m7mYOATl/ 1 KB
614 B 60ms
59ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/sgpzdN3zuDb04m7mYOATl/_buildManifest.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48AF) /

Resource Hash

02a2f300d1711ef31b742b54e38dc4777ca7bc8b65fc77bdac0b0a2ae32fc5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/48AF)
age: 678285
etag: W/"4ea-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 538
request-context: appId=cid-v1:

GET
H2 200 _ssgManifest.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/sgpzdN3zuDb04m7mYOATl/ 138 B
182 B 61ms
59ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/sgpzdN3zuDb04m7mYOATl/_ssgManifest.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

a63ededc02db05692509d12688ace4b334aeee7d6f0cc6c43adfe2b3fb7fcd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/48DA)
age: 678285
etag: W/"8a-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="{}"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 107
request-context: appId=cid-v1:

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/analytics-provider/ 630 B
1 KB 156ms
22ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/analytics-provider/index.js
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 47e8bf09cd6d76b9e46274c04450f4ebbb0732705ff71bb1347e6256c630b580

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 630
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 10:32:45 GMT
etag: 0x8DC289149AA9AC2
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx85
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5498d3e1-401e-0038-1998-86472a000000
cache-control: public, max-age=900
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 sans-bold.woff2
static.oriflame.com/fonts/v2/fonts/ 50 KB
50 KB 16ms
16ms Font
font/woff2 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/fonts/v2/fonts/sans-bold.woff2
Requested by: Host: static.oriflame.com
URL: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48DC) /
Resource Hash: 4c18728afd784259d9f58cb89e53a1a9de32a13096a6507ea8662337c40a842d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.oriflame.com/fonts/v2/font-sans-ori.css
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-md5: lqYUnDoO1x2RJ1n+GwJ5mg==
age: 446341
x-cache: HIT
content-length: 51124
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 14:07:21 GMT
server: ECAcc (ama/48DC)
etag: 0x8DC48E70F9C6AC5
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 0ef38845-001e-0074-7316-8354cc000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 12 Apr 2024 06:52:47 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/analytics-provider/2.2.0/ 9 KB
4 KB 23ms
22ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/analytics-provider/2.2.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/analytics-provider/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8665666021c96cea85a8e428955679cc38706a90ab218a093d1d1f72ff6db777

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Thu, 08 Feb 2024 10:31:15 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx8d
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 743f6eef-601e-0000-7891-86e3ea000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2

OPTIONS
H/1.1 200
OK atpClusters
we-api.oriflame.com/live/ Frame 0
0 102ms
20ms Preflight 20.103.99.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://we-api.oriflame.com/live/atpClusters?customerId=-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.103.99.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,x-tenant-context
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://ua.oriflame.com
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ Frame 0
0 114ms
21ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-client-application,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-client-application,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 9681.7392ac0f455a114a.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 22 KB
8 KB 16ms
16ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/9681.7392ac0f455a114a.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488A) /

Resource Hash

ede56e45a1aaf07e7e0d0ddfffea0e7f88e1543f156fe49d235cb6435b5b3234

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/488A)
age: 678228
etag: W/"578d-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 8345
request-context: appId=cid-v1:

GET
H2 200 5871.2a440fbbc600b187.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 20 KB
7 KB 18ms
18ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/5871.2a440fbbc600b187.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4903) /

Resource Hash

ccdc303bca1ab049dcf7770ef10119acb549dd918751ec33ea5e8641bd5e2244

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/4903)
age: 678228
etag: W/"5038-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 6746
request-context: appId=cid-v1:

GET
H2 200 ori_whats-new-component.bc941e03fc6aba93.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 45 KB
12 KB 19ms
18ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ori_whats-new-component.bc941e03fc6aba93.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4892) /

Resource Hash

3e55e9264cb946bfc827cebf1d1f7085c8268b38ef51d18f84d1c4a10be87b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/4892)
age: 678228
etag: W/"b488-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 12552
request-context: appId=cid-v1:

GET
H2 200 3904.348eba2189d82b1c.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 34 KB
11 KB 17ms
17ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/3904.348eba2189d82b1c.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48EB) /

Resource Hash

06d46fbb7a9ec8a6db527c54acc5151fc40328ff3efdb2eb2e8ab2eb41b46ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/48EB)
age: 678209
etag: W/"89a4-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 10751
request-context: appId=cid-v1:

GET
H2 200 8806.9281d6b5717a9c63.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 8 KB
3 KB 18ms
17ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/8806.9281d6b5717a9c63.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488E) /

Resource Hash

35210f60f9b183a4b50509cfac68b13208e670453f85c22a9e344f226facb67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:55 GMT
server: ECAcc (ama/488E)
age: 678181
etag: W/"2020-18e848b71f8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 3287
request-context: appId=cid-v1:

GET
H2 200 3615.9a87ccad2d835443.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 8 KB
3 KB 18ms
18ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/3615.9a87ccad2d835443.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48CB) /

Resource Hash

a806795d78fa709d99d9fe068429b06ac47b6411f7693b721adf17521f8a6de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/48CB)
age: 678240
etag: W/"1e16-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 3213
request-context: appId=cid-v1:

GET
H2 200 1074.6bf8bec0fbef7f26.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 55 KB
19 KB 18ms
18ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/1074.6bf8bec0fbef7f26.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48BE) /

Resource Hash

5388cfb833c6626e5185d691c8fa701a94ec5e8259a23d351a2a3f039258a711

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/48BE)
age: 678228
etag: W/"dc14-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 19580
request-context: appId=cid-v1:

GET
H2 200 3760.9041525a00076343.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 4 KB
2 KB 20ms
20ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/3760.9041525a00076343.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A2) /

Resource Hash

38e8c9dd606feaa5db66532f640c6386c860a649c85ff51ce38f9284333d1fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/48A2)
age: 678228
etag: W/"f38-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1630
request-context: appId=cid-v1:

GET
H2 200 6268.29824f8e637e067a.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 31 KB
10 KB 20ms
20ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/6268.29824f8e637e067a.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48E2) /

Resource Hash

701a2a768e0b69237e169bd9cc615aee20452482d029fd22b7aa2ac79a28ce51

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/48E2)
age: 678228
etag: W/"7c56-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 9789
request-context: appId=cid-v1:

GET
H2 200 catalogues Show response
api-static.oriflame.com/tenants/ua/ 12 KB
2 KB 147ms
16ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/catalogues

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4889) /

Resource Hash

277dc49ec7db4f6748cffb5f9ff7fa8e6e39fb9bea8e8f94bfa80f6e9736fc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:51:32 GMT
server: ECAcc (ama/4889)
age: 75
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Strict-Transport-Security,Vary,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 1840
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H/1.1 200
OK atpClusters Show response
we-api.oriflame.com/live/ 94 B
568 B 30ms
30ms XHR
application/json 20.103.99.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://we-api.oriflame.com/live/atpClusters?customerId=-1

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.103.99.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e23b74267fb7fb18a7e77082053f49fefece530d226dd55353361f7e3446804

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5NzUwMywiaWF0IjoxNzEyMjk3NTAzLCJleHAiOjE3MTIzMDExMDMsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IkEzOTYxRTJDNDA5MUIzQ0JENDI1MjVGMkU5QzJERTBBIn0.V_SuQOwxPhRQbFdrMltSN_ncWMlFY-QQiDJb_i9GiDeEHyD0vryqXQfHGD72KwbjUkrYrMJpwnstsC0mcXKzJimK9K8EdQmE7qdEVWsSbAsatn9d0ZreguL1rDKII6C02ChOQJ6c8aIMu2QlaXw2Y9vE4W7MTAYHbA5ZV97UKwiZl4r8iXCd9e2Tvak5SpcJq4gVpxjtSLiyZlJ0rpuHL8UlxOdl_6NHVKovK75Egbdn2DlVpTFfXrosbgeCswLSUhPAsk8yYEq_4pT_x5R9bC7dTX7Dp8fRTNhHHI5LalbixbOxrMAKM9jJiA_WwNeCKTQo846B29PFMMvQp0shYw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding,Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ua.oriflame.com
Access-Control-Expose-Headers: Date,Content-Length,Strict-Transport-Security,Vary
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 94
Expires: -1

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 266 B
1 KB 73ms
65ms XHR
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b24f3f47d00474b1cb99d0962a93adef5b10225427297072cd2b4378b79f3b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5NzUwMywiaWF0IjoxNzEyMjk3NTAzLCJleHAiOjE3MTIzMDExMDMsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IkEzOTYxRTJDNDA5MUIzQ0JENDI1MjVGMkU5QzJERTBBIn0.V_SuQOwxPhRQbFdrMltSN_ncWMlFY-QQiDJb_i9GiDeEHyD0vryqXQfHGD72KwbjUkrYrMJpwnstsC0mcXKzJimK9K8EdQmE7qdEVWsSbAsatn9d0ZreguL1rDKII6C02ChOQJ6c8aIMu2QlaXw2Y9vE4W7MTAYHbA5ZV97UKwiZl4r8iXCd9e2Tvak5SpcJq4gVpxjtSLiyZlJ0rpuHL8UlxOdl_6NHVKovK75Egbdn2DlVpTFfXrosbgeCswLSUhPAsk8yYEq_4pT_x5R9bC7dTX7Dp8fRTNhHHI5LalbixbOxrMAKM9jJiA_WwNeCKTQo846B29PFMMvQp0shYw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
x-client-application: @ori/frontpage
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"10a-s1c1ZTCBTLRwl+yQk2Ntd4VIkio"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 266
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H/1.1 200
OK SuggestionsAndResults Show response
ua.oriflame.com/system/ajax/Search/ 159 B
1 KB 41ms
41ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=f2a6539e6e8b57fd
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Content-Length: 159
Expires: -1

GET
H/1.1 200
OK SuggestionsAndResults Show response
ua.oriflame.com/system/ajax/Search/ 159 B
1 KB 71ms
35ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=ea02577c193e0f9c
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Content-Length: 159
Expires: -1

GET
H2 200 AboutTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 3 KB
1 KB 155ms
30ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4888) /

Resource Hash

d2a9d1d121c61bcafd1cc1528fe3f8b286d146369dbd06122d45d6647a5add0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 549
x-cache: HIT
content-length: 1141
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/4888)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 InspirationTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 4 KB
1 KB 153ms
28ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F3) /

Resource Hash

8ef438ce61ea82729616d43952e0d40ae8efbf78547f1f33807f5a79ef634479

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 75
x-cache: HIT
content-length: 1187
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
last-modified: Fri, 05 Apr 2024 06:51:32 GMT
server: ECAcc (ama/48F3)
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 JoinTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 34 B
90 B 154ms
29ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C4) /

Resource Hash

c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/48C4)
age: 549
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
access-control-expose-headers: Vary,Date,Content-Length,Strict-Transport-Security
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 34
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 ShopSection Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 81 KB
13 KB 145ms
21ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4903) /

Resource Hash

dce43d4ed0e27f55b328358e639fee633cd81ac9758a83e33921fa7de0e98d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:48:33 GMT
server: ECAcc (ama/4903)
age: 254
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 12801
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 TopNavigation Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 892 B
304 B 145ms
29ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/2416-020340acba5bdbb4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A1) /

Resource Hash

3b149bff5cbf1fa99c7c0af833e330b90feb2b28bbe3f70a29fd7703996d82f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 549
x-cache: HIT
content-length: 259
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/48A1)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Content-Length,Strict-Transport-Security
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET VipAccessJson
ua.oriflame.com/system/ajax/stickybar/ 0
0

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/basket-provider/ 622 B
1017 B 26ms
26ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/basket-provider/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0a689066c9f4807296236551bcc515aee583d2cea5782e694ca6ccc011d4c005

