buyawebhost.com Open in urlscan Pro
45.40.150.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://choiceusviphoney.com/
Effective URL:
https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1
Submission: On July 28 via api (July 28th 2024, 2:28:29 pm UTC) from US — Scanned from US

Summary HTTP 43 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 43 HTTP transactions. The main IP is 45.40.150.54, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is buyawebhost.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 30th 2024. Valid for: a year.

This is the only time buyawebhost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.248.213.45 13.248.213.45	16509 (AMAZON-02) (AMAZON-02)
1	173.194.204.105 173.194.204.105	15169 (GOOGLE) (GOOGLE)
2	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.48.203.15 23.48.203.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.175.149 173.194.175.149	15169 (GOOGLE) (GOOGLE)
2	54.221.247.211 54.221.247.211	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.218.116.163 23.218.116.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	45.40.150.54 45.40.150.54	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
20	162.159.136.45 162.159.136.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
2 4	23.48.203.11 23.48.203.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
43	14

2 13.248.213.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: a67c48129651a0940.awsglobalaccelerator.com

choiceusviphoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.48.203.15 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-15.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.175.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.221.247.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-247-211.compute-1.amazonaws.com

api.aws.parking.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.116.163 (Ashburn, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-116-163.deploy.static.akamaitechnologies.com

www.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.40.150.54 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 54.150.40.45.host.secureserver.net

buyawebhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 162.159.136.45 (None, )

ASN13335 (CLOUDFLARENET, US)

j0a8cd.p3cdn1.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.48.203.11 (Ashburn, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-11.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	secureserver.net 1 redirects www.secureserver.net — Cisco Umbrella Rank: 641918 j0a8cd.p3cdn1.secureserver.net gui.secureserver.net Failed	305 KB
8	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 15358	204 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	19 KB
2	godaddy.com api.aws.parking.godaddy.com — Cisco Umbrella Rank: 84499	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	choiceusviphoney.com choiceusviphoney.com	1 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	buyawebhost.com buyawebhost.com	12 KB
1	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210	130 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	76 KB
43	11

	Domain	Requested by
20	j0a8cd.p3cdn1.secureserver.net	buyawebhost.com j0a8cd.p3cdn1.secureserver.net
8	img1.wsimg.com	2 redirects choiceusviphoney.com img1.wsimg.com buyawebhost.com
2	api.aws.parking.godaddy.com	img1.wsimg.com
2	ad-delivery.net	choiceusviphoney.com
2	btloader.com	choiceusviphoney.com
2	choiceusviphoney.com	choiceusviphoney.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	buyawebhost.com
1	buyawebhost.com	img1.wsimg.com
1	www.secureserver.net	1 redirects
1	ad.doubleclick.net	choiceusviphoney.com
1	api.btloader.com	btloader.com
1	www.google.com	choiceusviphoney.com
0	gui.secureserver.net Failed	j0a8cd.p3cdn1.secureserver.net
43	14

This site contains links to these domains. Also see Links.

Domain
www.secureserver.net
account.secureserver.net
sso.secureserver.net
cart.secureserver.net

Subject Issuer	Validity	Valid
choiceusviphoney.com Go Daddy Secure Certificate Authority - G2	`2024-07-22` - `2025-07-22`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2023-09-19` - `2024-10-20`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.aws.parking.godaddy.com Go Daddy Secure Certificate Authority - G2	`2024-04-15` - `2025-05-17`	a year	crt.sh
buyawebhost.com Go Daddy Secure Certificate Authority - G2	`2024-06-30` - `2025-07-29`	a year	crt.sh
*.p3cdn1.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-02` - `2024-11-02`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1
Frame ID: 29CF358C9F847AFD1E8E67227BDBB974
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Buy A Web Host

Page URL History Show full URLs

https://choiceusviphoney.com/ Page URL
https://choiceusviphoney.com/lander Page URL
https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=584955&domain=choiceusviphoney.com HTTP 302
https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

43
Requests

88 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

666 kB
Transfer

2067 kB
Size

16
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.secureserver.net/help?pl_id=584955&path=%2F&plid=584955&currencyType=USD
Title: Help

Search URL Search Domain Scan URL

URL: https://account.secureserver.net/?plid=584955&currencyType=USD
Title: Sign in

Search URL Search Domain Scan URL

URL: https://sso.secureserver.net/account/create/?plid=584955&currencyType=USD
Title: Create my account

Search URL Search Domain Scan URL

URL: https://account.secureserver.net/products/?plid=584955&currencyType=USD

Search URL Search Domain Scan URL

URL: https://account.secureserver.net/security/login-info/edit/?plid=584955&currencyType=USD
Title: View

Search URL Search Domain Scan URL

URL: https://account.secureserver.net/billing/?plid=584955&currencyType=USD
Title: My Renewals

