urlscan.io logo urlscan.io
SecurityTrails logo

rachat-credits.saintlouisasete.fr Open in urlscan Pro
172.67.136.132  Public Scan

Go To Rescan Add Verdict Report
URL: https://rachat-credits.saintlouisasete.fr/
Submission: On October 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 87 HTTP transactions. The main IP is 172.67.136.132, located in United States and belongs to CLOUDFLARENET, US. The main domain is rachat-credits.saintlouisasete.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2021. Valid for: a year.
This is the only time rachat-credits.saintlouisasete.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 172.67.136.132 13335 (CLOUDFLAR...)
3 142.250.185.234 15169 (GOOGLE)
42 109.234.161.39 50474 (O2SWITCH)
9 142.250.186.163 15169 (GOOGLE)
2 142.250.186.136 15169 (GOOGLE)
2 142.250.185.142 15169 (GOOGLE)
11 18.66.112.85 16509 (AMAZON-02)
2 63.32.164.74 16509 (AMAZON-02)
3 104.18.11.207 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
1 35.205.207.25 15169 (GOOGLE)
87 11
11    172.67.136.132 (United States)

ASN13335 (CLOUDFLARENET, US)
rachat-credits.saintlouisasete.fr
3    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
42    109.234.161.39 (France)

ASN50474 (O2SWITCH, FR)
PTR: pablo.o2switch.net
www.buy-the-best-offers.com
9    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
11    18.66.112.85 (United States)

ASN16509 (AMAZON-02, US)
static.devisprox.com
2    63.32.164.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-164-74.eu-west-1.compute.amazonaws.com
webservice.devisprox.com
3    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
ajax.googleapis.com
1    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
Domain Requested by
42 www.buy-the-best-offers.com rachat-credits.saintlouisasete.fr
www.buy-the-best-offers.com
11 static.devisprox.com www.buy-the-best-offers.com
webservice.devisprox.com
11 rachat-credits.saintlouisasete.fr rachat-credits.saintlouisasete.fr
9 fonts.gstatic.com fonts.googleapis.com
3 maxcdn.bootstrapcdn.com webservice.devisprox.com
maxcdn.bootstrapcdn.com
3 fonts.googleapis.com rachat-credits.saintlouisasete.fr
www.buy-the-best-offers.com
2 webservice.devisprox.com static.devisprox.com
webservice.devisprox.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.buy-the-best-offers.com
webservice.devisprox.com
1 ads.avads.net webservice.devisprox.com
1 ajax.googleapis.com webservice.devisprox.com
87 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-19 -
2022-04-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
buy-the-best-offers.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
static.devisprox.com
Amazon		 2021-06-15 -
2022-07-14		 a year crt.sh
*.devisprox.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.avads.net
Go Daddy Secure Certificate Authority - G2		 2021-02-10 -
2022-02-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://rachat-credits.saintlouisasete.fr/
Frame ID: 149EAFD05883679F3D03700FFE1F9463
Requests: 13 HTTP requests in this frame

Frame: https://www.buy-the-best-offers.com/?page_id=100
Frame ID: 5751D5575ED8B3A498CEE2D7C23BF948
Requests: 55 HTTP requests in this frame

Frame: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Frame ID: 763184935363E98D0EC7BFFC91169AC3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rachat de crédits | Regroupez vos crédits en ligne

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • elementor/assets/js/[^/]+\.js\?ver=([\d.]+)$
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

87
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

1149 kB
Transfer

3453 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rachat-credits.saintlouisasete.fr/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3087791ed752cfba8403c99e09febdf5dfae9bb61737f5972f22772ecb703e7

Request headers

:method
GET
:authority
rachat-credits.saintlouisasete.fr
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-type
text/html; charset=UTF-8
link
<https://rachat-credits.saintlouisasete.fr/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b2sNesYHkxaZUSf71X4plb1cc0AsAS71dO4m1Qn%2BfQiHsM%2BLRa5j4LlmgdqeRq2bvutkoEzDYi1UsDmhjGbpjhvG4u8TP1kTVAdaDubLgPxUuI%2BAw%2BQs%2Fj63%2B14YFicJhZxHNJI3KnhwI4GMnhuGdxXzR0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69e4f8b72a1853c8-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
rachat-credits.saintlouisasete.fr/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-includes/css/dist/block-library/style.min.css?ver=5.4.7
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.4.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Apr 2020 23:10:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb%2BiYfJs0l%2B7kshAMOfvNzaKQb06Qj2vVohBMIF5b6JNW2ty7IXrSCQq8t%2FORSXEo6qgvhcdd1P9Ma8jXpvpn7VVItJkGgicZ3fLAbOV2JAlDQd6rTSSPMFNwSogD7utpOIqHizbFppLo24ycqIPlHUNVFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9ed753c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wpp.css
rachat-credits.saintlouisasete.fr/wp-content/plugins/wordpress-popular-posts/assets/css/ 		1 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.2.1
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c

