urlscan.io logo urlscan.io
SecurityTrails logo

bien-etre.alternatif-bien-etre.com Open in urlscan Pro
18.196.95.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/4063998663.html
Effective URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Submission: On June 18 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 26 HTTP transactions. The main IP is 18.196.95.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is bien-etre.alternatif-bien-etre.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 26th 2020. Valid for: 3 months.
This is the only time bien-etre.alternatif-bien-etre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:41d0:100... 16276 (OVH)
1 3 2001:41d0:700... 16276 (OVH)
2 2001:41d0:2:d... 16276 (OVH)
1 2 3.248.141.37 16509 (AMAZON-02)
2 2 35.190.16.14 15169 (GOOGLE)
1 1 2600:1901:0:3... 15169 (GOOGLE)
1 1 104.155.63.91 15169 (GOOGLE)
1 18.196.95.178 16509 (AMAZON-02)
2 13.35.254.91 16509 (AMAZON-02)
2 13.35.254.6 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
11 13.226.156.68 16509 (AMAZON-02)
1 35.169.75.196 14618 (AMAZON-AES)
26 11
1    2001:41d0:1000:81d:: (France)

ASN16276 (OVH, FR)
ml.actu.cosmopolitan.fr
3    2001:41d0:700:3b57:: (France)

ASN16276 (OVH, FR)
wtm.actu.cosmopolitan.fr
2    2001:41d0:2:dbba:: (France)

ASN16276 (OVH, FR)
r.phywi.org
2    3.248.141.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-141-37.eu-west-1.compute.amazonaws.com
er.cloud-media.fr
2    35.190.16.14 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    2600:1901:0:37f::a:1 (United States)

ASN15169 (GOOGLE, US)
pws.actu.cosmopolitan.fr
1    104.155.63.91 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 91.63.155.104.bc.googleusercontent.com
csync.pwspace.com
1    18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
bien-etre.alternatif-bien-etre.com
2    13.35.254.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-91.fra6.r.cloudfront.net
builder-assets.unbounce.com
2    13.35.254.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-6.fra6.r.cloudfront.net
assets.ub-analytics.com
1    2606:4700:3035::6812:21d2 (United States)

ASN13335 (CLOUDFLARENET, US)
cookieinfoscript.com
11    13.226.156.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-68.dus51.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    35.169.75.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-75-196.compute-1.amazonaws.com
events.ub-analytics.com
Domain Requested by
11 d9hhrg4mnvzow.cloudfront.net bien-etre.alternatif-bien-etre.com
3 wtm.actu.cosmopolitan.fr 1 redirects wtm.actu.cosmopolitan.fr
2 assets.ub-analytics.com bien-etre.alternatif-bien-etre.com
assets.ub-analytics.com
2 builder-assets.unbounce.com bien-etre.alternatif-bien-etre.com
2 redirect.frontend.weborama.fr 2 redirects
2 er.cloud-media.fr 1 redirects wtm.actu.cosmopolitan.fr
2 r.phywi.org wtm.actu.cosmopolitan.fr
1 events.ub-analytics.com bien-etre.alternatif-bien-etre.com
1 cookieinfoscript.com bien-etre.alternatif-bien-etre.com
1 bien-etre.alternatif-bien-etre.com wtm.actu.cosmopolitan.fr
1 csync.pwspace.com 1 redirects
1 pws.actu.cosmopolitan.fr 1 redirects
1 ml.actu.cosmopolitan.fr
0 ep.la-meteo-mail.fr Failed wtm.actu.cosmopolitan.fr
26 14

This site contains links to these domains. Also see Links.