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 622
x-ms-lease-status: unlocked
last-modified: Tue, 27 Feb 2024 09:44:22 GMT
etag: 0x8DC3778AD7EB023
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx8r
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdf6f634-d01e-0015-65fb-7af459000000
cache-control: public, max-age=900
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/outdated-browser-info/ 1 KB
1 KB 60ms
60ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 589615fe4fb715b83513a7854eab31bd2c05cccfc8988ba72dc336ad2233ef9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Thu, 14 Oct 2021 08:15:30 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx8s
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: a490baab-801e-0018-2c25-873c8d000000
cache-control: private, no-cache, no-store
x-cache: PRIVATE_NOSTORE
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/subscription-wizard/ 830 B
1 KB 24ms
24ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/subscription-wizard/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f262c93918e12be57fab092bd9f097e3771bfd97781847555b75f65a6654edc2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 830
x-ms-lease-status: unlocked
last-modified: Wed, 13 Mar 2024 10:04:09 GMT
etag: 0x8DC4344ED171FD9
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx8t
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc9ff673-f01e-004f-0d98-8692be000000
cache-control: public, max-age=900
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/web-messenger/ 799 B
1 KB 132ms
25ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/web-messenger/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56cf28c459f6d029e8262cd8cf87e6dedf330afff3742e729953576c94aab494

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
last-modified: Tue, 19 Dec 2023 19:31:11 GMT
etag: 0x8DC00C90EF7964A
x-azure-ref: 20240405T065247Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6qv
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 155e4909-801e-0018-0561-7d3c8d000000
cache-control: public, max-age=900
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 799

GET
H/1.1 200
OK GetSpaTokenAsync Show response
ua.oriflame.com/system/ajax/ApiGateway/ 1004 B
2 KB 50ms
31ms Fetch
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/ApiGateway/GetSpaTokenAsync

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

565d13c9ce0f6023cb5c938558d45b13e8777a89811de888ac5d54921b5aafd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-bc3d5f2455d8476d-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ua.oriflame.com/
request-id: |38aad775524c4b8c931ce3c85547e8e6.bc3d5f2455d8476d
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=1750efeb427f736c
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Content-Length: 1004
Expires: -1

GET
H/1.1 200
OK Translate Show response
ua.oriflame.com/system/ajax/Localization/ 451 B
1 KB 64ms
31ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/Localization/Translate?keys=AreYouSureToLeaveConversation&keys=ChatBot&keys=ChatIsActive&keys=ChatIsNotAvailableDueToOpeningHours&keys=ChatWithUs&keys=Customer&keys=EmailChatHistory&keys=No&keys=PrintChatHistory&keys=Send&keys=Yes&sc_lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8eecf7ca4197e4b9478fd0e20546e4808c38c02aba94ca5a12ce275eec5f0e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
pragma: no-cache
expires: 0
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-6792aeb8f4764731-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
cache-control: no-cache
Referer: https://ua.oriflame.com/
Request-Id: |38aad775524c4b8c931ce3c85547e8e6.6792aeb8f4764731
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Age: 1300
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=39cb44a169836315
X-Cache: HIT
Content-Length: 313
Last-Modified: Fri, 05 Apr 2024 06:31:07 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Expires: Fri, 05 Apr 2024 06:52:52 GMT

HEAD
H/1.1 200
OK index.json
ua.oriflame.com/_next/data/sgpzdN3zuDb04m7mYOATl/ 0
0 63ms
29ms Fetch
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/_next/data/sgpzdN3zuDb04m7mYOATl/index.json?tenant=ua&language=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-nextjs-data: 1
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-e054d288343e4beb-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ua.oriflame.com/
request-id: |38aad775524c4b8c931ce3c85547e8e6.e054d288343e4beb
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
x-nextjs-matched-path: /internal/[tenant]/[language]
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: "12w3lz4w491vdb"
Vary: Accept-Encoding
Content-Type: application/json
x-nextjs-cache: HIT
Cache-Control: s-maxage=1200, stale-while-revalidate
Connection: keep-alive
x-nextjs-rewrite: /internal/ua/uk-UA/?tenant=ua&language=uk-UA
Content-Length: 46258
request-context: appId=cid-v1:

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ Frame 0
0 80ms
34ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-client-application,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-client-application,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 266 B
1 KB 86ms
86ms XHR
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b24f3f47d00474b1cb99d0962a93adef5b10225427297072cd2b4378b79f3b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5NzUwMywiaWF0IjoxNzEyMjk3NTAzLCJleHAiOjE3MTIzMDExMDMsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IkEzOTYxRTJDNDA5MUIzQ0JENDI1MjVGMkU5QzJERTBBIn0.V_SuQOwxPhRQbFdrMltSN_ncWMlFY-QQiDJb_i9GiDeEHyD0vryqXQfHGD72KwbjUkrYrMJpwnstsC0mcXKzJimK9K8EdQmE7qdEVWsSbAsatn9d0ZreguL1rDKII6C02ChOQJ6c8aIMu2QlaXw2Y9vE4W7MTAYHbA5ZV97UKwiZl4r8iXCd9e2Tvak5SpcJq4gVpxjtSLiyZlJ0rpuHL8UlxOdl_6NHVKovK75Egbdn2DlVpTFfXrosbgeCswLSUhPAsk8yYEq_4pT_x5R9bC7dTX7Dp8fRTNhHHI5LalbixbOxrMAKM9jJiA_WwNeCKTQo846B29PFMMvQp0shYw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
x-client-application: @ori/frontpage
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"10a-s1c1ZTCBTLRwl+yQk2Ntd4VIkio"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 266
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H/1.1 200
OK SuggestionsAndResults Show response
ua.oriflame.com/system/ajax/Search/ 159 B
765 B 49ms
30ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-fc2c8576a20e4e8a-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
Request-Id: |38aad775524c4b8c931ce3c85547e8e6.fc2c8576a20e4e8a
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Cache-Control: private
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Length: 159
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=fd859e2ff2cb656d
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK SuggestionsAndResults Show response
ua.oriflame.com/system/ajax/Search/ 159 B
765 B 56ms
28ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/Search/SuggestionsAndResults?q=

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-84c0cdf927974022-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
Request-Id: |38aad775524c4b8c931ce3c85547e8e6.84c0cdf927974022
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Cache-Control: private
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Length: 159
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=ec9b0b92a1d0e41d
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 AboutTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 3 KB
1 KB 112ms
31ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4888) /

Resource Hash

d2a9d1d121c61bcafd1cc1528fe3f8b286d146369dbd06122d45d6647a5add0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 549
x-cache: HIT
content-length: 1141
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/4888)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 InspirationTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 4 KB
1 KB 111ms
30ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F3) /

Resource Hash

8ef438ce61ea82729616d43952e0d40ae8efbf78547f1f33807f5a79ef634479

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 75
x-cache: HIT
content-length: 1187
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
last-modified: Fri, 05 Apr 2024 06:51:32 GMT
server: ECAcc (ama/48F3)
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 JoinTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 34 B
76 B 114ms
34ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C4) /

Resource Hash

c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/48C4)
age: 549
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
access-control-expose-headers: Vary,Date,Content-Length,Strict-Transport-Security
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 34
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 ShopSection Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 81 KB
13 KB 98ms
19ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4903) /

Resource Hash

dce43d4ed0e27f55b328358e639fee633cd81ac9758a83e33921fa7de0e98d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:48:33 GMT
server: ECAcc (ama/4903)
age: 254
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 12801
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 TopNavigation Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 892 B
406 B 97ms
19ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A1) /

Resource Hash

3b149bff5cbf1fa99c7c0af833e330b90feb2b28bbe3f70a29fd7703996d82f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 549
x-cache: HIT
content-length: 259
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/48A1)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Content-Length,Strict-Transport-Security
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H/1.1 200
OK VipAccessJson Show response
ua.oriflame.com/system/ajax/stickybar/ 2 B
879 B 64ms
35ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/stickybar/VipAccessJson

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-e95d3ce9a330442a-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
Request-Id: |38aad775524c4b8c931ce3c85547e8e6.e95d3ce9a330442a
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=479d9a65b2bf7e61
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Content-Length: 2
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 381 KB
112 KB 195ms
86ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Requested by

Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/analytics-provider/2.2.0/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a14a6736fa76168cb0468160d350097d2c9218037ffd580fac4a38b12f15c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113825
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Apr 2024 06:52:47 GMT

OPTIONS
H2 200 basket-bubble
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 105ms
44ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/basket-bubble?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A7) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/48A7)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 basket-bubble Show response
api-static.oriflame.com/tenants/ua/localizations/ 54 B
95 B 16ms
16ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/basket-bubble?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A7) /

Resource Hash

b3650515603d4df0e4dae59d31fd4527b0d274b904174838bfc490ea36f630ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:58:21 GMT
server: ECAcc (ama/48A7)
age: 3266
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 54
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 olapic Show response
api-static.oriflame.com/tenants/ua/localizations/ 252 B
316 B 17ms
17ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/olapic?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

8dc28f65a1071b16f0df2d3e494f8f4358632756a7e3d2bf593be9eebe8e48ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:58:52 GMT
server: ECAcc (ama/48B6)
age: 3235
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 252
expires: Fri, 05 Apr 2024 06:52:52 GMT

OPTIONS
H2 200 olapic
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 111ms
53ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/olapic?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/48B6)
strict-transport-security: max-age=16070400; includeSubDomains

OPTIONS
H2 200 novage-skincare-advisor
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 100ms
43ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/novage-skincare-advisor?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488F) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
server: ECAcc (ama/488F)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 novage-skincare-advisor Show response
api-static.oriflame.com/tenants/ua/localizations/ 110 B
174 B 16ms
16ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/novage-skincare-advisor?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488F) /

Resource Hash

5e277513caf8b436876be440050b712a68f8c3f7f42e70d0c150ce3ea3db4c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:57:37 GMT
server: ECAcc (ama/488F)
age: 3310
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 110
expires: Fri, 05 Apr 2024 06:52:52 GMT

OPTIONS
H2 200 mini-shopping-bag
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 92ms
38ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/mini-shopping-bag?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A9) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/48A9)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 mini-shopping-bag Show response
api-static.oriflame.com/tenants/ua/localizations/ 759 B
824 B 17ms
16ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/mini-shopping-bag?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A9) /

Resource Hash

ef82ec18197588ae3a839b7f956a3536dcccb065cf54c7a41aeaf1f1128bf538

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:58:21 GMT
server: ECAcc (ama/48A9)
age: 3266
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 759
expires: Fri, 05 Apr 2024 06:52:52 GMT

OPTIONS
H2 200 product-info-dialog
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 72ms
20ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/product-info-dialog?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489D) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/489D)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 product-info-dialog Show response
api-static.oriflame.com/tenants/ua/localizations/ 1 KB
1 KB 16ms
16ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/product-info-dialog?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489D) /

Resource Hash

2e905def3de6f3deab2121df20330cfe44d79566770f3c9819acc0e6b9d399e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:57:35 GMT
server: ECAcc (ama/489D)
age: 3312
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 1289
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/ 3 KB
2 KB 21ms
20ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/subscription-wizard/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 17642e2219e0fdf3143e1bff790c32bc067586ea4f13e0f511e1696d0dd71214

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Wed, 13 Mar 2024 10:03:39 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx91
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0bdef1a5-701e-0051-4b6b-787e66000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/basket-provider/1.22.0/ 67 KB
27 KB 43ms
43ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/basket-provider/1.22.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/basket-provider/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bba9659a3c5f0439240bc54c24fddeed1aa348546bc95fa7fa13366fb76ca8fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 09:39:25 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx92
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33080622-701e-001c-3a73-78b18a000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ Frame 0
0 53ms
26ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Request-Method: POST
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 5 KB
2 KB 298ms
297ms XHR
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e93e0a2578803e25c01fc5f9ee94d48f452168cc83b2e1fe9d693881e3e86502

