urlscan.io logo urlscan.io
SecurityTrails logo

www.devisdirect.com Open in urlscan Pro
54.36.212.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://top2to.com/iem_621/link.php?M=384903&N=168&L=315&F=H
Effective URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverri...
Submission: On July 18 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 54.36.212.234, located in France and belongs to OVH, FR. The main domain is www.devisdirect.com.
TLS certificate: Issued by R3 on July 17th 2021. Valid for: 3 months.
This is the only time www.devisdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.12.123.30 25454 (ASN-OMD-F...)
1 2 35.186.231.97 15169 (GOOGLE)
1 13.224.99.25 16509 (AMAZON-02)
1 188.165.150.177 16276 (OVH)
6 54.36.212.234 16276 (OVH)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:220... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.196.248.124 16509 (AMAZON-02)
2 54.36.212.233 16276 (OVH)
23 13
1    217.12.123.30 (Chisinau, Moldova)

ASN25454 (ASN-OMD-FNO Orange Moldova Fixed Network Autonomous System, MD)
PTR: top2to.com
top2to.com
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    13.224.99.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-25.zrh50.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.tradedoubler.com
6    54.36.212.234 (France)

ASN16276 (OVH, FR)
PTR: ip234.ip-54-36-212.eu
www.devisdirect.com
4    2606:4700:20::ac43:45c0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.companeo.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:2204:d400:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.196.248.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-248-124.eu-central-1.compute.amazonaws.com
logs1412.xiti.com
2    54.36.212.233 (France)

ASN16276 (OVH, FR)
PTR: ip233.ip-54-36-212.eu
rest.companeo.com
Domain Requested by
6 www.devisdirect.com www.devisdirect.com
4 www.companeo.com www.devisdirect.com
www.companeo.com
3 sdk.privacy-center.org www.devisdirect.com
sdk.privacy-center.org
2 rest.companeo.com www.companeo.com
2 clk.tradedoubler.com 1 redirects
1 logs1412.xiti.com www.devisdirect.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.devisdirect.com
1 fonts.googleapis.com www.devisdirect.com
1 ajax.googleapis.com www.devisdirect.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 top2to.com 1 redirects
23 13

This site contains links to these domains. Also see Links.

Domain
www.companeo.com
www.infopro-digital.com
Subject Issuer Validity Valid
*.tradedoubler.com
R3		 2021-07-05 -
2021-10-03		 3 months crt.sh
devisdirect.com
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-13 -
2022-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.privacy-center.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.xiti.com
Thawte RSA CA 2018		 2020-02-27 -
2022-05-22		 2 years crt.sh
*.companeo.com
AlphaSSL CA - SHA256 - G2		 2021-03-23 -
2022-04-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Frame ID: C1FE8165764F827EE55459A22CAF277C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://top2to.com/iem_621/link.php?M=384903&N=168&L=315&F=H HTTP 302
    https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400... Page URL
  2. https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400... HTTP 302
    https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

23
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

13
Subdomains

13
IPs

4
Countries

451 kB
Transfer

1376 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://top2to.com/iem_621/link.php?M=384903&N=168&L=315&F=H HTTP 302
    https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1 Page URL
  2. https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1 HTTP 302
    https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://top2to.com/iem_621/link.php?M=384903&N=168&L=315&F=H HTTP 302
  • https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • https://top2to.com/iem_621/link.php?M=384903&N=168&L=315&F=H
  • https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
42a3373f1756a3271e876064963234c1db5898d1e7df793303cb8cd8bafbe24c

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sun, 18 Jul 2021 06:20:04 GMT
content-length
1215
via
1.1 google
alt-svc
clear

Redirect headers

Date
Sun, 18 Jul 2021 06:20:04 GMT
Server
Apache
X-Powered-By
PHP/7.3.20
Location
https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-25.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Jul 2021 03:44:58 GMT
Content-Encoding
gzip
Age
9307
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
iWnR5ttOlua1T_TnUg0iBFVZ1ruwDrymlCHJNxvlWDvrL62UbKdf_g==
Expires
Sun, 25 Jul 2021 03:44:43 GMT
/
analytics.tradedoubler.com/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 18 Jul 2021 06:20:05 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Primary Request /
www.devisdirect.com/DD/_4400/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=294890&a=2932876&g=25027508&url=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
  • https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
4c5a6250031153b5a172e9000b0ef13e50ad1550f18bb53dbb03b60604f93d20
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
www.devisdirect.com
:scheme
https
:path
/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
server
Apache/2.4.37 (Ubuntu)
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
lang=fr_FR; expires=Tue, 27-May-2031 06:20:05 GMT; Max-Age=311040000; path=/; SameSite=None; Secure; domain=.devisdirect.com lang_id=3; expires=Tue, 27-May-2031 06:20:05 GMT; Max-Age=311040000; path=/; SameSite=None; Secure; domain=.devisdirect.com coid=0pij2rp9sftagdglvs9mm8fch2; path=/; SameSite=None; Secure; domain=.devisdirect.com SRVNAME=S3; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
3657
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000