Domain
alternatif-bien-etre.com
cookieinfoscript.com
Subject Issuer Validity Valid
*.phywi.org
Gandi Standard SSL CA 2		 2020-02-11 -
2022-02-11		 2 years crt.sh
*.cmrt.io
Amazon		 2019-10-11 -
2020-11-11		 a year crt.sh
bien-etre.alternatif-bien-etre.com
Let's Encrypt Authority X3		 2020-04-26 -
2020-07-25		 3 months crt.sh
*.unbounce.com
Amazon		 2020-04-08 -
2021-05-08		 a year crt.sh
*.ub-analytics.com
Amazon		 2020-06-08 -
2021-07-08		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-12 -
2020-10-09		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Frame ID: 450546CF3DEB28E3E0E71A05FB6C7228
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/4063998663.html Page URL
  2. http://wtm.actu.cosmopolitan.fr/w/137975/94b6613322820b9fd7ed95e4774bd009/1835/537/?mid=95856babfd7bcfdddb70... HTTP 302
    http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws... Page URL
  3. https://pws.actu.cosmopolitan.fr/ndc/990WJEKR?ps_ee=94b6613322820b9fd7ed95e4774bd009&ps_g=MME&ps_a=1950&ps_z=... HTTP 302
    https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9iaWVuLWV0cmUuYWx0ZXJuYXRpZi1iaWVuLWV0cmUuY29tL2xwLXJl... HTTP 307
    https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-372... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

26
Requests

81 %
HTTPS

38 %
IPv6

11
Domains

14
Subdomains

11
IPs

4
Countries

166 kB
Transfer

365 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/4063998663.html Page URL
  2. http://wtm.actu.cosmopolitan.fr/w/137975/94b6613322820b9fd7ed95e4774bd009/1835/537/?mid=95856babfd7bcfdddb704ee4d9851cc3&ct=nl&n=22&l=a&u=http%3A%2F%2Fwtm.actu.cosmopolitan.fr%2Fredirection.html%3Fm%3D94b6613322820b9fd7ed95e4774bd009%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.actu.cosmopolitan.fr%252Fndc%252F990WJEKR%253Fps_ee%253D94b6613322820b9fd7ed95e4774bd009%2526ps_g%253DMME%2526ps_a%253D1950%2526ps_z%253D1082%2526z%253D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%252BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%252BXVjkrXddbCmPODVM%253D HTTP 302
    http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D Page URL
  3. https://pws.actu.cosmopolitan.fr/ndc/990WJEKR?ps_ee=94b6613322820b9fd7ed95e4774bd009&ps_g=MME&ps_a=1950&ps_z=1082&z=3 HTTP 302
    https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9iaWVuLWV0cmUuYWx0ZXJuYXRpZi1iaWVuLWV0cmUuY29tL2xwLXJlZ2ltZS0xNXN0ZXAvP3NvdXJjZUNvZGU9U05JODAwMTAwMDUmY2xpY2tJZD05MWQ5ZTkwNS0wNDRjLTM0YTQtOTIzMi0zNzI2YzgzZjEwODY=&pstuid=73e333d1-a75e-387c-a397-4181c169625e HTTP 307
    https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://wtm.actu.cosmopolitan.fr/w/137975/94b6613322820b9fd7ed95e4774bd009/1835/537/?mid=95856babfd7bcfdddb704ee4d9851cc3&ct=nl&n=22&l=a&u=http%3A%2F%2Fwtm.actu.cosmopolitan.fr%2Fredirection.html%3Fm%3D94b6613322820b9fd7ed95e4774bd009%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.actu.cosmopolitan.fr%252Fndc%252F990WJEKR%253Fps_ee%253D94b6613322820b9fd7ed95e4774bd009%2526ps_g%253DMME%2526ps_a%253D1950%2526ps_z%253D1082%2526z%253D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%252BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%252BXVjkrXddbCmPODVM%253D HTTP 302
  • http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Request Chain 4
  • https://er.cloud-media.fr/r/94b6613322820b9fd7ed95e4774bd009/20305b1d-4a14-4990-b6a1-7765863e4041 HTTP 302
  • https://er.cloud-media.fr/c/94b6613322820b9fd7ed95e4774bd009/20305b1d-4a14-4990-b6a1-7765863e4041
Request Chain 6
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94b6613322820b9fd7ed95e4774bd009%26wb%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94b6613322820b9fd7ed95e4774bd009%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1814070480 HTTP 302
  • https://r.phywi.org/webo.gif?md=94b6613322820b9fd7ed95e4774bd009&wb=7PAdSpjz1yOIV9urUeHLee