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-use-product-data-caching: true
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
x-use-products-service: true
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5NzUwMywiaWF0IjoxNzEyMjk3NTAzLCJleHAiOjE3MTIzMDExMDMsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IkEzOTYxRTJDNDA5MUIzQ0JENDI1MjVGMkU5QzJERTBBIn0.V_SuQOwxPhRQbFdrMltSN_ncWMlFY-QQiDJb_i9GiDeEHyD0vryqXQfHGD72KwbjUkrYrMJpwnstsC0mcXKzJimK9K8EdQmE7qdEVWsSbAsatn9d0ZreguL1rDKII6C02ChOQJ6c8aIMu2QlaXw2Y9vE4W7MTAYHbA5ZV97UKwiZl4r8iXCd9e2Tvak5SpcJq4gVpxjtSLiyZlJ0rpuHL8UlxOdl_6NHVKovK75Egbdn2DlVpTFfXrosbgeCswLSUhPAsk8yYEq_4pT_x5R9bC7dTX7Dp8fRTNhHHI5LalbixbOxrMAKM9jJiA_WwNeCKTQo846B29PFMMvQp0shYw
sec-ch-ua-mobile: ?0
x-client-application: @ori/frontpage
Content-Type: application/json
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"1498-TWbixnMyRoiXlrT7QxBdzwtBC0U"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/ua/bazaarvoice/ 552 B
485 B 60ms
18ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/bazaarvoice/configuration

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C0) /

Resource Hash

69e4900d7615ea7666f7618a425db366ce8f481dce4466e9671df1c8b2f83327

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:28:39 GMT
server: ECAcc (ama/48C0)
age: 1448
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Content-Length,Strict-Transport-Security,Vary
cache-control: public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
content-length: 316
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/outdated-browser-info/1.2.1/ 60 KB
25 KB 47ms
45ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/1.2.1/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/outdated-browser-info/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca43a84357402328702af8b8e5f290dafeeeac4e18cbb5e2a6762e6e4d9ce21f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Thu, 14 Oct 2021 08:15:30 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx93
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 3f6d7831-e01e-006c-4f14-7b087d000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2

GET
H2 200 AboutTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 3 KB
1 KB 39ms
17ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/AboutTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4888) /

Resource Hash

d2a9d1d121c61bcafd1cc1528fe3f8b286d146369dbd06122d45d6647a5add0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 549
x-cache: HIT
content-length: 1141
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/4888)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 InspirationTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 4 KB
1 KB 57ms
36ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/InspirationTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F3) /

Resource Hash

8ef438ce61ea82729616d43952e0d40ae8efbf78547f1f33807f5a79ef634479

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 75
x-cache: HIT
content-length: 1187
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
last-modified: Fri, 05 Apr 2024 06:51:32 GMT
server: ECAcc (ama/48F3)
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 JoinTiles Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 34 B
76 B 55ms
34ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/JoinTiles?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C4) /

Resource Hash

c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/48C4)
age: 549
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
access-control-expose-headers: Vary,Date,Content-Length,Strict-Transport-Security
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 34
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 ShopSection Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 81 KB
13 KB 53ms
32ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ShopSection?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4903) /

Resource Hash

dce43d4ed0e27f55b328358e639fee633cd81ac9758a83e33921fa7de0e98d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:48:33 GMT
server: ECAcc (ama/4903)
age: 254
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Strict-Transport-Security,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 12801
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 TopNavigation Show response
api-static.oriflame.com/tenants/ua/applications/navigation/navigations/ 892 B
304 B 57ms
36ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/navigation/navigations/TopNavigation?excludeChildren=false&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A1) /

Resource Hash

3b149bff5cbf1fa99c7c0af833e330b90feb2b28bbe3f70a29fd7703996d82f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 549
x-cache: HIT
content-length: 259
request-context: appId=cid-v1:2d0aeff4-3e83-44b8-960f-f4e91fab692f
last-modified: Fri, 05 Apr 2024 06:43:38 GMT
server: ECAcc (ama/48A1)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Vary,Date,Content-Length,Strict-Transport-Security
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 182.chunk.js Show response
clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/ 581 KB
228 KB 51ms
48ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/182.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f5c56e6fccc44cda4927612bec3bc88df567e55805707e4d53ea302665b7067

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Wed, 13 Mar 2024 10:03:39 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6qx
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 827277f4-d01e-0005-2e4b-7f3131000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 966.chunk.js Show response
clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/ 35 KB
10 KB 52ms
48ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/966.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/subscription-wizard/v2.2.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9f7a5363b6358b78151290c37fdb2f90ba18553cc1e87ce22ddb8ada626303b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Wed, 13 Mar 2024 10:03:39 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6qy
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2c74996a-401e-0081-1c51-7d4330000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H/1.1 200
OK Translate Show response
ua.oriflame.com/system/ajax/Localization/ 339 B
1 KB 31ms
31ms XHR
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/Localization/Translate?Keys=UpdateYourBrowser&Keys=YourBrowserIsOutdated&Keys=Update

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4434539343ed760dce613deedb98ddbcae2ac2c4d5ce78833a07e2c09d13db55

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-3a2db2c03b1e4864-01
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ua.oriflame.com/
Request-Id: |38aad775524c4b8c931ce3c85547e8e6.3a2db2c03b1e4864
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Age: 22
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=4fd8a3ed45460405
X-Cache: HIT
Content-Length: 248
Last-Modified: Fri, 05 Apr 2024 06:52:25 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 4 KB
2 KB 21ms
21ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/web-messenger/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 86b0885b77280ea96e164e8edb7bdb293771fb6f4eeec5de073edd6a1a976550

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Tue, 19 Dec 2023 19:30:35 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dx9a
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 317bd552-901e-0049-5bf3-84a101000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2

OPTIONS
H2 200 configuration
api-static.oriflame.com/tenants/ua/applications/miniBag/ Frame 0
0 22ms
21ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/miniBag/configuration

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489B) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/489B)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/ua/applications/miniBag/ 78 B
143 B 16ms
16ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/miniBag/configuration

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489B) /

Resource Hash

45f79b62528386c37303ace88633de80dc7dfecf365eca75a48a616f83635252

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:43:04 GMT
server: ECAcc (ama/489B)
age: 583
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
access-control-expose-headers: Date,Content-Length,Strict-Transport-Security,Vary
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 78
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 culture Show response
api-static.oriflame.com/tenants/ua/ 4 KB
1 KB 18ms
17ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/culture

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489A) /

Resource Hash

da8a7e834c9cad9e4ec21e0613296c8ff330062954291adf5760842a30b1e550

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
age: 3267
x-cache: HIT
content-length: 1093
last-modified: Fri, 05 Apr 2024 05:58:20 GMT
server: ECAcc (ama/489A)
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Strict-Transport-Security,Vary,Content-Encoding,Content-Length,Connection
cache-control: public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
accept-ranges: bytes
expires: Fri, 05 Apr 2024 06:52:52 GMT

OPTIONS
H2 200 novAgeSkincareConfiguration
api-static.oriflame.com/tenants/ua/applications/advisor/ Frame 0
0 28ms
27ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/advisor/novAgeSkincareConfiguration?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4898) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-application,x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-client-application,x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/4898)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 novAgeSkincareConfiguration Show response
api-static.oriflame.com/tenants/ua/applications/advisor/ 98 B
161 B 16ms
16ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/advisor/novAgeSkincareConfiguration?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4898) /

Resource Hash

fd8789cc16837b6ca60f59eb2eeefb313321987040a27ec04317e80a55077111

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-client-application: novage-skincare-advisor
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:48:05 GMT
server: ECAcc (ama/4898)
age: 282
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Content-Length,Strict-Transport-Security,Vary
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
accept-ranges: bytes
content-length: 98
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/ua/applications/olapic/ 428 B
393 B 17ms
17ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/olapic/configuration?olapicType=FrontPage&lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48AA) /

Resource Hash

adcb78ab17cdadedba372257b030cbb9df99627f497a2d99bd9ccfbd73a2b340

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:49:25 GMT
server: ECAcc (ama/48AA)
age: 202
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Content-Length,Strict-Transport-Security,Vary
cache-control: public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
content-length: 314
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 398.chunk.js Show response
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 452 KB
176 KB 51ms
51ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/398.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c14d28b61cfdd67f9f52a361e57331b379f22fd3388c353e250ad3aac9b899e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Tue, 19 Dec 2023 19:30:35 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6rx
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1b950827-701e-001c-782a-7bb18a000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 37.chunk.js Show response
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 13 KB
6 KB 51ms
51ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/37.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f55cfc8980a763ff5b9e6b28c54349247a5392c5a33a801bf354d2ec3ad5f36c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
last-modified: Tue, 19 Dec 2023 19:30:35 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065247Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6ry
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7ead6334-b01e-005e-717b-78080a000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

OPTIONS
H/1.1 200
OK atpClusters
we-api.oriflame.com/live/ Frame 0
0 33ms
33ms Preflight 20.103.99.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://we-api.oriflame.com/live/atpClusters?customerId=-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.103.99.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,x-tenant-context
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://ua.oriflame.com
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin

GET
H/1.1 200
OK atpClusters Show response
we-api.oriflame.com/live/ 94 B
568 B 64ms
64ms XHR
application/json 20.103.99.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://we-api.oriflame.com/live/atpClusters?customerId=-1

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.103.99.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e23b74267fb7fb18a7e77082053f49fefece530d226dd55353361f7e3446804

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5ODk5NSwiaWF0IjoxNzEyMjk4OTk1LCJleHAiOjE3MTIzMDI1OTUsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiRUNvbW1lcmNlU3BhQ2xpZW50IiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiVW5UcnVzdGVkIiwianRpIjoiN0Q1NzQwNEE3NTNFMDZBRDk5NTBENDM1MjkzMjlERUQifQ.qIxI73NrncBVlW1oyjdYExk0Uw-KKlMimijUOF4w0XEET4eLkTcvK6B15N5CpYxEkKiZgt9xG-8-5Th6vcMweyrsXpw3liBxYKFLNFtIRBlsXoAUkzSJJkVrZezlBALsaUp_HOUu5IbIJtRdbxC_d0YOIEi4ihYc26lyM9OUNhQCTsxTdc80zGd3HT_EXTqVBlZ-HufEFqco4VMITJTefLQkZc47YXyJMEgQQyinpJ7ADW2kBe2H7LZ_GodLIWDervr_flCX0w534WvhYmVBTZV5stPnMtr_2QYTc-1iStuW7s40FwCFZvtrHZ01BdSsaDmgdnERZIcvYPAeyZ0-JQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding,Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ua.oriflame.com
Access-Control-Expose-Headers: Date,Content-Length,Strict-Transport-Security,Vary
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 94
Expires: -1

GET
H/1.1 200
OK / Show response
photorankapi-a.akamaihd.net/ 4 KB
1 KB 116ms
33ms XHR
application/json 2.22.242.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://photorankapi-a.akamaihd.net/?auth_token=f22582e74af167d41764cec8ac4235dff2c321cf074527d2e4c684b573b8bff2&version=v2.2&wrap_responses=1
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.242.224 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-22-242-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9a58e1ac95397d9dcb5277b79f596fcf2443224810f570d43342bd4b05e35a51

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"62f65fc924ecc8a55a2eed2af70cb490"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2165
Connection: keep-alive
Content-Length: 1031

