urlscan.io logo urlscan.io
SecurityTrails logo

www.demandes-de-remboursements.com Open in urlscan Pro
160.153.138.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/8hc135k
Effective URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Submission: On June 22 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 36 HTTP transactions. The main IP is 160.153.138.163, located in Scottsdale, United States and belongs to GODADDY-AMS, DE. The main domain is www.demandes-de-remboursements.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 18th 2020. Valid for: 2 years.
This is the only time www.demandes-de-remboursements.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.208.128.113 14618 (AMAZON-AES)
4 160.153.138.163 21501 (GODADDY-AMS)
23 2a02:fe80:101... 30148 (SUCURI-SEC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 216.239.38.21 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 7
1    3.208.128.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-128-113.compute-1.amazonaws.com
rebrand.ly
4    160.153.138.163 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-138-163.ip.secureserver.net
www.demandes-de-remboursements.com
23    2a02:fe80:1010::16 (United Kingdom)

ASN30148 (SUCURI-SEC, US)
secureservercdn.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
ipinfo.io
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
23 secureservercdn.net www.demandes-de-remboursements.com
4 fonts.gstatic.com www.demandes-de-remboursements.com
4 www.demandes-de-remboursements.com www.demandes-de-remboursements.com
2 www.google-analytics.com www.demandes-de-remboursements.com
1 stats.g.doubleclick.net www.demandes-de-remboursements.com
1 ipinfo.io secureservercdn.net
1 fonts.googleapis.com www.demandes-de-remboursements.com
1 rebrand.ly 1 redirects
36 8

This site contains no links.

Subject Issuer Validity Valid
demandes-de-remboursements.com
Go Daddy Secure Certificate Authority - G2		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.secureservercdn.net
Starfield Secure Certificate Authority - G2		 2020-03-02 -
2022-03-02		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
ipinfo.io
GTS CA 1D2		 2020-06-02 -
2020-08-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.demandes-de-remboursements.com/?ff_landing=3
Frame ID: BEB02195756B1E71FDA8858D83738373
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rebrand.ly/8hc135k HTTP 301
    https://www.demandes-de-remboursements.com/?ff_landing=3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

36
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

473 kB
Transfer

1202 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/8hc135k HTTP 301
    https://www.demandes-de-remboursements.com/?ff_landing=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.demandes-de-remboursements.com/
Redirect Chain
  • https://rebrand.ly/8hc135k
  • https://www.demandes-de-remboursements.com/?ff_landing=3
36 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.138.163 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-138-163.ip.secureserver.net
Software
openresty /
Resource Hash
d6aea2b650b8daae877ca939be921fda38c1f03e9c3cc654a88dae8f40961774
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.demandes-de-remboursements.com
:scheme
https
:path
/?ff_landing=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
openresty
date
Mon, 22 Jun 2020 07:36:32 GMT
content-type
text/html; charset=UTF-8
content-length
9700
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=ufshpdt01k827ef1i2pp056m0a; path=/
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
age
0
vary
Accept-Encoding, User-Agent
x-cache
uncached
x-cache-hit
MISS
x-backend
all_requests
accept-ranges
none