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 4063998663.html
ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/ 		766 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/4063998663.html
Protocol
HTTP/1.1
Server
2001:41d0:1000:81d:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
ml.actu.cosmopolitan.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 18 Jun 2020 07:41:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
cosmopolitan_v2=4344938%2C7I3JDbcc5%2C21%3B1870483335; Path=/; Domain=.ml.actu.cosmopolitan.fr; Expires=Sat, 18 Jul 2020 07:41:09 GMT; Max-Age=2592000; SameSite=None
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Headers
origin, content-type, accept
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
X-Served-By
cdn02
Content-Encoding
gzip
redirection.html
wtm.actu.cosmopolitan.fr/
Redirect Chain
  • http://wtm.actu.cosmopolitan.fr/w/137975/94b6613322820b9fd7ed95e4774bd009/1835/537/?mid=95856babfd7bcfdddb704ee4d9851cc3&ct=nl&n=22&l=a&u=http%3A%2F%2Fwtm.actu.cosmopolitan.fr%2Fredirection.html%3F...
  • http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Protocol
HTTP/1.1
Server
2001:41d0:700:3b57:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6f5ed04fbce8c26e1ad68506f1fd8dec0688ff62a74de64a5838171436404922
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Host
wtm.actu.cosmopolitan.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/4063998663.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ml.actu.cosmopolitan.fr/l2/7I3JDbcc521/4344938/4063998663.html

Response headers

server
nginx
date
Thu, 18 Jun 2020 07:41:09 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000
x-request-id
2A0104F80121131A0000000000000002:CFF0_200141D007003B570000000000000000:0050_5EEB1A95_4327A6F:0006

Redirect headers

server
nginx
date
Thu, 18 Jun 2020 07:41:09 GMT
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
post-check=0, pre-check=0
pragma
no-cache
location
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
strict-transport-security
max-age=63072000
x-request-id
2A0104F80121131A0000000000000002:CFF0_200141D007003B570000000000000000:0050_5EEB1A95_4327A6C:0006
https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3
wtm.actu.cosmopolitan.fr/ 		0
417 B 		Other
General
Check archive.org
Download Go to
Full URL
http://wtm.actu.cosmopolitan.fr/https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3
Requested by
Host: wtm.actu.cosmopolitan.fr
URL: http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Protocol
HTTP/1.1
Server
2001:41d0:700:3b57:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jun 2020 07:41:09 GMT
server
nginx
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
post-check=0, pre-check=0
content-length
43
x-request-id
2A0104F80121131A0000000000000002:CFF0_200141D007003B570000000000000000:0050_5EEB1A95_4327A71:0006
expires
Sun, 01 Jan 2014 00:00:00 GMT
cl.gif
r.phywi.org/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/cl.gif?m=94b6613322820b9fd7ed95e4774bd009
Requested by
Host: wtm.actu.cosmopolitan.fr
URL: http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:2:dbba:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 18 Jun 2020 07:41:09 GMT
server
nginx
strict-transport-security
max-age=63072000
x-request-id
2A0104F80121131A0000000000000002:ED2E_200141D00002DBBA0000000000000000:01BB_5EEB1A95_1190B8F:0006
content-type
image/gif
20305b1d-4a14-4990-b6a1-7765863e4041
er.cloud-media.fr/c/94b6613322820b9fd7ed95e4774bd009/
Redirect Chain
  • https://er.cloud-media.fr/r/94b6613322820b9fd7ed95e4774bd009/20305b1d-4a14-4990-b6a1-7765863e4041
  • https://er.cloud-media.fr/c/94b6613322820b9fd7ed95e4774bd009/20305b1d-4a14-4990-b6a1-7765863e4041
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/94b6613322820b9fd7ed95e4774bd009/20305b1d-4a14-4990-b6a1-7765863e4041
Requested by
Host: wtm.actu.cosmopolitan.fr
URL: http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.141.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-141-37.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 18 Jun 2020 07:41:10 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