Request headers

:path
/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Jul 2020 14:45:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ul6s%2FJsfSdvybIngJ2kjxkHJvfRxRuinNPDxX1Rp1ec09sSywSqWRW0gkHVDN78ISbiIfykIkq7UqxEXlJG1g%2BKEFUqzEGYZLFjr7xW3%2BAK77HiMUpBQhEXHLotyGzobn%2Bjux2g37hSMMtpUlwLwZRZasc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9ed953c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
d96e654e642a2fb3cd54fdf2a558aeade83c51184b0407c1225929b71efd1d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 00:36:10 GMT
server
ESF
date
Fri, 15 Oct 2021 00:36:10 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 15 Oct 2021 00:36:10 GMT
font-awesome.min.css
rachat-credits.saintlouisasete.fr/wp-content/themes/glob/assets/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-content/themes/glob/assets/css/font-awesome.min.css?ver=4.5
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830

Request headers

:path
/wp-content/themes/glob/assets/css/font-awesome.min.css?ver=4.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jun 2019 23:09:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QWqmFejcvhcCsW9evQz0UIHs51IGvGK5J%2B%2B99pQBC4xIGWDVfwIXFLD%2BC8vOf7blPBvST%2FM0su7dnkVneayX9%2Brm%2B3C6DB%2FHTQI9w35O5JCxI%2FoI5f9KZ%2BzijlRt%2Bgzd3z3XeX5YzvDdPCAOuTwq%2B30zj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9edb53c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
rachat-credits.saintlouisasete.fr/wp-content/themes/glob/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-content/themes/glob/style.css?ver=0.1.3
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed010f7551d024d4953eb2be21c55604121a528fc090ebb9fceaa3ff9e038d3

Request headers

:path
/wp-content/themes/glob/style.css?ver=0.1.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jun 2019 23:09:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MG0aoepmRzknpPEwC9Ct1swNEiocpCKx%2BKiLwSHhLkr3%2Fx3rlfmHonz0h0ZwRYj0SITo0ycpyVOwd2Fanx6rCn6K5TdeSh0GlLllWDBFRVAHT1Vg1wEFmDVz4uMM3mq8gnABLhAlTWhY0I6oXzy6FFM2rGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9edc53c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
iframe-cloaking.css
rachat-credits.saintlouisasete.fr/wp-content/plugins/bhs-generator/assets/front/css/ 		340 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-content/plugins/bhs-generator/assets/front/css/iframe-cloaking.css?ver=5.4.7
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6757fce562209b6c5c6d683cf186e0c0464a77febd7f39a0d132df8308d6eca

Request headers

:path
/wp-content/plugins/bhs-generator/assets/front/css/iframe-cloaking.css?ver=5.4.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jul 2019 09:08:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8j73fRqQlQ8Ven5GX%2BODIH1rdjObbG9qyNUh3GbXJvE6JhC6ED4cWk38e4E767nWaO6Sp91Tz9XJT%2B4wLlo4J7EQn%2FEOuCXooLnMIPeytpqFIZHo%2BWABHA7Uw6RCr9k6iTwvf3Rox7X%2F1tZAYDK0rfskQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9edd53c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wpp-5.2.1.min.js
rachat-credits.saintlouisasete.fr/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.2.1.min.js?ver=5.2.1
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Request headers

:path
/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.2.1.min.js?ver=5.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Jul 2020 14:45:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pwZ64h83ba3bfIr%2FgW4DJ4KLlHxRQywXQK9ZrRvdFV2xDnzkr7L2t6Gt6awlLQhQGzaW24vTK%2FUX6rS14eElsCICER9w7aimq0TfMx68LQ4F8Pj5Xd1GfzvsMqnLsVytYEiDhxsvOdCfg%2Fgu9UFypQdEl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9ede53c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.js
rachat-credits.saintlouisasete.fr/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jun 2019 23:09:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhxckkHveq6BnaoLDflWlYMADDyRfnWdtrDtB5r75Q3KrRSg0bkKjsQYftm%2BIviHpJPBaVJXFCJn5JcRqeaeKRRCz2IQ3YxsPjVVb6nwAf50B7dM3JJlka8AvW%2FrdHB0fgQx0aw%2Fd8ucDwaNcZX0A%2BeK70A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9edf53c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
rachat-credits.saintlouisasete.fr/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jun 2019 23:09:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GuIH4xXzG%2FufIuP7sA5n%2FNMXEx3xN1%2FtmGG9wkJ6MkbLCUujXDOCMCzY3qehhaGUM2WeglUgllviY5nu3GF06GcWi%2BKWRFWzMG9DmDD88Ym8gkNPoGiowyGuRQfFNHiI4nShfWBgih%2B0HIqLAntg74MKz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9ee053c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
classie.js
rachat-credits.saintlouisasete.fr/wp-content/themes/glob/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-content/themes/glob/assets/js/classie.js?ver=1
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8172022b868ca3aeb54ba913369f7be1f72d387e0c4156465fb31855e0acaac6