Redirect headers

Cache-Control
no-cache, no-store
Date
Mon, 22 Jun 2020 07:36:31 GMT
Engine
Rebrandly.redirect, version 2.0
Expires
-1
Location
https://www.demandes-de-remboursements.com/?ff_landing=3
Strict-Transport-Security
max-age=15552000
Content-Length
0
Connection
keep-alive
style.min.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94442
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
7642
x-xss-protection
1; mode=block
last-modified
Fri, 24 Apr 2020 15:32:14 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"d159-5a40b11d01b80-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
coblocks-style.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/coblocks/dist/ 		148 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/coblocks/dist/coblocks-style.css?ver=628394406e10909f2cb57ad0bf6d0fae&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
96c70c520d9408e3a805cc498acfba892c12b6ade0cedeaa0b5b61baf3df526f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94239
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
20134
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 18:54:20 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"250a0-5a8604ddab383-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-subscribers-public.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/email-subscribers/lite/public/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=4.4.8&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
5803ac00778699dfa69a5f4fed086bf5c29164864bdb5b2f36fe0e3cc98736fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94442
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
671
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jun 2020 19:14:44 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"71e-5a874b4b2ea35-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/wp-stats-manager/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/wp-stats-manager/css/style.css?ver=1.0.0&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
4be47a3e988eb806cdf1130d325c76c051fd511609dc25dc378fd2fb2eeeb888
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94325
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
1848
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 23:01:33 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"2155-5a863c2008c40-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C700%7CKarla%3A400%2C400i%2C700&subset=latin%2Clatin-ext&ver=1.3.1
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0ff54c96c0442ecc008f937165105e9b1450901d41835311c6620e340bab066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Jun 2020 07:36:32 GMT
server
ESF
date
Mon, 22 Jun 2020 07:36:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jun 2020 07:36:32 GMT
style-shared.min.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/themes/go/dist/css/ 		179 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/themes/go/dist/css/style-shared.min.css?time=1592710438&ver=1.3.1
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
9ab782454a8195f5e0644b096ba1e0f9174e0e7d2d27b96bf922c79d8a41d78e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94326
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
22558
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 18:54:36 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"2ca26-5a8604ed7f811-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-welcoming.min.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/themes/go/dist/css/design-styles/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/themes/go/dist/css/design-styles/style-welcoming.min.css?time=1592710438&ver=1.3.1
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
16b65668f3ab72664aaa4e5b1cc0803ceb565c87d3f89c842aa84de6ef1a7a25
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94326
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
1643
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 18:54:36 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"1a66-5a8604ed97e46-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/newsletter/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/newsletter/style.css?ver=6.7.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
46bd8ddc9cc038f421d3811951239375c6d164ac71a0adb6b783247b7f169d02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94326
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
1200
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jun 2020 15:49:46 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"18be-5a871d7a474a0-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fluent-forms-public.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=3.5.6&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
5fba97c329d9c8eca4f9c2b36aab529bd70d061f3185cbc3a46db3ecaec016af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
3457
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 20:08:27 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"3c12-5a86156f6c175-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fluentform-public-default.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=3.5.6&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
c1bb6ed77d43272dbf20479cae9befa412a6831515d5b0aaa0209e3d164472df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
2730
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 20:08:27 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"3083-5a86156f6f71a-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
form_landing.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/css/ 		1 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/css/form_landing.css?ver=3.5.5&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
9bcaa04e6c81750b7e13bb5c7d237ffdecc02ce4e1ee2710f67b47a94e4fb99b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
356
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 19:38:30 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"475-5a860ebd2208b-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
33776
x-xss-protection
1; mode=block
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"17a69-5890dc7401880-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
4014
x-xss-protection
1; mode=block
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"2748-5333ff613c400-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-subscribers-public.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/email-subscribers/lite/public/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=4.4.8&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
34e35f893b634d5439db39f3c4f202ddc21aaf406e5724e8c118d513f086752f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
1458
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jun 2020 19:14:44 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"dd8-5a874b4b2b9a4-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
1200px-Caisse_d_allocations_familiales_france_logo.svg_.png
www.demandes-de-remboursements.com/wp-content/uploads/2020/06/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.demandes-de-remboursements.com/wp-content/uploads/2020/06/1200px-Caisse_d_allocations_familiales_france_logo.svg_.png
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.138.163 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-138-163.ip.secureserver.net
Software
openresty /
Resource Hash
712e9cd0cd0b38ca674b6bb40040fa6a2487872d8a98c8da8634dd1ba706a272
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
100619
x-cache
cached
status
200
content-length
125639
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 20:53:04 GMT
server
openresty
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
image/png
x-cache-hit
HIT
etag
"1eac7-5a861f687b3d3"
accept-ranges
bytes
intlTelInput.min.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/css/intlTelInput.min.css?ver=16.0.0&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
2914
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 19:38:30 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"4ad5-5a860ebd42db8-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
flatpickr.min.css
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/libs/flatpickr/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/libs/flatpickr/flatpickr.min.css?ver=5.4.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
4a302aebced7519b5a6a1d0aea77fada5a92e6975c383eebdf71f1c816799498
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
93730
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
2899
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 20:08:27 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"3b1b-5a86156f84469-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/themes/go/dist/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/themes/go/dist/js/frontend.min.js?time=1592710438&ver=1.3.1
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
1964a655ca942eaaee3cc66e012f9a06a947871d1f4ec83721f09fc9ca9cb36e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
10914
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 18:54:36 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"8497-5a8604ed74e52-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
validate.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/newsletter/subscription/ 		1 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/newsletter/subscription/validate.js?ver=6.7.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
717c288dc6b91d3c1774be2fcf06f0eccd923966e3df65bef32b78e26cc18b75
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
374
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jun 2020 15:49:43 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"441-5a871d77c7b80-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-submission.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/js/form-submission.js?ver=3.5.6&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
c9823bc6c8fb4535f532b496dd8eea3a7939ab8d74717fda9474a365274999bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
4422
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 20:08:27 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"325f-5a86156f2aa26-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.4.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
769
x-xss-protection
1; mode=block
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"59a-595c52fd2e6c0-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
intlTelInput.min.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/js/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/js/intlTelInput.min.js?ver=16.0.0&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
cc43f24d17e53906d84037c99c68333365b8a5a375f73efb7c33de509b6e9102
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
10637
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 19:38:30 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"6f10-5a860ebd3cc5c-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
flatpickr.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/libs/flatpickr/ 		111 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentform/public/libs/flatpickr/flatpickr.js?ver=5.4.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a39054b638c067744c38a64678fbacd3871765bc85eb3d1c3fb221c4753b471
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94140
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
22339
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 20:08:27 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"1bb6a-5a86156f81db9-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3414
date
Mon, 22 Jun 2020 06:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 22 Jun 2020 08:39:38 GMT
wp-emoji-release.min.js
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2&time=1592710438
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
94327
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
4653
x-xss-protection
1; mode=block
last-modified
Tue, 05 Nov 2019 22:04:02 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"364d-596a09c229880-gzip"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wsm_new.js
www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.138.163 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-138-163.ip.secureserver.net
Software
openresty /
Resource Hash
5240a7e7e091e90e5b42092996f0c7aa5f4d4a9e12be99da01f8f17d9527eac9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
100618
x-cache
cached
status
200
content-length
18443
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 23:01:33 GMT
server
openresty
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
none
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v7/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v7/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C700%7CKarla%3A400%2C400i%2C700&subset=latin%2Clatin-ext&ver=1.3.1
Origin
https://www.demandes-de-remboursements.com