date
Thu, 18 Jun 2020 07:41:09 GMT
x-content-type-options
nosniff
server
awselb/2.0
status
302
content-type
text/html;charset=utf-8
location
https://er.cloud-media.fr/c/94b6613322820b9fd7ed95e4774bd009/20305b1d-4a14-4990-b6a1-7765863e4041
content-length
0
x-xss-protection
1; mode=block
redirect.php
ep.la-meteo-mail.fr/tags/ 		0
0
webo.gif
r.phywi.org/
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94b6613322820b9fd7ed95e4774bd009%26wb%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fr.phywi.org%2Fwebo.gif%3Fmd%3D94b6613322820b9fd7ed95e4774bd009%26wb%3D%7BWEBO_CID%7D&bounce=1&random=1814070480
  • https://r.phywi.org/webo.gif?md=94b6613322820b9fd7ed95e4774bd009&wb=7PAdSpjz1yOIV9urUeHLee
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.phywi.org/webo.gif?md=94b6613322820b9fd7ed95e4774bd009&wb=7PAdSpjz1yOIV9urUeHLee
Requested by
Host: wtm.actu.cosmopolitan.fr
URL: http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:2:dbba:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 18 Jun 2020 07:41:09 GMT
server
nginx
strict-transport-security
max-age=63072000
x-request-id
2A0104F80121131A0000000000000002:ED2E_200141D00002DBBA0000000000000000:01BB_5EEB1A95_1190B96:0006
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Jun 2020 07:41:09 GMT
via
1.1 google
last-modified
Thu, 18 Jun 2020 07:41:09 GMT
server
nginx/1.12.0
status
302
location
https://r.phywi.org/webo.gif?md=94b6613322820b9fd7ed95e4774bd009&wb=7PAdSpjz1yOIV9urUeHLee
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Primary Request /
bien-etre.alternatif-bien-etre.com/lp-regime-15step/
Redirect Chain
  • https://pws.actu.cosmopolitan.fr/ndc/990WJEKR?ps_ee=94b6613322820b9fd7ed95e4774bd009&ps_g=MME&ps_a=1950&ps_z=1082&z=3
  • https://csync.pwspace.com/dpt?destUrl=aHR0cHM6Ly9iaWVuLWV0cmUuYWx0ZXJuYXRpZi1iaWVuLWV0cmUuY29tL2xwLXJlZ2ltZS0xNXN0ZXAvP3NvdXJjZUNvZGU9U05JODAwMTAwMDUmY2xpY2tJZD05MWQ5ZTkwNS0wNDRjLTM0YTQtOTIzMi0zNzI...
  • https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
74 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Requested by
Host: wtm.actu.cosmopolitan.fr
URL: http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f5d7012d1d5f765ed08f4470a0f2307027b1b7a99a8b80ea2e2a4d1d062687ec

Request headers

Host
bien-etre.alternatif-bien-etre.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://wtm.actu.cosmopolitan.fr/redirection.html?m=94b6613322820b9fd7ed95e4774bd009&c=fr&u=https%3A%2F%2Fpws.actu.cosmopolitan.fr%2Fndc%2F990WJEKR%3Fps_ee%3D94b6613322820b9fd7ed95e4774bd009%26ps_g%3DMME%26ps_a%3D1950%26ps_z%3D1082%26z%3D3&dc=UVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%2BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%2BXVjkrXddbCmPODVM%3D

Response headers

date
Thu, 18 Jun 2020 07:41:11 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
c5ac1992-88fd-4075-a308-826205fb9c83
etag
75c46daf14334a41ebf6a8cc6bf975bc
content-location
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/
x-unbounce-visitorid
82.102.18.1141592952094340120
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
x-unbounce-variant
m
link
<https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/>; rel="canonical"
set-cookie
ubpv=m%2Cc5ac1992-88fd-4075-a308-826205fb9c83; Max-Age=15897600; Expires=Sat, 19 Dec 2020 07:41:11 GMT; Path=/lp-regime-15step/ ubrs=dta; Path=/lp-regime-15step/ ubvs=82.102.18.1141592952094340120; Max-Age=15552000; Expires=Tue, 15 Dec 2020 07:41:11 GMT; Path=/ ubvt=82.102.18.1141592952094340120; Max-Age=259200; Expires=Sun, 21 Jun 2020 07:41:11 GMT; Path=/; Domain=alternatif-bien-etre.com
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