Request headers

:path
/wp-content/themes/glob/assets/js/classie.js?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Jun 2019 23:09:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey5gvBqXFP3bQHxlX31oKBYupBV4d0SJeDP7aaeWxRYoZWglD001zXTksvDW9ben6az44XeJYrzlfjEHxDyBzb8mQKn88X%2BVg%2B5F1HFNs%2FMrAndXY6x89HrGiBPKUMlXnSt2axugmscO%2B47stvJ2TFxqN94%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bc9ee353c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-emoji-release.min.js
rachat-credits.saintlouisasete.fr/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rachat-credits.saintlouisasete.fr/wp-includes/js/wp-emoji-release.min.js?ver=5.4.7
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.4.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
rachat-credits.saintlouisasete.fr
referer
https://rachat-credits.saintlouisasete.fr/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Jun 2021 07:40:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZC5hAhbzLGif47T2PPV49KHBQ9lfK7BwtfO9aZvh0zSp3I3x7PJdQJELRLiyuAaKFYW%2BPKsyN%2BKxXiPZ9ivcQR8u2pz60oPNznh6bOUDQ76fvRKmAxcU%2Fw%2Bx6NvtMFdisfJtAdDdkZDPNp7FP2tDdrsLyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69e4f8bd487965ac-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rac.html
www.buy-the-best-offers.com/redirect/ Frame 5751 		598 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/redirect/rac.html?utm_source=RACStLouis&utm_medium=bhs&utm_campaign=RAC
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
ffcaf3335910a5a1f3359f599113e4ccbf54521276400b144f28bf82c3f1d914

Request headers

:method
GET
:authority
www.buy-the-best-offers.com
:scheme
https
:path
/redirect/rac.html?utm_source=RACStLouis&utm_medium=bhs&utm_campaign=RAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rachat-credits.saintlouisasete.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rachat-credits.saintlouisasete.fr/

Response headers

date
Fri, 15 Oct 2021 00:36:09 GMT
content-type
text/html
content-length
598
last-modified
Wed, 26 Jun 2019 15:18:16 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3#038;subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rachat-credits.saintlouisasete.fr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 17:03:52 GMT
x-content-type-options
nosniff
age
27138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 17:03:52 GMT
js
www.googletagmanager.com/gtag/ Frame 5751 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-142476088-1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/redirect/rac.html?utm_source=RACStLouis&utm_medium=bhs&utm_campaign=RAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
89a60e990a2b699d187efa570cc6f320bbd6bc15498b5cdfb1cc8f9e67e0e2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Oct 2021 00:36:10 GMT
analytics.js
www.google-analytics.com/ Frame 5751 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-142476088-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
6553
date
Thu, 14 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 15 Oct 2021 00:46:57 GMT
/
www.buy-the-best-offers.com/ Frame 5751 		47 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/?page_id=100
Requested by
Host: rachat-credits.saintlouisasete.fr
URL: https://rachat-credits.saintlouisasete.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
83c083d8e839181d20d315fee86e22170d86ff7ce42947a45ab57159df2bd52b

Request headers

:method
GET
:authority
www.buy-the-best-offers.com
:scheme
https
:path
/?page_id=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.buy-the-best-offers.com/redirect/rac.html?utm_source=RACStLouis&utm_medium=bhs&utm_campaign=RAC
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/redirect/rac.html?utm_source=RACStLouis&utm_medium=bhs&utm_campaign=RAC

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://www.buy-the-best-offers.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://www.buy-the-best-offers.com/index.php?rest_route=/wp/v2/pages/100>; rel="alternate"; type="application/json", <https://www.buy-the-best-offers.com/?p=100>; rel=shortlink
server
o2switch-PowerBoost-v3
content-encoding
br
style.min.css
www.buy-the-best-offers.com/wp-includes/css/dist/block-library/ Frame 5751 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.6
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Wed, 16 Sep 2020 10:13:33 GMT
server
o2switch-PowerBoost-v3
etag
W/"21586-1634200983;;;"
vary
Accept-Encoding
content-type
text/css
theme.min.css
www.buy-the-best-offers.com/wp-includes/css/dist/block-library/ Frame 5751 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.6
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Wed, 16 Sep 2020 10:13:33 GMT
server
o2switch-PowerBoost-v3
etag
W/"21587-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
style.css
www.buy-the-best-offers.com/wp-content/plugins/bazooka-shopping/css/ Frame 5751 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/bazooka-shopping/css/style.css?ver=7
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
e2d120c86b938c72c0374a47cdbae0b31b19c6573237fa7507d5134b73338be6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:28 GMT
server
o2switch-PowerBoost-v3
etag
W/"21588-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
bb1487356.min.css
www.buy-the-best-offers.com/wp-content/uploads/essential-addons-elementor/ Frame 5751 		58 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/essential-addons-elementor/bb1487356.min.css?ver=1634258170
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
212b3492dd60ba08a5dac3470966f67546f298ecd99f03d11ee9a9d21fb10475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
miss
last-modified
Sun, 19 Sep 2021 15:37:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"22049-1634258171;;;"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ Frame 5751 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
14c5ee16c0e86b086e97c10427228797a2c54179e1f5dda1a9e45fa8f691aecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 22:48:05 GMT
server
ESF
date
Fri, 15 Oct 2021 00:36:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 15 Oct 2021 00:36:11 GMT
genericons.css
www.buy-the-best-offers.com/wp-content/themes/twentysixteen/genericons/ Frame 5751 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:19:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"21590-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
style.css
www.buy-the-best-offers.com/wp-content/themes/twentysixteen/ Frame 5751 		69 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/themes/twentysixteen/style.css?ver=20201208
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
d7b512fba3688ed5858e2d1ef154ce25c00323fcf77c381d170be53ec43d93f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:19:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"21591-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
blocks.css
www.buy-the-best-offers.com/wp-content/themes/twentysixteen/css/ Frame 5751 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20190102
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
257c9866361d681e41bf46c77af539012c904980357226b4f1d2ae7df7b12f7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:19:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"21592-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
elementor-icons.min.css
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/eicons/css/ Frame 5751 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.12.0
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
8da4ba63c0631c15e1fbebacc34c51ddf4d51b8b2bd7a6c9a3885e913f408301