GET
H2 200 4588.cfb43de94b561a7a.js Show response
assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/ 7 KB
3 KB 16ms
16ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/4588.cfb43de94b561a7a.js

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/webpack-87ef72fb46c4c35b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C6) /

Resource Hash

0a00f1bed95d9cb64e34d78a4810fa7b606d9090e6401415a84b407279b1d7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 28 Mar 2024 10:11:54 GMT
server: ECAcc (ama/48C6)
age: 678219
etag: W/"1b33-18e848b6e10"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 2897
request-context: appId=cid-v1:

OPTIONS
H2 200 subscription-wizard
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 32ms
32ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/subscription-wizard?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F8) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/48F8)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 subscription-wizard Show response
api-static.oriflame.com/tenants/ua/localizations/ 2 KB
2 KB 16ms
16ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/subscription-wizard?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F8) /

Resource Hash

7d359f12e4806447bdbbd2c192cbc24c4f68b1bdc7800359f3a964ec8b724096

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:58:52 GMT
server: ECAcc (ama/48F8)
age: 3235
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 1561
expires: Fri, 05 Apr 2024 06:52:52 GMT

GET
H2 200 revieve-plugin-loader.js Show response
d38knilzwtuys1.cloudfront.net/revieve-plugin-v4/ 129 KB
30 KB 120ms
36ms Script
application/javascript 2600:9000:2127:fe00:1f:ae8e:2440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38knilzwtuys1.cloudfront.net/revieve-plugin-v4/revieve-plugin-loader.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/4588.cfb43de94b561a7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fe00:1f:ae8e:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc3cc4150505a445999c32dadc2d9f6de8234c3208ff159b8f4ef828b9e2f75d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:10:57 GMT
content-encoding: gzip
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified: Thu, 28 Mar 2024 10:52:49 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 16911
x-amz-server-side-encryption: AES256
etag: W/"4ad5fd63035690c769a4d292b35a7bb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: w3rCFmPkfh29HHLbu22XuLyQwZiYZCpuw4F1_JL22BPZyo2EOGnW-Q==

GET
H2 200 745.chunk.js Show response
clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/ 222 B
599 B 134ms
133ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/745.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b7a1a3458e1c41c493dd8df0bffb946e83717661069c46060eccef79a9f3892e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:47 GMT
last-modified: Tue, 19 Dec 2023 19:30:35 GMT
etag: 0x8DC00C8F954A4C9
x-azure-ref: 20240405T065247Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6te
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 301aa5cc-a01e-0030-3e74-785d25000000
cache-control: public, max-age=900
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 222

POST
H/1.1 200
OK GetShoppingContext Show response
ua.oriflame.com/system/ajax/ShoppingBag/ 224 KB
30 KB 174ms
174ms Fetch
application/json 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/ShoppingBag/GetShoppingContext

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cb44486b0c1517340550173072f3860446969f72eb8510b2e4448d2314e0d81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-8a3e10165ac0454e-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer: https://ua.oriflame.com/
request-id: |38aad775524c4b8c931ce3c85547e8e6.8a3e10165ac0454e
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy-Report-Only: frame-ancestors 'self' http://*.oriflame.com https://*.oriflame.com http://*.online.ori https://*.online.ori http://*.ori.local https://*.ori.local http://*.oriflame.cc https://*.oriflame.cc http://*.oriflame.ru https://*.oriflame.ru http://*.oriflame.cn https://*.oriflame.cn; report-uri /CspReport?policyRequestId=9f871d77edaf704f
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 30249
Expires: -1

GET
H/1.1 200
OK recent Show response
photorankapi-a.akamaihd.net/customers/220180/media/ 237 KB
22 KB 21ms
21ms XHR
application/json 2.22.242.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://photorankapi-a.akamaihd.net/customers/220180/media/recent?rights_given=1&version=v2.2&include_tagged_galleries=1&auth_token=f22582e74af167d41764cec8ac4235dff2c321cf074527d2e4c684b573b8bff2&wrap_responses=1
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.242.224 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-22-242-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0bdee609674a383c73154f3b4b4010c9b96288d0c914d3f4818c70272b3767d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"0604157439f0d0e5ec265e63de8e0c38"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=911
Connection: keep-alive
Content-Length: 22008

GET
H/1.1 200
OK mobile.jpg
z2photorankmedia-a.akamaihd.net/media/p/c/5/pc54ha5/ 20 KB
21 KB 119ms
36ms Image
image/jpeg 23.48.23.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z2photorankmedia-a.akamaihd.net/media/p/c/5/pc54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 98810433d4b06b0513234032dac73318c0ffcaba457ba3034cdcc788748828ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:46 GMT
Server: AmazonS3
x-amz-request-id: 8H5Q3VWMK2YG5RER
ETag: "1bb302fc50362fa8db058e5cc54a8352"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 20584
x-amz-id-2: bSfHs+jgYBHNYXsr6s+TOwb6uENNgdv7i0bN9sku9bCCXub7J+fAHTyONzQOno9G0cNch1Y+Tzs=

GET
H/1.1 200
OK mobile.jpg
z1photorankmedia-a.akamaihd.net/media/d/c/5/dc54ha5/ 14 KB
14 KB 103ms
25ms Image
image/jpeg 23.48.23.39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z1photorankmedia-a.akamaihd.net/media/d/c/5/dc54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-39.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ae025418eb73f6a0cde405dbdbed8867e67e2c39aad968e75bc64a94f3ba0a1d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:33 GMT
Server: AmazonS3
x-amz-request-id: QJKNQM4Q43CVKG9B
ETag: "0075da9a2b4ddda3ab7a609e26453ec9"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 14049
x-amz-id-2: 9akubDtwUKcpzQcX4LBhMvJOzOveWYrwmde1qyliMqyhmBNS6434sbZSQVpVAD17r7TY5vpfibU=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 158ms
50ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Apr 2024 05:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3879
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Apr 2024 07:48:08 GMT

GET
H2 200 collect.js Show response
510008967.collect.igodigital.com/ 8 KB
2 KB 145ms
34ms Script
application/javascript 54.154.82.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://510008967.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.82.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-82-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6d38c3fe7eb820b77b42c2a374062b56d279dbea21c0578f3d8f3ce145dc338b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 11:05:18 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S4LZ01R85R

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79dadb94567b1b4639eab25b45645c8f626a1b246edd32141129b9945b023df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Apr 2024 06:52:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S4LZ01R85R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64f3f874dee3371f0807d96752cceac660dece0494232d048d50bc02912964a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Apr 2024 06:52:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 74ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Apr 2024 06:52:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57928
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: VarIb8IVrRtkt0EUhDbFKA27z51o7HBHNNJPkEnnBOlY1eKRG/6+TXX5n57EHGPwYE9hLdK1cfvHa+qxsmC2sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11382798551&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe7cbc3f647473af53b0e9d9f4c57a0775c1c556f1ded3ed1bc1883ee4dd6352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80715
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Apr 2024 06:52:47 GMT

GET
H/1.1 200
OK mobile.jpg
z2photorankmedia-a.akamaihd.net/media/m/s/n/msnrha5/ 18 KB
18 KB 26ms
25ms Image
image/jpeg 23.48.23.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z2photorankmedia-a.akamaihd.net/media/m/s/n/msnrha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 137794f6402d2aaf76d057b1093a862f2f34fad1ee57dc6d5e7a117af0fb28fc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Fri, 05 Apr 2024 04:30:25 GMT
Server: AmazonS3
x-amz-request-id: ZS7VDJYAS01J3CCA
ETag: "bdb11677db3be86d52a4fd502cfe9a57"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 18121
x-amz-id-2: x80eYxHRIg4qqeh+zF9BsmMHZkWAba7yJLyPhE/QB1lzDccY0Sqc7Urrzb7w3iefBwzrZfHC9h8=

GET
H/1.1 200
OK mobile.jpg
z2photorankmedia-a.akamaihd.net/media/6/d/5/6d54ha5/ 16 KB
16 KB 52ms
25ms Image
image/jpeg 23.48.23.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z2photorankmedia-a.akamaihd.net/media/6/d/5/6d54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f23cf4fa8542e5624cdd26815327a167cf62984eca6f244f0a2f399a04e3477

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:45 GMT
Server: AmazonS3
x-amz-request-id: HHTMG1QWFXBQ36ZT
ETag: "187a065cf5b5df844120e6418ca93355"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 16279
x-amz-id-2: vtE3U1h8yfmMB5hPxNZfabwA4HPKUIvuaBN5Q9mIbfY15gIpomNKOI+eFj9RAqArs8N7Mrz+Q1s=

GET
H/1.1 200
OK mobile.jpg
photorankmedia-a.akamaihd.net/media/v/c/5/vc54ha5/ 9 KB
10 KB 120ms
24ms Image
image/jpeg 23.48.23.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photorankmedia-a.akamaihd.net/media/v/c/5/vc54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-22.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b8ab4f375256967844ba4a6d254d56a378705a72d9faf03f3c68a798d03db2ae

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:44 GMT
Server: AmazonS3
x-amz-request-id: 8H5P6QRDBFCN9B0Q
ETag: "39fe6b63ee6b56772c635166ce074103"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 9646
x-amz-id-2: N0eRB1xXxZWpwti+O70wNVXrhI0XFH4cgt8yVuhy5XqRC1H3rYxsoXxcyJX3YMQlYepSGthBozw=

GET
H/1.1 200
OK mobile.jpg
z1photorankmedia-a.akamaihd.net/media/w/c/5/wc54ha5/ 16 KB
17 KB 29ms
28ms Image
image/jpeg 23.48.23.39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z1photorankmedia-a.akamaihd.net/media/w/c/5/wc54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-39.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 34c2a8889c20d2ff1969c3c21322cf1622c9ef9f6b93906e14d91b94474d8f52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:44 GMT
Server: AmazonS3
x-amz-request-id: 8H5NJSJ2KKJSNYSP
ETag: "69a7dd25f6c27961882dced491b70159"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 16661
x-amz-id-2: +aW7ZzpMeE85gKF7GIcE7YwGemwGx+2UAgU+gAHVVVOLA2EUJaTBRHo7wEEvdnhIVdghKobrRkM=

GET
H/1.1 200
OK mobile.jpg
z2photorankmedia-a.akamaihd.net/media/j/c/5/jc54ha5/ 10 KB
11 KB 70ms
25ms Image
image/jpeg 23.48.23.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z2photorankmedia-a.akamaihd.net/media/j/c/5/jc54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a030d1278a86f565c73fdc619c508f60d4786e2617f802c3c2361b677956dad8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:43 GMT
Server: AmazonS3
x-amz-request-id: NHX1Q4DJZE1PWFR1
ETag: "00807f6b1d876f16e93d6e1be1bd27fd"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 10426
x-amz-id-2: v0nNC5fy8xawhmaGDeBJmhtghSDupaYagnIWWbymsH9jW0aPbLFDSNQJLc7eAVCxTjD8GNyvlEE=

GET
H/1.1 200
OK mobile.jpg
photorankmedia-a.akamaihd.net/media/2/c/5/2c54ha5/ 14 KB
15 KB 121ms
25ms Image
image/jpeg 23.48.23.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photorankmedia-a.akamaihd.net/media/2/c/5/2c54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-22.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3e32815204270933c31b977fccaa39378a7ff166204993c058af2728e4a52691

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:31 GMT
Server: AmazonS3
x-amz-request-id: HHTMSND9N7KT61R0
ETag: "821c1fd8603bd0ff05b1e928523eb589"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 14834
x-amz-id-2: DMX5LmIb1JUf89Xs56Qgd9EeEq46QxnDEZLPf+0myYiF7rlpVkdxBhWR7ptjhsbbUxYcqdgu4kM=