Search URL Search Domain Scan URL

URL: https://sso.secureserver.net/logout/?plid=584955&currencyType=USD
Title: Log Out

Search URL Search Domain Scan URL

URL: https://cart.secureserver.net/go/checkout/?plid=584955&currencyType=USD
Title: ()

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/cpanel?plid=584955
Title: cPanel Hosting

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/wordpress?plid=584955
Title: WordPress

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/business?plid=584955
Title: Web Hosting Plus

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/vps?plid=584955
Title: VPS Hosting

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/dedicated-server?plid=584955
Title: Dedicated Server

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/website-security?plid=584955
Title: Website Security

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/ssl?plid=584955
Title: SSL

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/ssl-managed?plid=584955
Title: Managed SSL Service

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/website-backup?plid=584955
Title: Website Backup

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/email-marketing?plid=584955&itc=slp_rstore
Title: Email Marketing

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/seo?plid=584955
Title: SEO

Search URL Search Domain Scan URL

URL: https://www.secureserver.net/products/microsoft-365?plid=584955
Title: Microsoft 365

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://choiceusviphoney.com/ Page URL
https://choiceusviphoney.com/lander Page URL
https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=584955&domain=choiceusviphoney.com HTTP 302
https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

Request Chain 36

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
choiceusviphoney.com/ 114 B
173 B 396ms
109ms Document
text/html 13.248.213.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choiceusviphoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.213.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a67c48129651a0940.awsglobalaccelerator.com
Software: /
Resource Hash: 6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length: 114
content-type: text/html
date: Sun, 28 Jul 2024 14:28:23 GMT

GET
H2 200 lander Show response
choiceusviphoney.com/ 620 B
1 KB 112ms
112ms Document
text/html 13.248.213.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choiceusviphoney.com/lander

Requested by

Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.213.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a67c48129651a0940.awsglobalaccelerator.com

Software

openresty /

Resource Hash

91b8e0f7554c6f705cf552cbbc09d96b25d913349fb27906e22f7c6c4130bafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://choiceusviphoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=86400
content-length: 620
content-type: text/html
date: Sun, 28 Jul 2024 14:28:23 GMT
server: openresty
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_f8skeuoajLYy1lngvAYKPLFU87dsEkupXMUnWZHbi/kxR/DnfxAmeqvePptvFBQ3lmuMVjUHnss56imBEmttCA
x-content-type-options: nosniff

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 196 KB
76 KB 446ms
148ms Script
text/javascript 173.194.204.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true

Requested by

Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f105.1e100.net

Software

sffe /

Resource Hash

4323a992992f0bec34e1f892f5f8ee0491db264957a1cb4161d39b577f3c45b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "11422697295923548455"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Sun, 28 Jul 2024 14:28:23 GMT

GET
H2 200 tag Show response
btloader.com/ 56 KB
19 KB 366ms
93ms Script
application/javascript 172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5097926782615552&upapi=true
Requested by: Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9b2793fa4e5459f81d86bdca0326897dcf68198758b5ac8acfd436b799bea7

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:23 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 28 Jul 2024 13:58:30 GMT
server: cloudflare
age: 1721
etag: "b9387b20a00e32f9b5b706643c7fa995"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8aa58e306d7809f7-LAS
content-length: 19105

GET
H2 200 main.cff7ae02.js Show response
img1.wsimg.com/parking-lander/static/js/ 633 KB
174 KB 175ms
174ms Script
application/javascript 23.48.203.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/static/js/main.cff7ae02.js
Requested by: Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 79e52f3c6d9065d472ea257f5aac45b0ab006a4ee482623f7d2fda986fab7baf

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Z0Xg0aqnnRRnl9Gd_A9NLDYYPl3VSNwr
content-encoding: gzip
date: Sun, 28 Jul 2024 14:28:24 GMT
x-amz-request-id: MGSDDS7CJVW2RSHB
x-amz-server-side-encryption: AES256
content-length: 177732
x-amz-id-2: VRDxiMXQ8eTvjBoF7XieSjNol21ubCGJVZI0jwzKZMz3ksrSd35L8tovjJ7qWGY6IxMwqtw9ERo=
last-modified: Wed, 24 Jul 2024 20:52:02 GMT
etag: "e120a8df1d03f3fed6e99f477f2b1697"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jul 2025 14:28:24 GMT

GET
H2 200 main.0e250201.css
img1.wsimg.com/parking-lander/static/css/ 3 KB
1 KB 715ms
167ms Stylesheet
text/css 23.48.203.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/static/css/main.0e250201.css
Requested by: Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7640d1724316aa0ecab04ee8623136e70c4f25506d279be7e98e7a43e6b83e80