Redirect headers

location
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
set-cookie
EH_0=1z11z1zp9z2NjHnpz1LsoyZ1mPYlByDU3ZVCARG4Ca51MmNNpD92vBWtEIgPM99p7otqKDE0.IOCmDthOh%7amqH;expires=Mon, 18-Jul-2022 06:20:05 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzp9zMW00mzcc1c9708262a1fc190e11ddcb50efa87;expires=Mon, 18-Jul-2022 06:20:05 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=cc1c9708262a1fc190e11ddcb50efa87;expires=Mon, 18-Jul-2022 06:20:05 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sun, 18 Jul 2021 06:20:04 GMT
content-length
333
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
styles.css
www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/css/styles.css
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
885c5dfb1be1a1a862746a8a137ad7b5bfbb92f046202b6e1b03ac5d2439bd55
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/dnews_solo/2021/4400_paritel_0621_solo/css/styles.css
pragma
no-cache
cookie
lang=fr_FR; lang_id=3; coid=0pij2rp9sftagdglvs9mm8fch2; SRVNAME=S3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.devisdirect.com
referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
content-encoding
gzip
server
Apache/2.4.37 (Ubuntu)
accept-language
bytes
etag
"3596-5c595031c3f9e-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15768000
content-length
2911
expires
Sun, 25 Jul 2021 06:20:05 GMT
smarttag.js
www.companeo.com/js/xiti/618938/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.companeo.com/js/xiti/618938/smarttag.js
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f0154417f372f87eabf542a51758269254eb28949005c8756e7547bc038876
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"147a6-5c00386d0d340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9otKAngcgGojwbyB9Q0Vcbj4Fl8EcHvKsMyOA2EkAOxlNeokjCMtKBMz0DfuKKjY9SjVxIZ2WLxKYXTnNx2TBRgwUhoMZxaCXoF1dmNZQpNAZwqaPicdCXVdAyxIJnoxoPgdDdXAcPQGaPOZmQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800, private
strict-transport-security
max-age=15768000
cf-ray
67099a26c831176a-FRA
expires
Sun, 25 Jul 2021 06:20:05 GMT
logo.png
www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/images/logo.png
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
6aa986c5c04ee9f0a27f457bc0094dc6a3991d5d93b1c254d80ef44736d2199c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/dnews_solo/2021/4400_paritel_0621_solo/images/logo.png
pragma
no-cache
cookie
lang=fr_FR; lang_id=3; coid=0pij2rp9sftagdglvs9mm8fch2; SRVNAME=S3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.devisdirect.com
referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
server
Apache/2.4.37 (Ubuntu)
accept-language
bytes
etag
"1573-5c595031bd23e"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=604800
content-length
5491
expires
Sun, 25 Jul 2021 06:20:05 GMT
visu_offre.jpg
www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/images/visu_offre.jpg
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
c3f744fde2c518ddde1d1398fe183ec0daacdf15efebdaf9ba5496c5cbce1fa4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/dnews_solo/2021/4400_paritel_0621_solo/images/visu_offre.jpg
pragma
no-cache
cookie
lang=fr_FR; lang_id=3; coid=0pij2rp9sftagdglvs9mm8fch2; SRVNAME=S3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.devisdirect.com
referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
server
Apache/2.4.37 (Ubuntu)
accept-language
bytes
etag
"6315-5c595031c10be"
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=604800
content-length
25365
expires
Sun, 25 Jul 2021 06:20:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Jul 2022 06:12:23 GMT
side-panel.js
www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/js/ 		389 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/js/side-panel.js
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
c7bf5e5858bd93189d9ef12d6920ebf754a61dc0889be3190eb0239bf1232ccc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/dnews_solo/2021/4400_paritel_0621_solo/js/side-panel.js
pragma
no-cache
cookie
lang=fr_FR; lang_id=3; coid=0pij2rp9sftagdglvs9mm8fch2; SRVNAME=S3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.devisdirect.com
referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
content-encoding
gzip
server
Apache/2.4.37 (Ubuntu)
accept-language
bytes
etag
"185-5c595031c5ede-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
content-length
194
expires
Sun, 25 Jul 2021 06:20:05 GMT
surveyLight.min.js
www.companeo.com/js/ 		128 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.companeo.com/js/surveyLight.min.js
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0eeacb186f2245683027e07b51ab773168bfafcd62d7943083f8f36bcdc598
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Jul 2021 09:17:59 GMT
server
cloudflare
age
6231
etag
W/"92db-5c73a104bffc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viRek8IGdrdOiMuYp5XcY6VGqu9InDRdLD2zk4IwDUizz99fhwWbB%2FeSCob9wR0x8%2FtgQlxRBGAWI13vpNajdCi3cUnBuNsVzqz8YjEsgQKwryGnLg7sUDTpjRxHidO0z5D8H4Bqx0U9TnH5WQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
67099a2708a3176a-FRA
survey-slider.min.css
www.companeo.com/c/ 		61 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.companeo.com/c/survey-slider.min.css
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee20c5f694f161df64ffe83a3dadd59f86d73ce44b58db239eee15a5dc07f958
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Jul 2021 09:18:08 GMT
server
cloudflare
age
4558
etag
W/"3036-5c73a10d55400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqAAIiIyKRNQCBRfmXPf6W0ONi%2FPB3NHfvHhrI3ROQRhcIt1QyKyWikncJcAScTU3Lx5iv7r3%2Bn4pNMwxJmKs6lSoJLpQfKlNFRp6ygpNwSxKCAueXtj%2FCKdZfk1JHP4cxXs3kktULzrDVDnxGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
67099a2738de176a-FRA
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Jul 2021 05:15:39 GMT
server
ESF
date
Sun, 18 Jul 2021 06:20:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Jul 2021 06:20:05 GMT
loader.js
sdk.privacy-center.org/92502d09-0e0f-4b5a-8590-cad06e72159e/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/92502d09-0e0f-4b5a-8590-cad06e72159e/loader.js?target=www.devisdirect.com
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:d400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e27fbb627fbce115aed7f1ca344e0fccdd3a800f71b5866a0d4142d446275286