Response headers

date
Wed, 10 Jun 2020 11:10:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:24:34 GMT
server
sffe
age
1023949
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45196
x-xss-protection
0
expires
Thu, 10 Jun 2021 11:10:43 GMT
qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v13/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v13/qkBbXvYC6trAT7RVLtyU5rZP.woff2
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C700%7CKarla%3A400%2C400i%2C700&subset=latin%2Clatin-ext&ver=1.3.1
Origin
https://www.demandes-de-remboursements.com

Response headers

date
Tue, 09 Jun 2020 22:02:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Dec 2019 17:40:34 GMT
server
sffe
age
1071227
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6332
x-xss-protection
0
expires
Wed, 09 Jun 2021 22:02:45 GMT
qkBWXvYC6trAT7zuC8m5xLtlmgzD.woff2
fonts.gstatic.com/s/karla/v13/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v13/qkBWXvYC6trAT7zuC8m5xLtlmgzD.woff2
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44a947b84d612dfbb0031de1b59f60bb6ba538445ae478cf4e0835ae856498c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C700%7CKarla%3A400%2C400i%2C700&subset=latin%2Clatin-ext&ver=1.3.1
Origin
https://www.demandes-de-remboursements.com

Response headers

date
Wed, 10 Jun 2020 00:47:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Dec 2019 17:40:47 GMT
server
sffe
age
1061352
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6796
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:47:20 GMT
qkBVXvYC6trAT7RQHt6e4ZRNkAQ.woff2
fonts.gstatic.com/s/karla/v13/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v13/qkBVXvYC6trAT7RQHt6e4ZRNkAQ.woff2
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d52a5849bfc48fb568104ae803a020a0c76260c0fdeac95c38200233f101ee5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Work+Sans%3A300%2C700%7CKarla%3A400%2C400i%2C700&subset=latin%2Clatin-ext&ver=1.3.1
Origin
https://www.demandes-de-remboursements.com