GET
H/1.1 200
OK mobile.jpg
z2photorankmedia-a.akamaihd.net/media/s/b/5/sb54ha5/ 14 KB
14 KB 74ms
30ms Image
image/jpeg 23.48.23.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z2photorankmedia-a.akamaihd.net/media/s/b/5/sb54ha5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 54ed5fcab4f48c57ac55265fb37030d9d775a0d4658c1f2b45711ee56159dd1e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Wed, 03 Apr 2024 04:30:15 GMT
Server: AmazonS3
x-amz-request-id: NVJQ7VMPZPS3FJR2
ETag: "f6fd848df2b7fc41a2298e39a4cd28bd"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 13900
x-amz-id-2: k8d/vz4HYQ6yBCY8L7DlKcDmINSO7CwgQWwP+e/xuMdMO/Hyi+6qL/zvAbK/hZrsR6AGDw9kMpw=

GET
H/1.1 200
OK mobile.jpg
z2photorankmedia-a.akamaihd.net/media/v/5/4/v544ga5/ 11 KB
12 KB 47ms
27ms Image
image/jpeg 23.48.23.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z2photorankmedia-a.akamaihd.net/media/v/5/4/v544ga5/mobile.jpg
Requested by: Host: ua.oriflame.com
URL: https://ua.oriflame.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29d4ce3714aa806cca4ab5c5034eece94e53d4930c3c9ca4cfea4e6d3b997f09

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Last-Modified: Sun, 31 Mar 2024 04:30:41 GMT
Server: AmazonS3
x-amz-request-id: 65K6PT2NJVXMG7JE
ETag: "01315aa6141062b484d78a5b159f5c21"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 11536
x-amz-id-2: ERxztviD/HfUE3crqaNcXFTMxRVdrUmvXxAiykCmYkUO0iI6jd5og5Ti1YOgq3PKAlfDq95DBD4=

OPTIONS
H2 200 web-messenger
api-static.oriflame.com/tenants/ua/localizations/ Frame 0
0 30ms
30ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/web-messenger?lang=uk-UA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489D) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/489D)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 web-messenger Show response
api-static.oriflame.com/tenants/ua/localizations/ 23 B
87 B 16ms
16ms XHR
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/localizations/web-messenger?lang=uk-UA

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489D) /

Resource Hash

397fdb58d6d74b365a3f7b8b2818b83cd3ed98c73dfad0159d5077050cdf95ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 05:58:00 GMT
server: ECAcc (ama/489D)
age: 3287
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 23
expires: Fri, 05 Apr 2024 06:52:52 GMT

OPTIONS
H2 200 0HEHG6cp8R
d38knilzwtuys1.cloudfront.net/api/4/config/loader/ Frame 0
0 106ms
35ms Preflight 2600:9000:2127:fe00:1f:ae8e:2440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38knilzwtuys1.cloudfront.net/api/4/config/loader/0HEHG6cp8R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fe00:1f:ae8e:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.2 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-parse-application-id
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, x-parse-application-id, x-parse-rest-api-key, x-parse-session-token
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 605
date: Fri, 05 Apr 2024 06:42:42 GMT
server: nginx/1.25.2
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
x-amz-cf-id: SGWk0NZbXmcGEp47mbig8GdQhaVKseRxN1v1YerJ1_Oynb0vN4FMlA==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 0HEHG6cp8R Show response
d38knilzwtuys1.cloudfront.net/api/4/config/loader/ 429 B
906 B 35ms
35ms XHR
application/json 2600:9000:2127:fe00:1f:ae8e:2440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38knilzwtuys1.cloudfront.net/api/4/config/loader/0HEHG6cp8R
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fe00:1f:ae8e:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.2 / Express
Resource Hash: 41cc6b7eb4d438dfb48a791930d22a80be5ec5a84f3fb53bea19831ecc6cf10d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Parse-Application-Id: Revieve API
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 05:09:19 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server: nginx/1.25.2
x-amz-cf-pop: PRG50-C1
age: 6230
x-powered-by: Express
etag: W/"1ad-D7hWlITXX879c8th/88Qvzl9BcU"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-headers: Content-Type, x-parse-application-id, x-parse-rest-api-key, x-parse-session-token
content-length: 429
x-amz-cf-id: ZbjEqzdbl9rd3BgstjDbOJJTmFIpDY3Wyt9En7WwRkl3oKKpXmPexw==

GET
H/1.1 403
Forbidden GetUserAccessTokenAsync Show response
ua.oriflame.com/system/ajax/ApiGateway/ 2 KB
1 KB 42ms
42ms Fetch
text/html 20.93.235.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.oriflame.com/system/ajax/ApiGateway/GetUserAccessTokenAsync

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.235.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5df2407e6ce3e592937c5a95a0954e411c5f1e3d71271116215bfeac0037bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-38aad775524c4b8c931ce3c85547e8e6-29a5763958824f54-01
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-fetch-api: 1
Referer: https://ua.oriflame.com/
x-requested-with: XMLHttpRequest
request-id: |38aad775524c4b8c931ce3c85547e8e6.29a5763958824f54
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 788

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ Frame 0
0 20ms
20ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Request-Method: POST
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-client-application,x-tenant-context,x-use-product-data-caching,x-use-products-service
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:47 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 6 KB
2 KB 333ms
333ms XHR
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7098648e4161749d27504c7e3c596c062e0116b962e6f8890d0b2f72e6eff611

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-use-product-data-caching: true
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
x-use-products-service: true
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5ODk5NSwiaWF0IjoxNzEyMjk4OTk1LCJleHAiOjE3MTIzMDI1OTUsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiRUNvbW1lcmNlU3BhQ2xpZW50IiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiVW5UcnVzdGVkIiwianRpIjoiN0Q1NzQwNEE3NTNFMDZBRDk5NTBENDM1MjkzMjlERUQifQ.qIxI73NrncBVlW1oyjdYExk0Uw-KKlMimijUOF4w0XEET4eLkTcvK6B15N5CpYxEkKiZgt9xG-8-5Th6vcMweyrsXpw3liBxYKFLNFtIRBlsXoAUkzSJJkVrZezlBALsaUp_HOUu5IbIJtRdbxC_d0YOIEi4ihYc26lyM9OUNhQCTsxTdc80zGd3HT_EXTqVBlZ-HufEFqco4VMITJTefLQkZc47YXyJMEgQQyinpJ7ADW2kBe2H7LZ_GodLIWDervr_flCX0w534WvhYmVBTZV5stPnMtr_2QYTc-1iStuW7s40FwCFZvtrHZ01BdSsaDmgdnERZIcvYPAeyZ0-JQ
sec-ch-ua-mobile: ?0
x-client-application: @ori/frontpage
Content-Type: application/json
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"1757-znyMG2eisg0TGFewCTREblWijqs"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/ua/bazaarvoice/ 552 B
359 B 16ms
16ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/bazaarvoice/configuration

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C0) /

Resource Hash

69e4900d7615ea7666f7618a425db366ce8f481dce4466e9671df1c8b2f83327

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:28:39 GMT
server: ECAcc (ama/48C0)
age: 1448
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Content-Length,Strict-Transport-Security,Vary
cache-control: public, max-age=3240, stale-while-revalidate=360, stale-if-error=360
content-length: 316
expires: Fri, 05 Apr 2024 06:52:52 GMT

OPTIONS
H2 200 configuration
api-static.oriflame.com/tenants/ua/applications/webMessenger/ Frame 0
0 19ms
19ms Preflight 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/webMessenger/configuration?relativeUrl=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48BA) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenant-context
Access-Control-Request-Method: GET
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-tenant-context
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=5
content-length: 0
date: Fri, 05 Apr 2024 06:52:47 GMT
expires: Fri, 05 Apr 2024 06:52:52 GMT
server: ECAcc (ama/48BA)
strict-transport-security: max-age=16070400; includeSubDomains

GET
H2 200 configuration Show response
api-static.oriflame.com/tenants/ua/applications/webMessenger/ 168 B
225 B 17ms
17ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://api-static.oriflame.com/tenants/ua/applications/webMessenger/configuration?relativeUrl=%2F

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48BA) /

Resource Hash

d972e389b014712129274a54861c2214c36ed8927bdbfbc5d0c7e17d836283ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Fri, 05 Apr 2024 06:49:26 GMT
server: ECAcc (ama/48BA)
age: 201
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,Content-Length,Strict-Transport-Security,Vary
cache-control: public, max-age=540, stale-while-revalidate=60, stale-if-error=60
content-length: 161
expires: Fri, 05 Apr 2024 06:52:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 53ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S4LZ01R85R&gtm=45je4430v882103530za200&_p=1712299967451&gcs=G111&gcd=13r3rPr2r5&npa=0&dma_cps=sypham&dma=1&cid=499566229.1712299968&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fua.oriflame.com%2F&sid=1712299967&sct=1&seg=0&dt=Oriflame%20%7C%20Oriflame%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.data_source=web&ep.page_path_unified=%2F&ep.content_group=Front%20page&ep.period_code=202405&ep.user_logged_in=false&up.market_code=UA&tfd=1043
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S4LZ01R85R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua.oriflame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Apr 2024 07:01:36 GMT

GET
H2 200 genesys.min.js Show response
apps.mypurecloud.de/genesys-bootstrap/ 246 KB
73 KB 108ms
44ms Script
text/javascript 54.93.145.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js

Requested by

Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/web-messenger/1.2.4/37.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.145.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-145-252.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

88d02a35da7f25366e90330e3b82cd2043e8c139249be37ee48dc7837ee92861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: gzip
x-amz-version-id: QZm_h5zv_4b0p.BWe_vzGlRCw_A6jZYE
last-modified: Thu, 28 Mar 2024 03:04:03 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: JS0T4YVXGRHBN1SC
etag: "c6c4edc52df95ad8891299284ff3efdb"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 74477
x-amz-id-2: rAztlS0KdD03ttKgvb3KHzwPgj/gQ1xbpNnn0ZPBNMsV/7mdcwlK5t9DLLBm83gLKSR5NA2ELEg=

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3rPr2r5&rnd=1482143357.1712299968&url=https%3A%2F%2Fua.oriflame.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4430v9180593378za200&auid=1117721501....
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3rPr2r5&rnd=1482143357.1712299968&url=https%3A%2F%2Fua.oriflame.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4430v9180593378za200&aui...