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:06 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
AMS50-C1
etag
"a7f1393d0329afe9b0f717d5fcd6e29a"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 36782ce80608b4ebb0112f2f4fdd01bf.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
content-length
23156
x-amz-cf-id
fW6bUwve-Q076F4ViIx_hnUkuBwmGp3FpceFr426r2ZjH0AjdsDnkQ==
gtm.js
www.googletagmanager.com/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ND5XGSW
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e86f968640d3f4fad8baed6054286918cbd36ee64a86d4ec91ed5cf9268da96c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45947
x-xss-protection
0
last-modified
Sun, 18 Jul 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Jul 2021 06:20:05 GMT
bg.jpg
www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/images/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/images/bg.jpg
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
63adc7f61b55384fb8c62524a71a6151128a838f944e56527eddc258a13d96f9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/dnews_solo/2021/4400_paritel_0621_solo/images/bg.jpg
pragma
no-cache
cookie
lang=fr_FR; lang_id=3; coid=0pij2rp9sftagdglvs9mm8fch2; SRVNAME=S3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.devisdirect.com
referer
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/css/styles.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.devisdirect.com/dnews_solo/2021/4400_paritel_0621_solo/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
server
Apache/2.4.37 (Ubuntu)
accept-language
bytes
etag
"13578-5c595031bb2fe"
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=604800
content-length
79224
expires
Sun, 25 Jul 2021 06:20:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.devisdirect.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
474821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 18:26:24 GMT
hit.xiti
logs1412.xiti.com/ 		35 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs1412.xiti.com/hit.xiti?s=618938&idclient=c6942e55-b906-428d-bf1e-73a41c7981e7&ts=1626589205742&vtag=5.28.0&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=8x20x5&lng=en-US&idp=0820054991433&jv=0&p=https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1&s2=&utm_source=newsletter&utm_medium=neoperf&typepage=solo&codelangue=fr&geo_country=FR&categroup_id=636010&categ_id=9162&qcp=Paritel_Neoconnect_NeoC_0621&solo_id=4400&ref=https://clk.tradedoubler.com/
Requested by
Host: www.devisdirect.com
URL: https://www.devisdirect.com/DD/_4400/?qcp=Paritel_Neoconnect_NeoC_0621&utm_source=newsletter&utm_medium=neoperf&utm_nooverride=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.248.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-248-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:05 GMT
cache-control
no-store
content-length
35
strict-transport-security
max-age=15768000
content-type
image/gif
sdk.72256418badee36fe771572b698375cb3b25faaf.js
sdk.privacy-center.org/ 		371 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.72256418badee36fe771572b698375cb3b25faaf.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/92502d09-0e0f-4b5a-8590-cad06e72159e/loader.js?target=www.devisdirect.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:d400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9db7f54bbf38c0eaaf6c5ff0800fe87581d4dd73c50eed4a312af87ce5366659