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21593-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
frontend-legacy.min.css
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/css/ Frame 5751 		4 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
8c155d1fe7be0878125c8d488ee105bd24fb5e5b24d14c30f630112f856e839c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21594-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
frontend.min.css
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/css/ Frame 5751 		120 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
98825588378b6af479f05fd9a60da82705cc2b79e276d53976e9997a0be5f2b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21595-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
post-214.css
www.buy-the-best-offers.com/wp-content/uploads/elementor/css/ Frame 5751 		2 KB
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/elementor/css/post-214.css?ver=1628165831
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
2815971661cf64e44f4f0e804745b4dfaa13e92238bd4e44813c17258c4c301e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:17:11 GMT
server
o2switch-PowerBoost-v3
etag
W/"21596-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
all.min.css
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5751 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.8.2
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21597-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
v4-shims.min.css
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5751 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.8.2
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21598-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
global.css
www.buy-the-best-offers.com/wp-content/uploads/elementor/css/ Frame 5751 		9 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/elementor/css/global.css?ver=1628165831
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
e5fe4e53a415a5f502557e16c982d4d1b6e63006a8d15858cb3c9c67147cb308

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:17:11 GMT
server
o2switch-PowerBoost-v3
etag
W/"21599-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
post-100.css
www.buy-the-best-offers.com/wp-content/uploads/elementor/css/ Frame 5751 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/elementor/css/post-100.css?ver=1628209094
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
bb45c1fab2f60b4051fabb5bab1046ddb80d716ed6ee57da72637d7a15a8284d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
miss
last-modified
Fri, 06 Aug 2021 00:18:14 GMT
server
o2switch-PowerBoost-v3
etag
W/"22050-1634258171;;;"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ Frame 5751 		71 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.5.6
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
a2f5827f37602f0ada4640790bc6387b4facf76dfa80fc69307d5666588f70df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 00:08:14 GMT
server
ESF
date
Fri, 15 Oct 2021 00:36:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 15 Oct 2021 00:36:11 GMT
jquery.js
www.buy-the-best-offers.com/wp-includes/js/jquery/ Frame 5751 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Wed, 19 Jun 2019 11:58:01 GMT
server
o2switch-PowerBoost-v3
etag
W/"21601-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
v4-shims.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ Frame 5751 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=4.8.2
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21602-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
animations.min.css
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/animations/ Frame 5751 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21606-1634200984;;;"
vary
Accept-Encoding
content-type
text/css
script.js
www.buy-the-best-offers.com/wp-content/plugins/bazooka-shopping/js/ Frame 5751 		331 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/bazooka-shopping/js/script.js?ver=4
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
0493ef6ff8b4717b6f9a16218fc5c093690c10da28ac92ee356efc48021a9066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:28 GMT
server
o2switch-PowerBoost-v3
etag
"21607-1634200984;;;"
content-type
application/javascript
accept-ranges
bytes
content-length
331
track.js
www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/ Frame 5751 		467 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/track.js?ver=1.4.0
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
28b7ba8c7c9b5af279fb1df57bdf65115df739b67e0737d9076a6f3306b9f0c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
x-lsadc-cache
hit
last-modified
Thu, 14 Oct 2021 08:22:17 GMT
server
o2switch-PowerBoost-v3
etag
"21582-1634199738;;;"
content-type
application/javascript
accept-ranges
bytes
content-length
467
bb1487356.min.js
www.buy-the-best-offers.com/wp-content/uploads/essential-addons-elementor/ Frame 5751 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/essential-addons-elementor/bb1487356.min.js?ver=1634258170
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
54adbcef38890d81a50c5c65557b6740dfb683e037e4862ddc8596a49689eaa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
miss
last-modified
Sun, 19 Sep 2021 15:37:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"22051-1634258171;;;"
vary
Accept-Encoding
content-type
application/javascript
skip-link-focus-fix.js
www.buy-the-best-offers.com/wp-content/themes/twentysixteen/js/ Frame 5751 		1 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:19:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"21609-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
functions.js
www.buy-the-best-offers.com/wp-content/themes/twentysixteen/js/ Frame 5751 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
63f3a8e5cdabac89c583c9d8dd2337f096e16a2bdb531f705df453a1c00d3b6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 12:19:56 GMT
server
o2switch-PowerBoost-v3
etag
W/"21610-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
wp-embed.min.js
www.buy-the-best-offers.com/wp-includes/js/ Frame 5751 		1 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-includes/js/wp-embed.min.js?ver=5.5.6
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 15 Apr 2021 21:33:51 GMT
server
o2switch-PowerBoost-v3
etag
W/"21611-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
webpack.runtime.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/ Frame 5751 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
6e46b1ca12ff39f3ff3f8da5bf691cc03e9e896c9eeb20685e98d622eebfdcc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21616-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
frontend-modules.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/ Frame 5751 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
dabc35303b9836b92014a59be540691515312f3af112ffe57b6dbdefb8f8c77e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21617-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
waypoints.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/waypoints/ Frame 5751 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21618-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
position.min.js
www.buy-the-best-offers.com/wp-includes/js/jquery/ui/ Frame 5751 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 15 Apr 2021 21:33:51 GMT
server
o2switch-PowerBoost-v3
etag
W/"21619-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
swiper.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/swiper/ Frame 5751 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21620-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
share-link.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/share-link/ Frame 5751 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:10 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21621-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
dialog.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/dialog/ Frame 5751 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21622-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
frontend.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/ Frame 5751 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
f66a12b374f51d5ff9b6b578b651b27a5eb0ee168ac53f796f3a90b7ef630a93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21623-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
preloaded-modules.min.js
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/ Frame 5751 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.3.1
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
6dc267c8b59839710feb0eca9a2b0674bc1ed663034099529dd882997476e684