42 B
66 B

34ms
33ms

Ping
image/gif

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3rPr2r5&rnd=1482143357.1712299968&url=https%3A%2F%2Fua.oriflame.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4430v9180593378za200&auid=1117721501.1712299968

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ua.oriflame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3rPr2r5&rnd=1482143357.1712299968&url=https%3A%2F%2Fua.oriflame.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4430v9180593378za200&auid=1117721501.1712299968
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11382798551/ 3 KB
1 KB 83ms
35ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11382798551/?random=1712299968007&cv=11&fst=1712299968007&bg=ffffff&guid=ON&async=1&gtm=45be4430v9180593378za200&gcd=13r3rPr2r5&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fua.oriflame.com%2F&hn=www.googleadservices.com&frm=0&tiba=Oriflame%20%7C%20Oriflame%20Cosmetics&currency_code=UAH&npa=0&pscdl=noapi&auid=1117721501.1712299968&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config%3Bmarket_code%3DUA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11382798551&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

206a3e5b931cd7a4892599863af068d0180604c014ce4c179e3de3518a999387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11382798551/ 3 KB
1 KB 82ms
35ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11382798551/?random=1712299968014&cv=11&fst=1712299968014&bg=ffffff&guid=ON&async=1&gtm=45be4430v9180593378za200&gcd=13r3rPr2r5&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fua.oriflame.com%2F&hn=www.googleadservices.com&frm=0&tiba=Oriflame%20%7C%20Oriflame%20Cosmetics&currency_code=UAH&npa=0&pscdl=noapi&auid=1117721501.1712299968&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Bmarket_code%3DUA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11382798551&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a6a30e0628d118fd60812feae9f658e60933df1654c77952074231b4c2debb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 224633822877613 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 86ms
86ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/224633822877613?v=2.9.152&r=stable&domain=ua.oriflame.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2de62d5433c871fb86f568bd651fa47927e37a40f1e287fd6c87c9b39340f60a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Apr 2024 06:52:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=64, mss=1294, tbw=63248, tp=-1, tpl=-1, uplat=63, ullat=0
pragma: public
x-fb-debug: 90EDWJ36kP58R4TuvJmSl/C34tMmhrxq38QlaTV6629BRebKqXctbUtSi/gIjrOGhVDTgERgq8IeZhx33EMMtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
241 B 57ms
57ms Ping
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://ua.oriflame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 77ms
24ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42172123-19&cid=499566229.1712299968&jid=1359180370&gjid=771056000&_gid=1805631460.1712299968&_u=aChAiEAjBAAAAEAAIC~&z=1722561332

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 Apr 2024 06:52:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ua.oriflame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
99 KB 57ms
56ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8GTNGGDFR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK5GQN

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2e35718827a0aa4f1c297cd190965a475e2965e5c0c06f738ae4b2df47e567e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101350
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Apr 2024 06:52:48 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11382798551/ 42 B
64 B 34ms
33ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11382798551/?random=1712299968007&cv=11&fst=1712296800000&bg=ffffff&guid=ON&async=1&gtm=45be4430v9180593378za200&gcd=13r3rPr2r5&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fua.oriflame.com%2F&frm=0&tiba=Oriflame%20%7C%20Oriflame%20Cosmetics&currency_code=UAH&npa=0&data=event%3Dgtag.config%3Bmarket_code%3DUA&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqjKcaaq0Tv__leu4xzQ6iKS6h632qzg&random=477760552&rmt_tld=0&ipr=y

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/11382798551/ 42 B
455 B 91ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/11382798551/?random=1712299968007&cv=11&fst=1712296800000&bg=ffffff&guid=ON&async=1&gtm=45be4430v9180593378za200&gcd=13r3rPr2r5&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fua.oriflame.com%2F&frm=0&tiba=Oriflame%20%7C%20Oriflame%20Cosmetics&currency_code=UAH&npa=0&data=event%3Dgtag.config%3Bmarket_code%3DUA&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqjKcaaq0Tv__leu4xzQ6iKS6h632qzg&random=477760552&rmt_tld=1&ipr=y

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11382798551/ 42 B
64 B 35ms
34ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11382798551/?random=1712299968014&cv=11&fst=1712296800000&bg=ffffff&guid=ON&async=1&gtm=45be4430v9180593378za200&gcd=13r3rPr2r5&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fua.oriflame.com%2F&frm=0&tiba=Oriflame%20%7C%20Oriflame%20Cosmetics&currency_code=UAH&npa=0&data=event%3Dconversion%3Bmarket_code%3DUA&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqHw4KPif8upndjSlJ0KDRi3NyOTxY1A&random=2179825582&rmt_tld=0&ipr=y

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/11382798551/ 42 B
108 B 171ms
113ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/11382798551/?random=1712299968014&cv=11&fst=1712296800000&bg=ffffff&guid=ON&async=1&gtm=45be4430v9180593378za200&gcd=13r3rPr2r5&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fua.oriflame.com%2F&frm=0&tiba=Oriflame%20%7C%20Oriflame%20Cosmetics&currency_code=UAH&npa=0&data=event%3Dconversion%3Bmarket_code%3DUA&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqHw4KPif8upndjSlJ0KDRi3NyOTxY1A&random=2179825582&rmt_tld=1&ipr=y

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 06:52:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 76ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=224633822877613&ev=PageView&dl=https%3A%2F%2Fua.oriflame.com%2F&rl=&if=false&ts=1712299968125&cd[market_code]=UA&cd[currency]=UAH&sw=800&sh=600&v=2.9.152&r=stable&ec=0&o=4126&fbp=fb.1.1712299968123.1513981661&hmd=bf3399c52be095eb7627b4b5&pl=https%3A%2F%2Fua.oriflame.com%2F&cs_est=true&ler=empty&cdl=API_unavailable&it=1712299968026&coo=false&tm=1&rqm=GET

Requested by

Host: ua.oriflame.com
URL: https://ua.oriflame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Apr 2024 06:52:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK domains.json Show response
api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/ 44 B
696 B 132ms
36ms XHR
application/json 65.9.95.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/domains.json
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-124.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78bd6ee8a2fce4c0294729fa7db73d0d370298f2f5738b53ecbf229f85171942

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:51:47 GMT
Via: 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Age: 62
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 44
Last-Modified: Thu, 25 Jan 2024 13:31:46 GMT
Server: AmazonS3
ETag: "bd0b814b289c55fd0f2d0cd84ca3acd5"
Vary: Accept-Encoding,Origin
Access-Control-Allow-Methods: GET, POST, PUT
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=120,s-maxage=120
Accept-Ranges: bytes
X-Amz-Cf-Id: 8cpyPA5hDUiyIU_ggztOBYGhOB2w9ys-QLOh7d_StOEqXuewYrcrHg==

POST
H/1.1 200
OK collect
sst.revieve.com/g/ 0
483 B 140ms
64ms Ping
text/plain 34.22.171.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sst.revieve.com/g/collect?v=2&tid=G-K8GTNGGDFR&gtm=45je4430v895185803za200&_p=1712299967451&gcs=G111&gcd=13v3vPr2r5&npa=0&dma_cps=sypham&dma=1&cid=499566229.1712299968&ul=en-us&sr=800x600&_fplc=0&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712299968&sct=1&seg=0&dl=https%3A%2F%2Fua.oriflame.com%2F&dt=Oriflame%20%7C%20Oriflame%20Cosmetics&en=page_view&_fv=1&_ss=1&_ee=1&ep.partner_id=0HEHG6cp8R&ep.experience_id=&ep.identifier=Oriflame%20EU%20Ukraine%20Skincare&tfd=1294
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8GTNGGDFR&l=dataLayer&cx=c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.22.171.98 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.171.22.34.bc.googleusercontent.com
Software: nginx/1.25.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:48 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK config.json Show response
api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/ 1 KB
1 KB 36ms
36ms XHR
application/json 65.9.95.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.mypurecloud.de/webdeployments/v1/deployments/db85989b-a7fb-4b00-936f-c8e3e22a2104/config.json
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-124.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3509bf6d9fcaab79904f80b95cde6b3c5411fbe90e3801c25ba1e14d3edd392a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:51:47 GMT
Content-Encoding: gzip
Via: 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Age: 62
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 25 Jan 2024 13:31:46 GMT
Server: AmazonS3
ETag: W/"0858a3ff5630a612dc981654caa99305"
Vary: Accept-Encoding,Origin
Access-Control-Allow-Methods: GET, POST, PUT
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=120,s-maxage=120
X-Amz-Cf-Id: Wka1bcIRtJr9J_Sd9jGJukc5q2IEbrypPzvab7NAT3OlblQ9nUKGQA==

GET
H2 200 favicon.ico
static.oriflame.com/favicons/online/v1/ 5 KB
6 KB 64ms
16ms Other
image/x-icon 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oriflame.com/favicons/online/v1/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CF) /
Resource Hash: 538dadcf074718a9222c26947645cdc3e01f6619e86d0ad481c4df0e6ccc00f9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:48 GMT
content-md5: 6kkBkayZeGkBbPno75rAVw==
age: 446338
x-cache: HIT
content-length: 5430
x-ms-lease-status: unlocked
last-modified: Wed, 18 Jan 2023 20:19:59 GMT
server: ECAcc (ama/48CF)
etag: 0x8DAF9915F590497
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: a4a5337d-001e-0090-6f16-835a52000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 12 Apr 2024 06:52:48 GMT

GET
H2 200 offersHelper.min.js Show response
apps.mypurecloud.de/journey/messenger-plugins/ 13 KB
5 KB 23ms
22ms Script
text/javascript 54.93.145.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/journey/messenger-plugins/offersHelper.min.js

Requested by

Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.145.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-145-252.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d062242d8d52402eee46fdeeae777a9904c56ce6cb73ac20d10c6df8e37c03dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: gzip
x-amz-version-id: gyaRgKcL_pX4U35DyVCpqd32ZfoPXZlf
last-modified: Mon, 25 Mar 2024 11:20:25 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: ZTNZN71S963CJNHR
etag: "a9b7e3be96255a59ca32b3159ea791f9"
content-type: text/javascript
cache-control: max-age: 600
content-length: 5195
x-amz-id-2: tVJSPbPG8R9fBzkhIH1qEa+l3ZdUk3izsLIXg4tqmbk16QvziRH+Opq3BD+BDp+8gugZ6mucRZI=

GET
H2 200 messenger.html
apps.mypurecloud.de/messenger/ Frame C2D6 0
0 66ms
23ms Document
text/html 18.192.191.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/messenger/messenger.html

Requested by

Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.192.191.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-191-9.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ua.oriflame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 05 Apr 2024 06:52:48 GMT
etag: W/"1404b75da8e2bb3dc0247b949a748afe"
last-modified: Tue, 02 Apr 2024 13:35:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: lJ7VZ06b8qBmotnPu1Ole+j2J0Ycig4B9M/B5ds9c3Axf3aX3ijliiz4sHPVXlHtrNaF2vKPyBw=
x-amz-request-id: HJJRZKD33XNH6ERH
x-amz-version-id: Egti0qFAf6IRzb_4DWuRcv7zla5vN2pe

GET
H2 200 messenger-renderer.html
apps.mypurecloud.de/messenger/ Frame 43AC 0
0 64ms
22ms Document
text/html 18.192.191.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.de/messenger/messenger-renderer.html

Requested by

Host: apps.mypurecloud.de
URL: https://apps.mypurecloud.de/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.192.191.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-191-9.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ua.oriflame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 05 Apr 2024 06:52:48 GMT
etag: W/"5e33c9db52cede671fbd6ced2fa68603"
last-modified: Tue, 02 Apr 2024 13:35:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: STWHbNgHtrMFvvIbJPtSKaLjimXqhQsVxrUTEgd8ID/IrevfIapkL7LtWL6s34ZAp8PtMcuOhi0=
x-amz-request-id: F3AQ755Q061CV81Q
x-amz-version-id: 2meds8fQBL5KFWr9otYXvOKXw4Grwen2