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 13:23:37 GMT
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 13:19:55 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1626355008/ctime:1626355008/gid:0/gname:root/md5:c49fd2ecbea16a085c80829687e44ed8/mode:33188/mtime:1626355008/uid:0/uname:root
age
233790
etag
W/"c49fd2ecbea16a085c80829687e44ed8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 36782ce80608b4ebb0112f2f4fdd01bf.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
8JouvS295K4ywo7x7XzB4xQ64G8lKw8uXtry9TXBnHQRzymCwzim7Q==
ui-gdpr-en.72256418badee36fe771572b698375cb3b25faaf.js
sdk.privacy-center.org/ 		254 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.72256418badee36fe771572b698375cb3b25faaf.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.72256418badee36fe771572b698375cb3b25faaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:d400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
783985e7cf60dceb111ef3d3f623f247d6801d394f1823047f93e6769ee034d0

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 13:23:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 13:20:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1626355008/ctime:1626355008/gid:0/gname:root/md5:4af5a0be37f86a734fe7ed9426baebb2/mode:33188/mtime:1626355008/uid:0/uname:root
age
233789
etag
W/"4af5a0be37f86a734fe7ed9426baebb2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 36782ce80608b4ebb0112f2f4fdd01bf.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
OBa8UbNxsf_hLloYRX2RLtjeuifPbUCebUyksGUzsI9m-1W2PuujBA==
cc=9162&forcetpl=2&force_lang=fr_FR&cid=&solo=true&dnid=4400
rest.companeo.com/light_coupon/getapi/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rest.companeo.com/light_coupon/getapi/cc=9162&forcetpl=2&force_lang=fr_FR&cid=&solo=true&dnid=4400
Protocol
H2
Server
54.36.212.233 , France, ASN16276 (OVH, FR),
Reverse DNS
ip233.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.devisdirect.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 18 Jul 2021 06:20:06 GMT
server
Apache/2.4.37 (Ubuntu)
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-origin
https://www.devisdirect.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
Origin, Authorization, Content-Type
content-length
0
content-type
text/html;charset=UTF-8
strict-transport-security
max-age=15768000
cc=9162&forcetpl=2&force_lang=fr_FR&cid=&solo=true&dnid=4400
rest.companeo.com/light_coupon/getapi/ 		27 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rest.companeo.com/light_coupon/getapi/cc=9162&forcetpl=2&force_lang=fr_FR&cid=&solo=true&dnid=4400
Requested by
Host: www.companeo.com
URL: https://www.companeo.com/js/surveyLight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.212.233 , France, ASN16276 (OVH, FR),
Reverse DNS
ip233.ip-54-36-212.eu
Software
Apache/2.4.37 (Ubuntu) /
Resource Hash
e968de3b2200e13ae79271c7bba3ed06cf78e3ca2da15839d5d5e148353b2b60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.devisdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 18 Jul 2021 06:20:06 GMT
content-encoding
gzip
server
Apache/2.4.37 (Ubuntu)
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.devisdirect.com
access-control-expose-headers
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
strict-transport-security
max-age=15768000
content-length
7346
expires
Thu, 19 Nov 1981 08:52:00 GMT
iconfont-surveyslider.ttf
www.companeo.com/c/fonts/iconfont/ 		4 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.companeo.com/c/fonts/iconfont/iconfont-surveyslider.ttf?uo3di4
Requested by
Host: www.companeo.com
URL: https://www.companeo.com/c/survey-slider.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937ee60f7679c859a7368485f42c23852e33f4933d02373402bce9b2ac7f3257
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.devisdirect.com
Referer
https://www.companeo.com/c/survey-slider.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:20:07 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 16 Jul 2021 09:14:01 GMT
server
cloudflare
etag
W/"fc8-5c73a021c6840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EadtxUjHNI2fVrJryRJ7CongideIaJj%2BZgdCJ1KGOliHZjpzv4%2FpiJRsh2B85fWj2g6QsPMPxZ7G6avp3RykH%2F13Vi5Mei7JzUG0rryQ230XQcqvYioV1FGquAJiTQasS7lxPMYf%2BMQh9E72iG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
private
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
67099a314e6c4ea3-FRA
truncated
/ 		499 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
679b560e7bfd7a594e5234b977c101d26b4fdacc80536d4827890654231ac373