status
307
server
openresty/1.15.8.1
date
Thu, 18 Jun 2020 07:41:10 GMT
content-length
0
location
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
set-cookie
pstuid=581a000b-6dda-3811-9b54-d8fec1f7296d; Expires=Fri, 18 Jun 2021 07:41:10 GMT; Domain=.pwspace.com
x-b3-traceid
8154cae84d7352ce
x-b3-sampled
0
x-b3-parentspanid
4f8308d746bb15ff
x-b3-spanid
5bc9266b521b79be
strict-transport-security
max-age=15724800; includeSubDomains
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-91.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 23:39:45 GMT
content-encoding
gzip
age
9100887
x-cache
Hit from cloudfront
status
200
content-length
2902
last-modified
Wed, 04 Mar 2020 22:45:14 GMT
server
AmazonS3
etag
"c840c3d549f745d3142417845de68270"
x-amz-version-id
gJqOFtzKpY5_MpSOYwBhAXEJLqR0Gl7t
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
r6eNysahHZlaKGKA3qYDuOcyco2QeMDefujFgF9_pDvfNXfyoMW9xA==
ub.js
assets.ub-analytics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/ub.js
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d96ddcaf34c2e2a77a6c71c68f62f9aa69f570d9af4ec216b3f16dd91d80c949

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
bZn9flHBsWU9aNu20yxweI1A7OFBugY8
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified
Thu, 14 May 2020 17:22:42 GMT
server
AmazonS3
age
200
etag
"bbca570813c1877b581530490f602824"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=300
date
Thu, 18 Jun 2020 07:37:52 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
4562
x-amz-cf-id
WE-DMRmrJ06zbMV7ik-M0JYkBAW1RUbetPZMKRRHIPIegjlzf2QrUA==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-91.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 21:04:18 GMT
content-encoding
gzip
age
4271814
x-cache
Hit from cloudfront
status
200
content-length
33645
last-modified
Wed, 29 Apr 2020 19:49:39 GMT
server
AmazonS3
etag
"e3cd90068d75377439e6202b33a169c9"
x-amz-version-id
JBFUS0AkE5K2tQgjpSYJVwZCr8Y4Yfgg
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
LEqqPZb-vDLNo5MpVfD7YEJvscfEA2cWan2lzJO5A8Klpvp9-Jvzag==
cookieinfo.min.js
cookieinfoscript.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:21d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:11 GMT
content-encoding
br
cf-cache-status
HIT
age
1279
x-amz-meta-cb-modifiedtime
Mon, 26 Feb 2018 13:13:26 GMT
status
200
x-amz-request-id
05478E76A2417608
x-amz-id-2
hJ9dOCXUjggcli1KlPBdl9gsJBA4bVEaq5MuXw4ghrQVeO1msUVXmQuzY/mpwG5Em7IWrwg5otw=
last-modified
Tue, 02 Jun 2020 15:13:00 GMT
server
cloudflare
etag
W/"994ae1f7835fb9fa109c9177bf3a04a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-request-id
0367f8f6800000c781be96a200000001
cf-ray
5a535dd0cf89c781-AMS
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.9.0.js
assets.ub-analytics.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/sp-2.9.0.js
Requested by
Host: assets.ub-analytics.com
URL: https://assets.ub-analytics.com/ub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 23:40:02 GMT
content-encoding
gzip
age
9100870
x-cache
Hit from cloudfront
status
200
content-length
25747
last-modified
Tue, 16 Jul 2019 16:36:37 GMT
server
AmazonS3
etag
"ca3734b973941d7734d9116b823f868b"
x-amz-version-id
EYCPJnlZccivTrgOYeEuIt6iQVaAC0Td
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6XCcwr8GkLnH695MFoJqq-SFXzFDIk1VCTQBDD3dKQMkN3j-Gp-NNA==
0adfbe70-2cc0-4b70-8cd0-07382d103d9d
https://bien-etre.alternatif-bien-etre.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://bien-etre.alternatif-bien-etre.com/0adfbe70-2cc0-4b70-8cd0-07382d103d9d
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
xy6jkh-marconato-colorwave_10qo04g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/xy6jkh-marconato-colorwave_10qo04g000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8646a14e1bb3815ae71a124700b78ed0a78880d57fc0cc849cd54f01e577fb70