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
etag
W/"21624-1634200984;;;"
vary
Accept-Encoding
content-type
application/javascript
whitelabelforms.js
static.devisprox.com/ Frame 5751 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/whitelabelforms.js
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
8b42da67206fe683363cbe4f28033e070ba92030947cf4d74ffd640d1f76357a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 23:40:23 GMT
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
server
Apache/2.2.22 (Debian)
age
3348
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
yk-XWAyo_lMV2PHge_IW9erF8MDmmL13-y3F37ptbVZ4YijNt4Sp0Q==
expires
Fri, 15 Oct 2021 00:40:23 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 5751 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.5.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 14:39:52 GMT
x-content-type-options
nosniff
age
381379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:39:52 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 5751 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.5.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 15:00:06 GMT
x-content-type-options
nosniff
age
293765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 15:00:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5751 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.5.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options
nosniff
age
115466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5751 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.5.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
115470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:41 GMT
fa-solid-900.woff2
www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame 5751 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://www.buy-the-best-offers.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.8.2
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
last-modified
Thu, 05 Aug 2021 10:40:10 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
78196
content-type
font/woff2
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ Frame 5751 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 07:06:11 GMT
x-content-type-options
nosniff
age
322200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19696
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 07:06:11 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v25/ Frame 5751 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:45:44 GMT
x-content-type-options
nosniff
age
309027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19728
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:45:44 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 5751 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 07:30:39 GMT
x-content-type-options
nosniff
age
320732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 07:30:39 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ Frame 5751 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buy-the-best-offers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 20:15:50 GMT
x-content-type-options
nosniff
age
274821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 20:15:50 GMT
mensualite.png
www.buy-the-best-offers.com/wp-content/uploads/2019/06/ Frame 5751 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/2019/06/mensualite.png
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
142ea128cc06edce1f8737a5ad992b3f1afd08270172146ecb1ae2eb8fc672c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
last-modified
Wed, 26 Jun 2019 09:52:36 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
3037
content-type
image/png
dette.png
www.buy-the-best-offers.com/wp-content/uploads/2019/06/ Frame 5751 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/2019/06/dette.png
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
af1a5852f414e4caf9c990b843fe73bba5e88c8d2e186cafc0551280023d1314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
last-modified
Wed, 26 Jun 2019 09:52:36 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
2136
content-type
image/png
budget.png
www.buy-the-best-offers.com/wp-content/uploads/2019/06/ Frame 5751 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/2019/06/budget.png
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
c70f0859309f2ee4899e039dfe22239cd2d05e66afc3d354a279e7ab14294b80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
last-modified
Wed, 26 Jun 2019 09:52:37 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
1793
content-type
image/png
image-68.png
www.buy-the-best-offers.com/wp-content/uploads/2019/06/ Frame 5751 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buy-the-best-offers.com/wp-content/uploads/2019/06/image-68.png
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
bd5079e019a8123b35220ae8b3c2f713929c8387a9328b3338ca948b501de14e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:11 GMT
last-modified
Wed, 26 Jun 2019 12:02:19 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
29251
content-type
image/png
piwik.php
www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/ Frame 5751 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/piwik.php
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/track.js?ver=1.4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
cache
date
Fri, 15 Oct 2021 00:36:11 GMT
content-encoding
br
x-lsadc-cache
hit
last-modified
Mon, 11 Oct 2021 07:26:16 GMT
server
o2switch-PowerBoost-v3
etag
W/"19760-1633937175;;;"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800
expires
Mon, 18 Oct 2021 07:26:16 GMT
Cookie set formulaire.php
webservice.devisprox.com/ Frame 7631 		590 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Requested by
Host: static.devisprox.com
URL: https://static.devisprox.com/whitelabelforms.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.164.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-164-74.eu-west-1.compute.amazonaws.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
935de72e6f2cafea4c70abd0719e7f25eafeb34871957fd160cfa4c1f9feb13c

Request headers

Host
webservice.devisprox.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.buy-the-best-offers.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/