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ Frame 0
0 21ms
21ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:48 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 556 B
2 KB 45ms
45ms Fetch
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a424b37ccff01d2aa5a8348fd094154ff3ce7a75b12db205d8f1e2f7dafd83c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5NzUwMywiaWF0IjoxNzEyMjk3NTAzLCJleHAiOjE3MTIzMDExMDMsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiQXBwU2hlbGxGcm9udGVuZCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IlVuVHJ1c3RlZCIsImp0aSI6IkEzOTYxRTJDNDA5MUIzQ0JENDI1MjVGMkU5QzJERTBBIn0.V_SuQOwxPhRQbFdrMltSN_ncWMlFY-QQiDJb_i9GiDeEHyD0vryqXQfHGD72KwbjUkrYrMJpwnstsC0mcXKzJimK9K8EdQmE7qdEVWsSbAsatn9d0ZreguL1rDKII6C02ChOQJ6c8aIMu2QlaXw2Y9vE4W7MTAYHbA5ZV97UKwiZl4r8iXCd9e2Tvak5SpcJq4gVpxjtSLiyZlJ0rpuHL8UlxOdl_6NHVKovK75Egbdn2DlVpTFfXrosbgeCswLSUhPAsk8yYEq_4pT_x5R9bC7dTX7Dp8fRTNhHHI5LalbixbOxrMAKM9jJiA_WwNeCKTQo846B29PFMMvQp0shYw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:48 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"22c-MqN+ZV07KolNeTKvPGEePY+FQFk"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 556
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

OPTIONS
H/1.1 204
No Content graphql
graphql-we.oriflame.com/ Frame 0
0 20ms
20ms Preflight 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-tenant-context
Access-Control-Request-Method: POST
Origin: https://ua.oriflame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-tenant-context
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 05 Apr 2024 06:52:48 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Access-Control-Request-Headers
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

POST
H/1.1 200
OK graphql Show response
graphql-we.oriflame.com/ 556 B
2 KB 47ms
46ms Fetch
application/json 20.93.237.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql-we.oriflame.com/graphql

Requested by

Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/pages/_app-26ae3dd2296770e8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.93.237.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a424b37ccff01d2aa5a8348fd094154ff3ce7a75b12db205d8f1e2f7dafd83c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: nl-NL,nl;q=0.9
x-tenant-context: ua
sec-ch-ua-mobile: ?0
authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk1MUFCRTE1NURGQkVDRjMwOUFDNEExNjYxNzExMzZEQTVGOUExNzciLCJ4NXQiOiJsUnEtRlYzNzdQTUpyRW9XWVhFVGJhWDVvWGMiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lkZW50aXR5Lm9yaWZsYW1lLmNvbSIsIm5iZiI6MTcxMjI5ODk5NSwiaWF0IjoxNzEyMjk4OTk1LCJleHAiOjE3MTIzMDI1OTUsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkub3JpZmxhbWUuY29tL3Jlc291cmNlcyIsInNjb3BlIjpbIm9ubGluZV9hcGkiXSwiY2xpZW50X2lkIjoiRUNvbW1lcmNlU3BhQ2xpZW50IiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoiVW5UcnVzdGVkIiwianRpIjoiN0Q1NzQwNEE3NTNFMDZBRDk5NTBENDM1MjkzMjlERUQifQ.qIxI73NrncBVlW1oyjdYExk0Uw-KKlMimijUOF4w0XEET4eLkTcvK6B15N5CpYxEkKiZgt9xG-8-5Th6vcMweyrsXpw3liBxYKFLNFtIRBlsXoAUkzSJJkVrZezlBALsaUp_HOUu5IbIJtRdbxC_d0YOIEi4ihYc26lyM9OUNhQCTsxTdc80zGd3HT_EXTqVBlZ-HufEFqco4VMITJTefLQkZc47YXyJMEgQQyinpJ7ADW2kBe2H7LZ_GodLIWDervr_flCX0w534WvhYmVBTZV5stPnMtr_2QYTc-1iStuW7s40FwCFZvtrHZ01BdSsaDmgdnERZIcvYPAeyZ0-JQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://ua.oriflame.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 06:52:48 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: W/"22c-MqN+ZV07KolNeTKvPGEePY+FQFk"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 556
request-context: appId=cid-v1:d84d4ee0-b190-43ae-890a-42be861d8eb9

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/genesys-widget/ 805 B
1 KB 23ms
23ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/genesys-widget/index.js
Requested by: Host: assets-we-cdn.oriflame.com
URL: https://assets-we-cdn.oriflame.com/appshell-frontpage-cis/_next/static/chunks/main-9f556ff80afb4a17.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f3a09ebc4a276a42e26bf432c328dea9ffa111d67234fc5e9ce92d7510e8865a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:48 GMT
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 805
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 13:19:22 GMT
etag: 0x8DBE5145157575F
x-azure-ref: 20240405T065248Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dxbh
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e785d19b-201e-002e-02ec-84b1fd000000
cache-control: public, max-age=900
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 index.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 3 KB
2 KB 22ms
22ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/genesys-widget/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3328973433524eaa4b0b8c8e621e8f7e54298f0c18aadf213ddeca8ab5991a23

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
Origin: https://ua.oriflame.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
last-modified: Tue, 14 Nov 2023 13:17:30 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065248Z-9v535mnzgx4brev2bws9ym90cw00000000zg00000000dxbk
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d7a1a2d-301e-001d-77e4-84ee56000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0
x-cache-info: L1_T2

GET
H2 200 599.chunk.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 297 KB
119 KB 52ms
51ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/599.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e53c666ff2715e7030c18ad78aa919f1868ab4efdb69c3b2337a010148a6b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
last-modified: Tue, 14 Nov 2023 13:17:30 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065248Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6y9
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3cade053-b01e-0003-6671-78028e000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 793.chunk.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 21 KB
8 KB 52ms
52ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/793.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b081d76f3c7e5f5e2afa2d5676cf8977d7fd1cce6de06942af0956c3a0906c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
last-modified: Tue, 14 Nov 2023 13:17:30 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065248Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6ya
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 498b1015-901e-003b-277b-78a64e000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 347.chunk.js Show response
clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/ 32 KB
9 KB 89ms
89ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/347.chunk.js
Requested by: Host: clientapp-cdn.oriflame.com
URL: https://clientapp-cdn.oriflame.com/static/genesys-widget/1.14.0/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ba556e73fe7084c27a99f57ebdc36f6a06e6d677b33fdee02c7ed265af085f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ua.oriflame.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 05 Apr 2024 06:52:48 GMT
content-encoding: br
last-modified: Tue, 14 Nov 2023 13:17:30 GMT
vary: Accept-Encoding
x-azure-ref: 20240405T065248Z-8d3vgzgm4h27me8qahp5fa7fyg0000000ce000000000k6z2
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c4b1ca5a-a01e-000f-1d2b-7d9586000000
cache-control: public, max-age=900
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ua.oriflame.com
URL: https://ua.oriflame.com/system/ajax/stickybar/VipAccessJson

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ua.oriflame.com/	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: JHPOAEPENHAHPKJDLKGHLNCDGPBJFCEILEOBMFANOJIMMBFNLPLHCGDKAIKABIAILNBDOGFLEPNKLLANECOAOFJFHJPMDJCOPOMLDNIBGAOCBDAGCOPFFCAGLLGNDHAH
ua.oriflame.com/	1969-12-31 23:59:59	Name: TS016b9dbf Value: 014b5de841e7b2191e61faf3ef55118156470238f214b86ad04d820bd45ccebfbc95646b6493acdb3b146d69116691189773b34d1c
ua.oriflame.com/	1970-01-21 04:23:55	Name: ai_user Value: 3Xv+g6z5u/l+GwC4z3wiO/\|2024-04-05T06:52:47.407Z
ua.oriflame.com/	1969-12-31 23:59:59	Name: UserKey Value: extranet-Anonymous
ua.oriflame.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fomqlqqvpqntsviqpgybkagj
ua.oriflame.com/	1970-01-21 05:14:19	Name: OriTracking Value: c60a752d-71da-40a3-b0a7-71fb98e63103
ua.oriflame.com/	1970-01-20 19:38:21	Name: ai_session Value: TMXetr/tJXhYdCYRpzFhm9\|1712299967476\|1712299967476
ua.oriflame.com/	1969-12-31 23:59:59	Name: TS01f59f10 Value: 014b5de8419f6cd5883001696380fbc22b115af15131911cd300c733ceec0dc465feaf93e2bac9c916b63c7b33219c65e63dd94434
ua.oriflame.com/	1969-12-31 23:59:59	Name: TSc726feed027 Value: 08afc1cc77ab20007915fe14ca47951fb928308d5c2c645c45b3e61638b1cc461b2d2aa67c2b1876087885aca711300024f33b0d11a34b01ff6007cd892defab6432c3d5ca745ca0961efd9c134a5cfe8305f67591e28dbd0e877663b6e14eff
ua.oriflame.com/	1969-12-31 23:59:59	Name: ShoppingKey Value: -1
ua.oriflame.com/	1970-01-21 05:14:19	Name: revieve-userid Value: KEVZPhsYrTlBwlZFY1flx
.oriflame.com/	1970-01-21 05:14:19	Name: _ua_ga_S4LZ01R85R Value: GS1.1.1712299967.1.0.1712299967.0.0.0
.oriflame.com/	1970-01-21 05:14:19	Name: _ua_ga Value: GA1.1.499566229.1712299968
.oriflame.com/	1970-01-20 19:39:46	Name: _gid Value: GA1.2.1805631460.1712299968
.oriflame.com/	1970-01-20 21:47:55	Name: _gcl_au Value: 1.1.1117721501.1712299968
.oriflame.com/	1970-01-20 19:38:20	Name: _gat Value: 1
.ua.oriflame.com/	1970-01-21 05:14:19	Name: _ga Value: GA1.3.499566229.1712299968
.ua.oriflame.com/	1970-01-20 19:39:46	Name: _gid Value: GA1.3.1805631460.1712299968
.oriflame.com/	1970-01-20 21:47:55	Name: _fbp Value: fb.1.1712299968123.1513981661
.doubleclick.net/	1970-01-21 04:59:55	Name: IDE Value: AHWqTUk3gf6wbVrIIXA-huht23rr549FZo_7BknZNXy8shDy51T56CTRQr40Kg8Y
.oriflame.com/	1970-01-21 05:14:19	Name: _ga_K8GTNGGDFR Value: GS1.1.1712299968.1.0.1712299968.0.0.0
.oriflame.com/	1970-01-21 05:14:19	Name: _ga Value: GA1.1.499566229.1712299968

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ua.oriflame.com/system/ajax/ApiGateway/GetUserAccessTokenAsync Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://d38knilzwtuys1.cloudfront.net/revieve-plugin-v4/revieve-plugin-loader.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://ua.oriflame.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ua.oriflame.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/224633822877613?v=2.9.152&r=stable&domain=ua.oriflame.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 117) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://ua.oriflame.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ua.oriflame.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ua.oriflame.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