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"0f10ae53cc63458dbc8903dba7dd7b37"
x-cache
Miss from cloudfront
x-amz-version-id
1h_kCPX3Ien8T00LZSp_OPifa2YeFNMB
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2570
x-amz-cf-id
hyyMEK76cC-bG5xvYzoGYcSKQjfGXZqGBBx5VKHBjkdX4iFTV9FXXQ==
vfvg0-blur-2_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/vfvg0-blur-2_1000000000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cb6a22009b1771e59cf3a8491ef5b1c2fd71fce597df3d81b5102e745aea41b

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"fca4628d81d479dad8531401b3af5857"
x-cache
Miss from cloudfront
x-amz-version-id
SUvDLktseJnA5COZwue0lFWSSonOWXR2
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2094
x-amz-cf-id
QnoCQDbJMmC6R__ZWvtQySB5ijqPio6U2juAukfiKWm_Kserw62Wqw==
wc7py4-fleche_103102j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		661 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/wc7py4-fleche_103102j000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4f5ce984a4b23c847e8125c9d24e6efdd85396caaa114e78983ffd10112c80

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"e4eb67baa22eb909a3419c7acbc681cd"
x-cache
Miss from cloudfront
x-amz-version-id
2prQqzXjcQldApp9TgZgZ2.NUqu5qlIa
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
661
x-amz-cf-id
Y7c-C3FjR51mDj_f78BVwwCcukDQs5zDmCgZMJo8vV-TBkxzTUeljw==
eb51ff2b-unlock.gif
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/eb51ff2b-unlock.gif
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2152bde74ebf8bd54447c83b7c860f51454f36af2750db94a5c9f69cd325fa54

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"703564d1b370cdaa6537494b7f5e239b"
x-cache
Miss from cloudfront
x-amz-version-id
OJ_DZr4bRADHgMFMDNhvYiIYsuOv2jii
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/gif
content-length
12224
x-amz-cf-id
zotq-iE2x1bZOKLaSSroG3VodNIPHbf_7Q-fgGDhht2bpwrodo2Nkg==
0b6f81ff-image-5_10d8022000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/0b6f81ff-image-5_10d8022000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d58766acd48adf6cde432cd9bafdba6a35e9747fdd0e923134a29fca3dd9514

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"a518099bf45dc402c9ba144428833174"
x-cache
Miss from cloudfront
x-amz-version-id
f5lvs5DikJOqO0uxWJPligZXE.OTrIX4
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
3587
x-amz-cf-id
cefhvFi7d94_fLbTinn8g2eeixFT8Bqctz9csCVDLq1mJCcaINfxRw==
486907ae-shadow-tr_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		654 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/486907ae-shadow-tr_1000000000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64ee704a28df644418ba597e4274ca4a55c39278c9dca0f13ef7d01fe0b8383d

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"14bc4ed9797a56a2bf45cde7a6ad5f83"
x-cache
Miss from cloudfront
x-amz-version-id
JAVhRn9P8qczQYRBHo1sw1nKfj00Hf2J
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
654
x-amz-cf-id
_y_Zm-GIsC_f3SoPe8g7FoL7YFXR7mGzCC_EFmWgUMNLX15igWwiHQ==
d56aebbb-sans-titre-3_100j00j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		246 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/d56aebbb-sans-titre-3_100j00j000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d8e7e1143bb93e716f59caf8d05245b50bb5117acaa8eb64bf801a1ae84b5b5

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"6532ebb03e143325385ca71aca37b3c1"
x-cache
Miss from cloudfront
x-amz-version-id
Jc8VsB1U9ljP3M5KLg1L8Y1cskuaEONa
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
246
x-amz-cf-id
881WCjo5YdRgdLf0vpTkxSU7rkjrGUCp9hWuQjTfRr9uqNw_-LZ_Yw==
c5172290-smartmockups-kaxwwa0j-copie_10cm0f0000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/c5172290-smartmockups-kaxwwa0j-copie_10cm0f0000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c0b33474f311a186546a2601fadfa1bbf99a6ea9b051214d6ceae5447465c1e