Response headers

Date
Fri, 15 Oct 2021 00:36:12 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
Apache/2.2.22 (Debian)
Cache-Control
private, max-age=0
Set-Cookie
xid=00967157317b29dba9b4ae31bc977b94; path=/; domain=.devisprox.com
p3p
CP='ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV'
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
piwik.php
www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/ Frame 5751 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buy-the-best-offers.com/wp-content/plugins/matomo-tracker/inc/frontend/piwik.php?action_name=Regroupement%20de%20cr%C3%A9dits%20-%20Buy%20The%20Best%20Offers&idsite=7&rec=1&r=395317&h=0&m=36&s=12&url=https%3A%2F%2Fwww.buy-the-best-offers.com%2F%3Fpage_id%3D100&urlref=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&_id=a4417ba0190b4a64&_idts=1634258172&_idvc=1&_idn=1&_refts=0&_viewts=1634258172&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=622&pv_id=2EjB7I
Requested by
Host: www.buy-the-best-offers.com
URL: https://www.buy-the-best-offers.com/?page_id=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.39 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
pablo.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buy-the-best-offers.com/?page_id=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:12 GMT
content-type
image/gif
server
o2switch-PowerBoost-v3
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ Frame 7631 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
15130714
cdn-cachedat
2021-03-10 20:26:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d51e4acffbb0c715197a27b396f5e31f
cf-ray
69e4f8c9fc632193-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.min.ws-1472542993.css
static.devisprox.com/css/q_v4/ Frame 7631 		97 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/css/q_v4/bootstrap.min.ws-1472542993.css
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
b72299720c47009e48c4e0e9f7932c1bf66be187dd2f9b59e6c3bb9e31d21fc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 06:55:17 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2016 07:43:13 GMT
server
Apache/2.2.22 (Debian)
age
21922855
etag
"285306-18344-53b452203a640"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
16201
x-amz-cf-id
5iYohk13ceIDyqdJ0XX8fmpxe7tSuwxo77sv3r8C-1AqVeZ5iD8HDg==
expires
Thu, 30 Dec 2021 06:55:17 GMT
jquery-ui.min-1464877581.css
static.devisprox.com/css/q_v4/ Frame 7631 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/css/q_v4/jquery-ui.min-1464877581.css
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
5ff1abf6d216b971f09eb56f35e360eded9b8dececc76645987dda7a1944dea9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 12:21:15 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2016 14:26:21 GMT
server
Apache/2.2.22 (Debian)
age
21816897
etag
"6cd1a-3e5b-5344c63dadd40"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
3167
x-amz-cf-id
c5WyEGTMR20dVdPfC7sQF2tqoVyIcuj-QXsbprBxNUSvMtWjG0OW5g==
expires
Fri, 31 Dec 2021 12:21:15 GMT
bootstrap-slider.min-1464877635.css
static.devisprox.com/css/q_v4/ Frame 7631 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/css/q_v4/bootstrap-slider.min-1464877635.css
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
85f4e34130299ad75219e636a4ba4ef407e3d129ed8a561c2838f82464a80aaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:13:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2016 14:27:15 GMT
server
Apache/2.2.22 (Debian)
age
7860145
etag
"1b5e24-1d0b-5344c6712d6c0"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
1607
x-amz-cf-id
NdmyHLWo6VJX0p4lJskAxusoKtZL33XJq-dVsoqxUYvBeZ9ewyvJag==
expires
Sat, 11 Jun 2022 01:13:47 GMT
modernizr.min-1353065612.js
static.devisprox.com/js/ Frame 7631 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/modernizr.min-1353065612.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
cb0f844a186359bc21313ace1647e9ddea8562a88ee335a71fadbf7576a7f217