Response headers

date
Thu, 11 Jun 2020 05:21:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Dec 2019 17:40:40 GMT
server
sffe
age
958475
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6940
x-xss-protection
0
expires
Fri, 11 Jun 2021 05:21:57 GMT
/
ipinfo.io/ 		255 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: secureservercdn.net
URL: https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1592710438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2615.1e100.net
Software
/
Resource Hash
fc3a8463043d5e075ab2c296acb4cdee7d8766c328e0a6d9187f9533aa7d42cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Jun 2020 07:36:32 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
status
200
via
1.1 google
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
vary
Accept-Encoding
x-content-type-options
nosniff
flags.png
secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/img/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/img/flags.png
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-content/plugins/fluentformpro/public/libs/intl-tel-input/css/intlTelInput.min.css?ver=16.0.0&time=1592710438
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
293452
x-cache
cached
status
200
x-sucuri-cache
HIT
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
70857
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jun 2020 19:38:30 GMT
server
nginx
date
Mon, 22 Jun 2020 07:36:32 GMT
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
etag
"114c9-5a860ebd40895"
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=852245244&t=pageview&_s=1&dl=https%3A%2F%2Fwww.demandes-de-remboursements.com%2F%3Fff_landing%3D3&ul=en-us&de=UTF-8&dt=Accueil%20-%20Caf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=2022287339&gjid=1382240560&cid=2089822781.1592811392&tid=UA-170108840-1&_gid=808531430.1592811392&z=2084882804
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jun 2020 21:52:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1158218
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-170108840-1&cid=2089822781.1592811392&jid=2022287339&gjid=1382240560&_gid=808531430.1592811392&_u=YGBAgUABC~&z=357964415
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 22 Jun 2020 07:36:32 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.demandes-de-remboursements.com/ 		0
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.demandes-de-remboursements.com/?wmcAction=wmcTrack&action_name=Accueil%20-%20Caf&siteId=1&rec=1&rand=265446&h=9&m=36&s=32&url=https%3A%2F%2Fwww.demandes-de-remboursements.com%2F%3Fff_landing%3D3&uid=0&pid=19&visitorId=1c43b8fb0e3a072c&fvts=1592811392&vc=1&idn=0&refts=0&lvts=1592811392&fullRef=undefined&send_image=1&cookie=1&res=1600x1200&gtms=238&pvId=Jz0E4b&browser=Chrome_83&os=Mac%20OS%20X_10_14_5&device=Desktop
Requested by
Host: www.demandes-de-remboursements.com
URL: https://www.demandes-de-remboursements.com/?ff_landing=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.138.163 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-138-163.ip.secureserver.net
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.demandes-de-remboursements.com/?ff_landing=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Jun 2020 07:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:Forced
x-backend
all_requests
age
0
x-cache
uncached
status
200
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
pragma
no-cache
server
openresty
cache-control
no-store, no-cache, must-revalidate
vary
User-Agent
content-type
text/html; charset=UTF-8
x-cache-hit
MISS
content-security-policy
upgrade-insecure-requests
accept-ranges
none
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| arf_add_action function| arf_do_action object| arf_actions string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout string| GoogleAnalyticsObject function| __gaTracker object| _wpemojiSettings undefined| $ function| jQuery object| es_data object| jQuery1124031326596799090733 object| _wsm object| fluent_form_ff_form_instance_3_1 function| arf_open_modal_box_in_nav_menu object| GoText object| TenUp object| newsletter function| newsletter_check_field function| newsletter_check object| fluentFormVars object| wp object| intlTelInputGlobals function| intlTelInput function| flatpickr function| fluentFormrecaptchaSuccessCallback function| ffValidationError function| fluentFormApp object| twemoji object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| JSON_WSM number| width number| height object| clientInfo object| Wsm function| wsm_log