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"ed6a267eae3f17ee8167c9441b661459"
x-cache
Miss from cloudfront
x-amz-version-id
te80VuCPtlBUQqUzI5Y7lI7_nhozs9cl
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
30911
x-amz-cf-id
xr9Vrh9vx6Nw2vpTtML22ON8W2py22v3gQDglyZ1CX2KoHTedDTBnQ==
d6595b55-smartmockups-kaxwx2j0_106908s000000000000028.png
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/d6595b55-smartmockups-kaxwx2j0_106908s000000000000028.png
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3aba3d9bfeb6ca5ea2be0448e810cf1ed950c972fc8f0ccd7333e8e4aeb82467

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"1b8a330e7ef74590750d1d081f29c001"
x-cache
Miss from cloudfront
x-amz-version-id
nSmUkDdB0hN85JHDxie34Bw3aR1u4oEH
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
20830
x-amz-cf-id
UNQfo7eGroHv5ogEAmlp1QIM8tPDTzdg9BPjBpEXInD8L8wwiThOOA==
2187e29a-signature-rodolphe_104q03a00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/2187e29a-signature-rodolphe_104q03a00000000000001o.jpg
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9558bccd95a49424d943c02693f0d5969acfa4f52fc90f2ef9a546b336c20f6d

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"eea219c2f433575c627b4130ecf0cddb"
x-cache
Miss from cloudfront
x-amz-version-id
kPo7CloG062_9UiqDkvd1FE86LDsMMez
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
content-length
2628
x-amz-cf-id
Vxb9oKKbAonPPgHVBFu52rIVHXlfS7K2qrDFllVGJo2xvwJ5B2fmoQ==
d2b70f4f-etoiles-nombre-de-lecteur_103z01e000000000000028.PNG
d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/bien-etre.alternatif-bien-etre.com/lp-regime-15step/d2b70f4f-etoiles-nombre-de-lecteur_103z01e000000000000028.PNG
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-68.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
306751e6bc47701e976e1ef00fa2f4eb01544d361e03ecb301916c9eeefb80a2

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:12 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 09:57:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"1d811f44f24a8f292bb8261f0971404a"
x-cache
Miss from cloudfront
x-amz-version-id
mGYgrbex_1DAl8A3jpByXVyYxYurg1LY
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1781
x-amz-cf-id
ozbI3ZIpGh5-eWps2y5QJOQyFfavgfJshWP4g9LX8cuN_QPQcN3AmA==
i
events.ub-analytics.com/ 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1592466071345&e=pv&url=https%3A%2F%2Fbien-etre.alternatif-bien-etre.com%2Flp-regime-15step%2F%3FsourceCode%3DSNI80010005%26clickId%3D91d9e905-044c-34a4-9232-3726c83f1086&page=R%C3%A9gime&refr=http%3A%2F%2Fwtm.actu.cosmopolitan.fr%2Fredirection.html%3Fm%3D94b6613322820b9fd7ed95e4774bd009%26c%3Dfr%26u%3Dhttps%253A%252F%252Fpws.actu.cosmopolitan.fr%252Fndc%252F990WJEKR%253Fps_ee%253D94b6613322820b9fd7ed95e4774bd009%2526ps_g%253DMME%2526ps_a%253D1950%2526ps_z%253D1082%2526z%253D3%26dc%3DUVJx2RljSk7WeRZXfrPMyzvKiAZvXK1N6bvHyKJSnjhY2VO0D68HJ1tOjEkCmeLtpbEF8g8mp9OCWcTZ3wnwrVvyNpYn0fWn7k%252BXIQDTn7c1xY28NCUTTPIR9rnoBFU9NcJSbTO5NH2rpkehHCjpEMk50JlZFSiJ6NMQFsOjsWlLLznDS0dI5vf0qAvYgobFQ55COC5kXZRIsndUexPIMCpDvH%252BXVjkrXddbCmPODVM%253D&tv=js-2.9.0&tna=cf&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=7f6d95a6-be50-4181-a272-b0a060608bd4&dtm=1592466071343&vp=1600x1200&ds=1600x2230&vid=1&sid=f363eee7-42c3-4aab-a6ee-92166e149a6b&duid=63679fb0-880e-45a9-b41f-c4f30d465329&fp=1288168746&uid=82.102.18.1141592952094340120&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYzVhYzE5OTItODhmZC00MDc1LWEzMDgtODI2MjA1ZmI5YzgzIiwidmFyaWFudElkIjoibSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6ImR0YSJ9fV19
Requested by
Host: bien-etre.alternatif-bien-etre.com
URL: https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.75.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-75-196.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://bien-etre.alternatif-bien-etre.com/lp-regime-15step/?sourceCode=SNI80010005&clickId=91d9e905-044c-34a4-9232-3726c83f1086
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 07:41:11 GMT
server
akka-http/10.0.9
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
image/gif
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep.la-meteo-mail.fr
URL
http://ep.la-meteo-mail.fr/tags/redirect.php?h=94b6613322820b9fd7ed95e4774bd009&source=38