510008967.collect.igodigital.com
api-cdn.mypurecloud.de
api-static.oriflame.com
apps.mypurecloud.de
assets-we-cdn.oriflame.com
clientapp-cdn.oriflame.com
connect.facebook.net
d38knilzwtuys1.cloudfront.net
googleads.g.doubleclick.net
graphql-we.oriflame.com
photorankapi-a.akamaihd.net
photorankmedia-a.akamaihd.net
region1.google-analytics.com
sst.revieve.com
static.oriflame.com
stats.g.doubleclick.net
ua.oriflame.com
we-api.oriflame.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
z1photorankmedia-a.akamaihd.net
z2photorankmedia-a.akamaihd.net
ua.oriflame.com
142.250.186.132
172.217.18.2
18.192.191.9
2.22.242.224
20.103.99.71
20.93.235.242
20.93.237.24
2001:4860:4802:34::36
216.58.206.72
23.48.23.14
23.48.23.22
23.48.23.39
2600:9000:2127:fe00:1f:ae8e:2440:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:46::45
2a00:1450:4001:803::200e
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.22.171.98
54.154.82.5
54.93.145.252
65.9.95.124
02a2f300d1711ef31b742b54e38dc4777ca7bc8b65fc77bdac0b0a2ae32fc5d3
06d46fbb7a9ec8a6db527c54acc5151fc40328ff3efdb2eb2e8ab2eb41b46ba2
0a00f1bed95d9cb64e34d78a4810fa7b606d9090e6401415a84b407279b1d7d4
0a689066c9f4807296236551bcc515aee583d2cea5782e694ca6ccc011d4c005
0bdee609674a383c73154f3b4b4010c9b96288d0c914d3f4818c70272b3767d7
0e23b74267fb7fb18a7e77082053f49fefece530d226dd55353361f7e3446804
0f5c56e6fccc44cda4927612bec3bc88df567e55805707e4d53ea302665b7067
1034ff61c6c1740148f03486e5a7e0137fce00e70b4b3fe261bf50a78acc7512
137794f6402d2aaf76d057b1093a862f2f34fad1ee57dc6d5e7a117af0fb28fc
17642e2219e0fdf3143e1bff790c32bc067586ea4f13e0f511e1696d0dd71214
1d9a91b98c4d61a2c0d89919072a718fd2cf282df9a3e433b7742d97d27e01b5
206a3e5b931cd7a4892599863af068d0180604c014ce4c179e3de3518a999387
277dc49ec7db4f6748cffb5f9ff7fa8e6e39fb9bea8e8f94bfa80f6e9736fc34
29d4ce3714aa806cca4ab5c5034eece94e53d4930c3c9ca4cfea4e6d3b997f09
2de62d5433c871fb86f568bd651fa47927e37a40f1e287fd6c87c9b39340f60a
2e35718827a0aa4f1c297cd190965a475e2965e5c0c06f738ae4b2df47e567e6
2e905def3de6f3deab2121df20330cfe44d79566770f3c9819acc0e6b9d399e9
2f23cf4fa8542e5624cdd26815327a167cf62984eca6f244f0a2f399a04e3477
3328973433524eaa4b0b8c8e621e8f7e54298f0c18aadf213ddeca8ab5991a23
34c2a8889c20d2ff1969c3c21322cf1622c9ef9f6b93906e14d91b94474d8f52
3509bf6d9fcaab79904f80b95cde6b3c5411fbe90e3801c25ba1e14d3edd392a
35210f60f9b183a4b50509cfac68b13208e670453f85c22a9e344f226facb67b
376b936162580acef2fb006d53dfb5be47031613e2b373411e6f3bf35baab7bd
38e8c9dd606feaa5db66532f640c6386c860a649c85ff51ce38f9284333d1fef
397fdb58d6d74b365a3f7b8b2818b83cd3ed98c73dfad0159d5077050cdf95ce
3b081d76f3c7e5f5e2afa2d5676cf8977d7fd1cce6de06942af0956c3a0906c5
3b149bff5cbf1fa99c7c0af833e330b90feb2b28bbe3f70a29fd7703996d82f6
3ba556e73fe7084c27a99f57ebdc36f6a06e6d677b33fdee02c7ed265af085f3
3e32815204270933c31b977fccaa39378a7ff166204993c058af2728e4a52691
3e55e9264cb946bfc827cebf1d1f7085c8268b38ef51d18f84d1c4a10be87b51
41cc6b7eb4d438dfb48a791930d22a80be5ec5a84f3fb53bea19831ecc6cf10d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4434539343ed760dce613deedb98ddbcae2ac2c4d5ce78833a07e2c09d13db55
44a3c1b04217cc5427e85f1b2cd5840396e4862ecd76c4c999920e00cec8d442
45f79b62528386c37303ace88633de80dc7dfecf365eca75a48a616f83635252
476414fa1315ab3614857a4a4acff8f112667bf97bc8106e83bf5add09345006
47e8bf09cd6d76b9e46274c04450f4ebbb0732705ff71bb1347e6256c630b580
4c18728afd784259d9f58cb89e53a1a9de32a13096a6507ea8662337c40a842d
5388cfb833c6626e5185d691c8fa701a94ec5e8259a23d351a2a3f039258a711
538dadcf074718a9222c26947645cdc3e01f6619e86d0ad481c4df0e6ccc00f9
54ed5fcab4f48c57ac55265fb37030d9d775a0d4658c1f2b45711ee56159dd1e
565d13c9ce0f6023cb5c938558d45b13e8777a89811de888ac5d54921b5aafd2
56cf28c459f6d029e8262cd8cf87e6dedf330afff3742e729953576c94aab494
589615fe4fb715b83513a7854eab31bd2c05cccfc8988ba72dc336ad2233ef9c
5e277513caf8b436876be440050b712a68f8c3f7f42e70d0c150ce3ea3db4c3a
64f3f874dee3371f0807d96752cceac660dece0494232d048d50bc02912964a4
69c640fc7411481ddfce3e87f9c8d4bfc121c5bbeee048c40e457baa0778e2b7
69e4900d7615ea7666f7618a425db366ce8f481dce4466e9671df1c8b2f83327
6a14a6736fa76168cb0468160d350097d2c9218037ffd580fac4a38b12f15c4e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d38c3fe7eb820b77b42c2a374062b56d279dbea21c0578f3d8f3ce145dc338b
701a2a768e0b69237e169bd9cc615aee20452482d029fd22b7aa2ac79a28ce51
7098648e4161749d27504c7e3c596c062e0116b962e6f8890d0b2f72e6eff611
78bd6ee8a2fce4c0294729fa7db73d0d370298f2f5738b53ecbf229f85171942
79dadb94567b1b4639eab25b45645c8f626a1b246edd32141129b9945b023df4
7d359f12e4806447bdbbd2c192cbc24c4f68b1bdc7800359f3a964ec8b724096
81dfdcd201a18edc118a4a57fa07bbdd1da94c525131ac161a9d3c6358694d82
824ba8df70d2602971ac123675a4d02311c1158e69d4597963f979833ee4c77d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8665666021c96cea85a8e428955679cc38706a90ab218a093d1d1f72ff6db777
86b0885b77280ea96e164e8edb7bdb293771fb6f4eeec5de073edd6a1a976550
88b6fab9476eff09a650dd87d9f8d8571605336e28cc3a244e2179072013ac66
88d02a35da7f25366e90330e3b82cd2043e8c139249be37ee48dc7837ee92861
8c9de0958940a236b21de58b5d4060f36b0d9f85dba9cf4abfb9068fdd01ca9d
8dc28f65a1071b16f0df2d3e494f8f4358632756a7e3d2bf593be9eebe8e48ba
8eecf7ca4197e4b9478fd0e20546e4808c38c02aba94ca5a12ce275eec5f0e7e
8ef438ce61ea82729616d43952e0d40ae8efbf78547f1f33807f5a79ef634479
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98810433d4b06b0513234032dac73318c0ffcaba457ba3034cdcc788748828ff
9a58e1ac95397d9dcb5277b79f596fcf2443224810f570d43342bd4b05e35a51
9aec408f11dbf01d65968b0b6ac966385783b2022bea87dac54894979219c76a
9f1fadf61f30a3aadd8ea1c876ccfcff4ca193d2a5e58ae716b81e457557fb89
9f7a5363b6358b78151290c37fdb2f90ba18553cc1e87ce22ddb8ada626303b1
a030d1278a86f565c73fdc619c508f60d4786e2617f802c3c2361b677956dad8
a0e53c666ff2715e7030c18ad78aa919f1868ab4efdb69c3b2337a010148a6b2
a150bb5483cb315d11a809402e98626d9e66a7d2aa1be6afe6cacb55895e4aa6
a1fd186daf9c21430d06435ffd2ca8f96e43702b2d6aebd0523a1429c3f77f5a
a2aac6320b1399d98e193000ee859ebcfbb4c29b72939e5770487e385d711101
a424b37ccff01d2aa5a8348fd094154ff3ce7a75b12db205d8f1e2f7dafd83c1
a63ededc02db05692509d12688ace4b334aeee7d6f0cc6c43adfe2b3fb7fcd4b
a6a30e0628d118fd60812feae9f658e60933df1654c77952074231b4c2debb71
a806795d78fa709d99d9fe068429b06ac47b6411f7693b721adf17521f8a6de2
adcb78ab17cdadedba372257b030cbb9df99627f497a2d99bd9ccfbd73a2b340
ae025418eb73f6a0cde405dbdbed8867e67e2c39aad968e75bc64a94f3ba0a1d
b24f3f47d00474b1cb99d0962a93adef5b10225427297072cd2b4378b79f3b70
b3650515603d4df0e4dae59d31fd4527b0d274b904174838bfc490ea36f630ba
b7a1a3458e1c41c493dd8df0bffb946e83717661069c46060eccef79a9f3892e
b8ab4f375256967844ba4a6d254d56a378705a72d9faf03f3c68a798d03db2ae
bba9659a3c5f0439240bc54c24fddeed1aa348546bc95fa7fa13366fb76ca8fd
bff0303823a5dc0f3b6aa69e4461f99c4b7157eb94b46c1d294ddf4eb675b629
c14d28b61cfdd67f9f52a361e57331b379f22fd3388c353e250ad3aac9b899e0
c4dac3ea46487fe9062b388b4211a0d2bc7ef393fac47f5b8500b68c27da906a
c56ef88f573697a7f1942be9714c3a3d0bbed32501f3bd814e3ab6c07f657f5c
c5df2407e6ce3e592937c5a95a0954e411c5f1e3d71271116215bfeac0037bcc
ca43a84357402328702af8b8e5f290dafeeeac4e18cbb5e2a6762e6e4d9ce21f
cb44486b0c1517340550173072f3860446969f72eb8510b2e4448d2314e0d81d
ccdc303bca1ab049dcf7770ef10119acb549dd918751ec33ea5e8641bd5e2244
d062242d8d52402eee46fdeeae777a9904c56ce6cb73ac20d10c6df8e37c03dd
d2a9d1d121c61bcafd1cc1528fe3f8b286d146369dbd06122d45d6647a5add0d
d972e389b014712129274a54861c2214c36ed8927bdbfbc5d0c7e17d836283ad
da8a7e834c9cad9e4ec21e0613296c8ff330062954291adf5760842a30b1e550
dc3cc4150505a445999c32dadc2d9f6de8234c3208ff159b8f4ef828b9e2f75d
dce43d4ed0e27f55b328358e639fee633cd81ac9758a83e33921fa7de0e98d95
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93e0a2578803e25c01fc5f9ee94d48f452168cc83b2e1fe9d693881e3e86502
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
ede56e45a1aaf07e7e0d0ddfffea0e7f88e1543f156fe49d235cb6435b5b3234
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82ec18197588ae3a839b7f956a3536dcccb065cf54c7a41aeaf1f1128bf538
f262c93918e12be57fab092bd9f097e3771bfd97781847555b75f65a6654edc2
f3a09ebc4a276a42e26bf432c328dea9ffa111d67234fc5e9ce92d7510e8865a
f55cfc8980a763ff5b9e6b28c54349247a5392c5a33a801bf354d2ec3ad5f36c
fd8789cc16837b6ca60f59eb2eeefb313321987040a27ec04317e80a55077111
fe7cbc3f647473af53b0e9d9f4c57a0775c1c556f1ded3ed1bc1883ee4dd6352

ua.oriflame.com Open in urlscan Pro 20.93.235.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

99 %HTTPS

40 %IPv6

13 Domains

25 Subdomains

26 IPs

5 Countries

2428 kBTransfer

7180 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ua.oriflame.com Open in urlscan Pro
20.93.235.242 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

99 %
HTTPS

40 %
IPv6

13
Domains

25
Subdomains

26
IPs

5
Countries

2428 kB
Transfer

7180 kB
Size

22
Cookies

161 HTTP transactions
0 data transactions