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 01:53:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Nov 2012 11:33:32 GMT
server
Apache/2.2.22 (Debian)
age
21854566
etag
"70af8-4236-4ce9b23293b00"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
6821
x-amz-cf-id
qfXkrcn3eYBSvCpEejxaEuPwNLVHfqF6_vrr3ZoI4W1qVl1J4EDjuw==
expires
Fri, 31 Dec 2021 01:53:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame 7631 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:13:47 GMT
x-content-type-options
nosniff
age
390145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89501
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Mon, 10 Oct 2022 12:13:47 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 7631 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
15130676
cdn-cachedat
2021-03-10 20:26:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9e5c01b93bbe3f098f57021adb3300f3
cf-ray
69e4f8c9fc652193-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ Frame 7631 		197 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K72ZNXK
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
55db82e6a652769b749466433bd7a02737a4762d2dff934d5d59515f4e1050a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62990
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Oct 2021 00:36:12 GMT
close.png
webservice.devisprox.com/img/sites_v4/icons/ Frame 7631 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webservice.devisprox.com/img/sites_v4/icons/close.png
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.164.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-164-74.eu-west-1.compute.amazonaws.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
b6e50abba6c3fccf3f42e90890b3a8d118ee06fa84d8a438ba6903422fb04fdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 00:36:12 GMT
Last-Modified
Wed, 16 May 2018 13:50:23 GMT
Server
Apache/2.2.22 (Debian)
ETag
"175c1e-617-56c530014c5c0"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1559
Expires
Sat, 10 Sep 2022 00:36:12 GMT
bootstrap.min-1456327251.js
static.devisprox.com/js/q_v4/ Frame 7631 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/q_v4/bootstrap.min-1456327251.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 02:57:46 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2016 15:20:51 GMT
server
Apache/2.2.22 (Debian)
age
21505106
etag
"20e86c-7c4b-52c859c78fac0"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
8535
x-amz-cf-id
-9TU6XCHO1IkGxN5yHV5I3tESjqRgC-kmvay9tChCjOy-Sdvj_QYNA==
expires
Tue, 04 Jan 2022 02:57:46 GMT
bootstrap-slider.min-1463143300.js
static.devisprox.com/js/q_v4/ Frame 7631 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/q_v4/bootstrap-slider.min-1463143300.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
52a7240bf6d58796cdb26d0c6909712f8307b9c9361e6d91b691c2e70696d2a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 03:08:26 GMT
content-encoding
gzip
last-modified
Fri, 13 May 2016 12:41:40 GMT
server
Apache/2.2.22 (Debian)
age
21850066
etag
"73a02-76ec-532b898a6e900"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
7474
x-amz-cf-id
X6qyL_aKs6fwUt6S6g1xinYAquLEOh9JiWgxC7ierG4U__wqp-owuA==
expires
Fri, 31 Dec 2021 03:08:26 GMT
jquery.bootstrap.wizard-1456327251.js
static.devisprox.com/js/q_v4/ Frame 7631 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/q_v4/jquery.bootstrap.wizard-1456327251.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
034bd144eefe11e882cd5fe552bbea6c38d550c8c6d940d16a2a8b17ebdf09a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 08:03:35 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2016 15:20:51 GMT
server
Apache/2.2.22 (Debian)
age
11032357
etag
"20e86f-2c24-52c859c78fac0"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
2753
x-amz-cf-id
Eha0Wrg83W7wlnelJ8bCa1zirgMPjOZY67aDH8N8PiXTvaLB6QX_6g==
expires
Thu, 05 May 2022 08:03:35 GMT
jquery.mask.all-1522781044.js
static.devisprox.com/js/q_v4/ Frame 7631 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/q_v4/jquery.mask.all-1522781044.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
990830e01bc9e633124a39b5cf2f5bdcfcdf8afa6686d43b8e90334dce690c00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 07:26:29 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 18:44:04 GMT
server
Apache/2.2.22 (Debian)
age
22266583
etag
"20e870-28a9-568f61732c500"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
2698
x-amz-cf-id
5q3ZahwtZ-afwv6NL2wP08qqcbRw5FCEvTtrtFm7F5OZoNStbeDFwQ==
expires
Sun, 26 Dec 2021 07:26:29 GMT
jquery.mask-1522921134.js
static.devisprox.com/js/q_v4/ Frame 7631 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/q_v4/jquery.mask-1522921134.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
182facfddeb9c53a31c6459578826317948ab5b9bcd1e4254962799d7888a95d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 00:57:56 GMT
content-encoding
gzip
last-modified
Thu, 05 Apr 2018 09:38:54 GMT
server
Apache/2.2.22 (Debian)
age
10798696
etag
"20e86e-1ea3-56916b5368780"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
2379
x-amz-cf-id
9BHp1ICFDjvhKo3RKxyV1L3ByI00ZqWHF_Atbr8m4jfL22y3RtZ1ww==
expires
Sun, 08 May 2022 00:57:56 GMT
jquery-ui.min-1555092804.js
static.devisprox.com/js/q_v6/ Frame 7631 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.devisprox.com/js/q_v6/jquery-ui.min-1555092804.js
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 07:30:50 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 18:13:24 GMT
server
Apache/2.2.22 (Debian)
age
21402322
etag
"330002-3def1-58659422cd900"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=28512000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
yQjQQHMjSNTdQFQVo-YmLOTiWUdMXFhdS13bPDjzBIPx2FmjLB3ONQ==
expires
Wed, 05 Jan 2022 07:30:50 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ Frame 7631 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://webservice.devisprox.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
371800
cdn-cachedat
2021-04-19 13:12:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
64464
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0242b80920b858f89bbaca7aa67a1a20
accept-ranges
bytes
cf-ray
69e4f8cafa348766-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ Frame 7631 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K72ZNXK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
6555
date
Thu, 14 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 15 Oct 2021 00:46:57 GMT
tracking
ads.avads.net/v1/ Frame 7631 		35 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.avads.net/v1/tracking?type=behavior&owner=devisprox&act=visit&market=FR&lang=fr-FR&url=https%3A%2F%2Fwebservice.devisprox.com%2Fformulaire.php%3Felementid%3DDevisProxContent%26partner%3D6974548%26questionnaire%3D748%26c%3Dundefined%26ws_referer%3Dhttps%253A%252F%252Fwww.buy-the-best-offers.com%252Fredirect%252Frac.html%253Futm_source%253DRACStLouis%2526utm_medium%253Dbhs%2526utm_campaign%253DRAC%26
Requested by
Host: webservice.devisprox.com
URL: https://webservice.devisprox.com/formulaire.php?elementid=DevisProxContent&partner=6974548&questionnaire=748&c=undefined&ws_referer=https%3A%2F%2Fwww.buy-the-best-offers.com%2Fredirect%2Frac.html%3Futm_source%3DRACStLouis%26utm_medium%3Dbhs%26utm_campaign%3DRAC&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webservice.devisprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:36:12 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
35
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings object| wpp_params object| WordPressPopularPosts undefined| $ function| jQuery object| classie object| twemoji object| wp