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ub function| cookieinfo object| cbinstance object| GlobalSnowplowNamespace function| snowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| Snowplow

6 Cookies

Domain/Path Name / Value
bien-etre.alternatif-bien-etre.com/ Name: _sp_id.ccc2
Value: 63679fb0-880e-45a9-b41f-c4f30d465329.1592466071.1.1592466071.1592466071.f363eee7-42c3-4aab-a6ee-92166e149a6b
bien-etre.alternatif-bien-etre.com/ Name: _sp_ses.ccc2
Value: *
bien-etre.alternatif-bien-etre.com/ Name: ubvs
Value: 82.102.18.1141592952094340120
bien-etre.alternatif-bien-etre.com/lp-regime-15step/ Name: ubrs
Value: dta
.alternatif-bien-etre.com/ Name: ubvt
Value: 82.102.18.1141592952094340120
bien-etre.alternatif-bien-etre.com/lp-regime-15step/ Name: ubpv
Value: m%2Cc5ac1992-88fd-4075-a308-826205fb9c83

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.ub-analytics.com
bien-etre.alternatif-bien-etre.com
builder-assets.unbounce.com
cookieinfoscript.com
csync.pwspace.com
d9hhrg4mnvzow.cloudfront.net
ep.la-meteo-mail.fr
er.cloud-media.fr
events.ub-analytics.com
ml.actu.cosmopolitan.fr
pws.actu.cosmopolitan.fr
r.phywi.org
redirect.frontend.weborama.fr
wtm.actu.cosmopolitan.fr
ep.la-meteo-mail.fr
104.155.63.91
13.226.156.68
13.35.254.6
13.35.254.91
18.196.95.178
2001:41d0:1000:81d::
2001:41d0:2:dbba::
2001:41d0:700:3b57::
2600:1901:0:37f::a:1
2606:4700:3035::6812:21d2
3.248.141.37
35.169.75.196
35.190.16.14
1d8e7e1143bb93e716f59caf8d05245b50bb5117acaa8eb64bf801a1ae84b5b5
2152bde74ebf8bd54447c83b7c860f51454f36af2750db94a5c9f69cd325fa54
306751e6bc47701e976e1ef00fa2f4eb01544d361e03ecb301916c9eeefb80a2
3aba3d9bfeb6ca5ea2be0448e810cf1ed950c972fc8f0ccd7333e8e4aeb82467
5c0b33474f311a186546a2601fadfa1bbf99a6ea9b051214d6ceae5447465c1e
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5cb6a22009b1771e59cf3a8491ef5b1c2fd71fce597df3d81b5102e745aea41b
5d58766acd48adf6cde432cd9bafdba6a35e9747fdd0e923134a29fca3dd9514
64ee704a28df644418ba597e4274ca4a55c39278c9dca0f13ef7d01fe0b8383d
6f5ed04fbce8c26e1ad68506f1fd8dec0688ff62a74de64a5838171436404922
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e4f5ce984a4b23c847e8125c9d24e6efdd85396caaa114e78983ffd10112c80
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8646a14e1bb3815ae71a124700b78ed0a78880d57fc0cc849cd54f01e577fb70
9558bccd95a49424d943c02693f0d5969acfa4f52fc90f2ef9a546b336c20f6d
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b
d96ddcaf34c2e2a77a6c71c68f62f9aa69f570d9af4ec216b3f16dd91d80c949
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d7012d1d5f765ed08f4470a0f2307027b1b7a99a8b80ea2e2a4d1d062687ec