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		531 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6ead51c66cff0b319a53cbd67772777176538da64b678103c0978064d1d3ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ATInternet function| ATCustomEvent boolean| gdprAppliesGlobally function| __tcfapi object| didomiConfig object| dataLayer function| $ function| jQuery object| sidePanel object| overlay function| openPanel function| closePanel object| App object| Base64 object| store object| router object| basicElement object| elementInput object| elementTextarea object| elementChoice object| elementChoiceToggle object| elementSelect object| elementHeader object| elementContent object| elementCta object| elementProgress object| basicSlideTemplate object| validator object| sliderManager object| stateSurvey object| Raven function| phoneFormat function| stringStartWith function| insertSpace function| loadConfirmationPopin undefined| cityPerso undefined| keywordPerso object| google_tag_manager function| gtag object| tag object| didomiOnReady object| google_tag_data object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiEventListeners object| googletag object| adsbygoogle object| didomiState object| regeneratorRuntime

7 Cookies

Domain/Path Name / Value
www.devisdirect.com/ Name: atauthority
Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222022-08-19T06%3A20%3A06.707Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.devisdirect.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdhYjg0NTktODVhZC02ZDZiLWE2MDUtNjBjYzM5NmY2YjYyIiwiY3JlYXRlZCI6IjIwMjEtMDctMThUMDY6MjA6MDYuNjQxWiIsInVwZGF0ZWQiOiIyMDIxLTA3LTE4VDA2OjIwOjA2LjY0MVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.devisdirect.com/ Name: coid
Value: 0pij2rp9sftagdglvs9mm8fch2
www.devisdirect.com/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%22c6942e55-b906-428d-bf1e-73a41c7981e7%22%2C%22options%22%3A%7B%22end%22%3A%222022-08-19T06%3A20%3A05.729Z%22%2C%22path%22%3A%22%2F%22%7D%7D
www.devisdirect.com/ Name: SRVNAME
Value: S3
.devisdirect.com/ Name: lang_id
Value: 3
.devisdirect.com/ Name: lang
Value: fr_FR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tradedoubler.com
clk.tradedoubler.com
fonts.googleapis.com
fonts.gstatic.com
logs1412.xiti.com
rest.companeo.com
sdk.privacy-center.org
top2to.com
vht.tradedoubler.com
www.companeo.com
www.devisdirect.com
www.googletagmanager.com
13.224.99.25
18.196.248.124
188.165.150.177
217.12.123.30
2600:9000:2204:d400:5:b7cc:d3c0:93a1
2606:4700:20::ac43:45c0
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:829::2008
35.186.231.97
54.36.212.233
54.36.212.234
0c6ead51c66cff0b319a53cbd67772777176538da64b678103c0978064d1d3ed
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
42a3373f1756a3271e876064963234c1db5898d1e7df793303cb8cd8bafbe24c
4c5a6250031153b5a172e9000b0ef13e50ad1550f18bb53dbb03b60604f93d20
63adc7f61b55384fb8c62524a71a6151128a838f944e56527eddc258a13d96f9
63f0154417f372f87eabf542a51758269254eb28949005c8756e7547bc038876
679b560e7bfd7a594e5234b977c101d26b4fdacc80536d4827890654231ac373
6aa986c5c04ee9f0a27f457bc0094dc6a3991d5d93b1c254d80ef44736d2199c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
783985e7cf60dceb111ef3d3f623f247d6801d394f1823047f93e6769ee034d0
885c5dfb1be1a1a862746a8a137ad7b5bfbb92f046202b6e1b03ac5d2439bd55
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
937ee60f7679c859a7368485f42c23852e33f4933d02373402bce9b2ac7f3257
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9db7f54bbf38c0eaaf6c5ff0800fe87581d4dd73c50eed4a312af87ce5366659
c3f744fde2c518ddde1d1398fe183ec0daacdf15efebdaf9ba5496c5cbce1fa4
c7bf5e5858bd93189d9ef12d6920ebf754a61dc0889be3190eb0239bf1232ccc
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce0eeacb186f2245683027e07b51ab773168bfafcd62d7943083f8f36bcdc598
e27fbb627fbce115aed7f1ca344e0fccdd3a800f71b5866a0d4142d446275286
e86f968640d3f4fad8baed6054286918cbd36ee64a86d4ec91ed5cf9268da96c
e968de3b2200e13ae79271c7bba3ed06cf78e3ca2da15839d5d5e148353b2b60
ee20c5f694f161df64ffe83a3dadd59f86d73ce44b58db239eee15a5dc07f958