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avads.net
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
rachat-credits.saintlouisasete.fr
static.devisprox.com
webservice.devisprox.com
www.buy-the-best-offers.com
www.google-analytics.com
www.googletagmanager.com
104.18.11.207
109.234.161.39
142.250.184.234
142.250.185.142
142.250.185.234
142.250.186.136
142.250.186.163
172.67.136.132
18.66.112.85
35.205.207.25
63.32.164.74
034bd144eefe11e882cd5fe552bbea6c38d550c8c6d940d16a2a8b17ebdf09a3
0493ef6ff8b4717b6f9a16218fc5c093690c10da28ac92ee356efc48021a9066
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
142ea128cc06edce1f8737a5ad992b3f1afd08270172146ecb1ae2eb8fc672c8
14c5ee16c0e86b086e97c10427228797a2c54179e1f5dda1a9e45fa8f691aecc
182facfddeb9c53a31c6459578826317948ab5b9bcd1e4254962799d7888a95d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
212b3492dd60ba08a5dac3470966f67546f298ecd99f03d11ee9a9d21fb10475
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
257c9866361d681e41bf46c77af539012c904980357226b4f1d2ae7df7b12f7a
2815971661cf64e44f4f0e804745b4dfaa13e92238bd4e44813c17258c4c301e
28b7ba8c7c9b5af279fb1df57bdf65115df739b67e0737d9076a6f3306b9f0c7
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c
52a7240bf6d58796cdb26d0c6909712f8307b9c9361e6d91b691c2e70696d2a6
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54adbcef38890d81a50c5c65557b6740dfb683e037e4862ddc8596a49689eaa0
55db82e6a652769b749466433bd7a02737a4762d2dff934d5d59515f4e1050a6
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
5ff1abf6d216b971f09eb56f35e360eded9b8dececc76645987dda7a1944dea9
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
63f3a8e5cdabac89c583c9d8dd2337f096e16a2bdb531f705df453a1c00d3b6a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
6dc267c8b59839710feb0eca9a2b0674bc1ed663034099529dd882997476e684
6e46b1ca12ff39f3ff3f8da5bf691cc03e9e896c9eeb20685e98d622eebfdcc7
8172022b868ca3aeb54ba913369f7be1f72d387e0c4156465fb31855e0acaac6
83c083d8e839181d20d315fee86e22170d86ff7ce42947a45ab57159df2bd52b
85f4e34130299ad75219e636a4ba4ef407e3d129ed8a561c2838f82464a80aaf
89a60e990a2b699d187efa570cc6f320bbd6bc15498b5cdfb1cc8f9e67e0e2f8
8b42da67206fe683363cbe4f28033e070ba92030947cf4d74ffd640d1f76357a
8c155d1fe7be0878125c8d488ee105bd24fb5e5b24d14c30f630112f856e839c
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8da4ba63c0631c15e1fbebacc34c51ddf4d51b8b2bd7a6c9a3885e913f408301
935de72e6f2cafea4c70abd0719e7f25eafeb34871957fd160cfa4c1f9feb13c
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
98825588378b6af479f05fd9a60da82705cc2b79e276d53976e9997a0be5f2b8
990830e01bc9e633124a39b5cf2f5bdcfcdf8afa6686d43b8e90334dce690c00
a2f5827f37602f0ada4640790bc6387b4facf76dfa80fc69307d5666588f70df
af1a5852f414e4caf9c990b843fe73bba5e88c8d2e186cafc0551280023d1314
b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b6757fce562209b6c5c6d683cf186e0c0464a77febd7f39a0d132df8308d6eca
b6e50abba6c3fccf3f42e90890b3a8d118ee06fa84d8a438ba6903422fb04fdf
b72299720c47009e48c4e0e9f7932c1bf66be187dd2f9b59e6c3bb9e31d21fc0
bb45c1fab2f60b4051fabb5bab1046ddb80d716ed6ee57da72637d7a15a8284d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bd5079e019a8123b35220ae8b3c2f713929c8387a9328b3338ca948b501de14e
bed010f7551d024d4953eb2be21c55604121a528fc090ebb9fceaa3ff9e038d3
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c70f0859309f2ee4899e039dfe22239cd2d05e66afc3d354a279e7ab14294b80
cb0f844a186359bc21313ace1647e9ddea8562a88ee335a71fadbf7576a7f217
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d7b512fba3688ed5858e2d1ef154ce25c00323fcf77c381d170be53ec43d93f3
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d96e654e642a2fb3cd54fdf2a558aeade83c51184b0407c1225929b71efd1d3b
dabc35303b9836b92014a59be540691515312f3af112ffe57b6dbdefb8f8c77e
e2d120c86b938c72c0374a47cdbae0b31b19c6573237fa7507d5134b73338be6
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
e5fe4e53a415a5f502557e16c982d4d1b6e63006a8d15858cb3c9c67147cb308
f3087791ed752cfba8403c99e09febdf5dfae9bb61737f5972f22772ecb703e7
f66a12b374f51d5ff9b6b578b651b27a5eb0ee168ac53f796f3a90b7ef630a93
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffcaf3335910a5a1f3359f599113e4ccbf54521276400b144f28bf82c3f1d914