6 Cookies

Domain/Path Name / Value
www.demandes-de-remboursements.com/ Name: _wsm_ses_1_52d4
Value: *
.demandes-de-remboursements.com/ Name: _gat
Value: 1
.demandes-de-remboursements.com/ Name: _ga
Value: GA1.2.2089822781.1592811392
www.demandes-de-remboursements.com/ Name: _wsm_id_1_52d4
Value: 1c43b8fb0e3a072c.1592811392.1.1592811392.1592811392
.demandes-de-remboursements.com/ Name: _gid
Value: GA1.2.808531430.1592811392
www.demandes-de-remboursements.com/ Name: PHPSESSID
Value: ufshpdt01k827ef1i2pp056m0a

7 Console Messages

Source Level URL
Text
console-api log URL: https://secureservercdn.net/160.153.138.163/77j.742.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1592710438(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js(Line 453)
Message:
Sha1= www.demandes-de-remboursements.com/
console-api log URL: https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js(Line 1225)
Message:
visitorUUID Test=0
console-api log URL: https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js(Line 453)
Message:
Sha1= Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36Linux x86_6415928113924710.9788722344629781
console-api log URL: https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js(Line 1225)
Message:
visitorUUID Test=0
console-api log URL: https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js(Line 453)
Message:
Sha1= Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36Linux x86_6415928113924720.7793097606551818
console-api log URL: https://www.demandes-de-remboursements.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js(Line 317)
Message:
Ready

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ipinfo.io
rebrand.ly
secureservercdn.net
stats.g.doubleclick.net
www.demandes-de-remboursements.com
www.google-analytics.com
160.153.138.163
216.239.38.21
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2003
2a00:1450:400c:c04::9c
2a02:fe80:1010::16
3.208.128.113
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0a39054b638c067744c38a64678fbacd3871765bc85eb3d1c3fb221c4753b471
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
16b65668f3ab72664aaa4e5b1cc0803ceb565c87d3f89c842aa84de6ef1a7a25
1964a655ca942eaaee3cc66e012f9a06a947871d1f4ec83721f09fc9ca9cb36e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
34e35f893b634d5439db39f3c4f202ddc21aaf406e5724e8c118d513f086752f
44a947b84d612dfbb0031de1b59f60bb6ba538445ae478cf4e0835ae856498c3
46bd8ddc9cc038f421d3811951239375c6d164ac71a0adb6b783247b7f169d02
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a302aebced7519b5a6a1d0aea77fada5a92e6975c383eebdf71f1c816799498
4be47a3e988eb806cdf1130d325c76c051fd511609dc25dc378fd2fb2eeeb888
5240a7e7e091e90e5b42092996f0c7aa5f4d4a9e12be99da01f8f17d9527eac9
5803ac00778699dfa69a5f4fed086bf5c29164864bdb5b2f36fe0e3cc98736fb
5fba97c329d9c8eca4f9c2b36aab529bd70d061f3185cbc3a46db3ecaec016af
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
712e9cd0cd0b38ca674b6bb40040fa6a2487872d8a98c8da8634dd1ba706a272
717c288dc6b91d3c1774be2fcf06f0eccd923966e3df65bef32b78e26cc18b75
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96c70c520d9408e3a805cc498acfba892c12b6ade0cedeaa0b5b61baf3df526f
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9ab782454a8195f5e0644b096ba1e0f9174e0e7d2d27b96bf922c79d8a41d78e
9bcaa04e6c81750b7e13bb5c7d237ffdecc02ce4e1ee2710f67b47a94e4fb99b
b0ff54c96c0442ecc008f937165105e9b1450901d41835311c6620e340bab066
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c1bb6ed77d43272dbf20479cae9befa412a6831515d5b0aaa0209e3d164472df
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
c9823bc6c8fb4535f532b496dd8eea3a7939ab8d74717fda9474a365274999bd
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
cc43f24d17e53906d84037c99c68333365b8a5a375f73efb7c33de509b6e9102
d52a5849bfc48fb568104ae803a020a0c76260c0fdeac95c38200233f101ee5c
d6aea2b650b8daae877ca939be921fda38c1f03e9c3cc654a88dae8f40961774
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc3a8463043d5e075ab2c296acb4cdee7d8766c328e0a6d9187f9533aa7d42cd
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955