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: pdcx1z7GgQzHu0sCAYG7heK7D1qj75h1
content-encoding: gzip
date: Sun, 28 Jul 2024 14:28:24 GMT
x-amz-request-id: MGS9Y7ZP88WQGNP2
x-amz-server-side-encryption: AES256
content-length: 897
x-amz-id-2: M+FJcz5Mw1kPJpeOfWaiWCohQN1LqKZz/ORKzf1He4zs+X2j3V9HVyB7Q6HZw8ttG/Na/2HT2Yo=
last-modified: Wed, 24 Jul 2024 20:52:07 GMT
etag: "cb39c1be1d9e0323102dd77c0afd5ba0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jul 2025 14:28:24 GMT

GET
H2 200 tag
btloader.com/ 56 KB
64 B 89ms
87ms Other
application/javascript 172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5097926782615552&upapi=true
Requested by: Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9b2793fa4e5459f81d86bdca0326897dcf68198758b5ac8acfd436b799bea7

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:24 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 28 Jul 2024 13:58:30 GMT
server: cloudflare
age: 1722
etag: "b9387b20a00e32f9b5b706643c7fa995"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8aa58e331fb209f7-LAS
content-length: 19105

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 310ms
105ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5097926782615552&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Jul 2024 14:28:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
326 B 300ms
97ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1297920
x-guploader-uploadid: ABPtcPra-WrMdCdCNi03iH8fbP3AeLb-WFz1OmM3dhcs4oKslSpIheuiTcbUVQLU2ySf0Z1r8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stVXgWk%2BpjnJH8lERs0M0P2mfbv62KQmlAjAO7a%2BmLxZLvouOzzmJWjLjKDvXyKN2hKwKVZAGw4Epz9LYDVdxT5RD1By7iTPjlc7%2Bp675iWH4Bh2AM38SLA3EaiUmTqqKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8aa58e3468b669e6-LAS
expires: Sat, 13 Jul 2024 14:38:07 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 364ms
177ms Image
image/x-icon 173.194.175.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jul 2024 00:26:31 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
834 B 300ms
97ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7170843680812675
Requested by: Host: choiceusviphoney.com
URL: https://choiceusviphoney.com/lander
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1297920
x-guploader-uploadid: ABPtcPra-WrMdCdCNi03iH8fbP3AeLb-WFz1OmM3dhcs4oKslSpIheuiTcbUVQLU2ySf0Z1r8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94Z01BCbpgZ7RHCm4Q5W02NvF1lxU%2BqlD03kPQiScSxLHbzup8HII4UhGCcWSugPjSCBkmu9r%2BtK1Mnj7f1%2BMHXVAisjuu71%2FhT96l01rtfatQsdPtaB%2BSf4VTMZh%2FBJuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8aa58e3468b469e6-LAS
expires: Sat, 13 Jul 2024 14:38:07 GMT

GET
H2 200 px.js
img1.wsimg.com/parking-lander/ 0
0 556ms
158ms Fetch
application/javascript 23.48.203.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/px.js?ch=1&abp=1&gdabp=true
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.cff7ae02.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: JX6heZYudFVdJz78gk0Q1mlS6OjQ02.M
content-encoding: gzip
date: Sun, 28 Jul 2024 14:28:25 GMT
x-amz-request-id: 1HJX4S7X97Y8VVGX
x-amz-server-side-encryption: AES256
content-length: 20
x-amz-id-2: L1NNIFJc6eeBKttn5MSUix9OEra3Ade1nDWgOwHrkUxSA1MiUC0MOfUenG001V3QGXq2WpjCWhPFqIZcGgpA5A==
last-modified: Mon, 20 May 2024 21:18:13 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jul 2025 14:28:25 GMT

GET
H2 200 choiceusviphoney.com
api.aws.parking.godaddy.com/v1/parking/landers/ 986 B
2 KB 157ms
156ms Fetch
application/json 54.221.247.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/parking/landers/choiceusviphoney.com?trafficTarget=reseller&abp=1&gdabp=true
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.cff7ae02.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.247.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-247-211.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Request-Id: a7ffd684-76a9-4f1d-b2f3-ef4db3952346

Response headers

date: Sun, 28 Jul 2024 14:28:25 GMT
access-control-max-age: 600
content-type: application/json
access-control-allow-origin: https://choiceusviphoney.com
cache-control: Private,max-age=86400
access-control-allow-credentials: true
content-length: 986
x-request-id: a7ffd684-76a9-4f1d-b2f3-ef4db3952346

OPTIONS
H2 200 choiceusviphoney.com
api.aws.parking.godaddy.com/v1/parking/landers/ 0
0 449ms
134ms Preflight 54.221.247.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/parking/landers/choiceusviphoney.com?trafficTarget=reseller&abp=1&gdabp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.247.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-247-211.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://choiceusviphoney.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://choiceusviphoney.com
access-control-max-age: 600
content-length: 0
date: Sun, 28 Jul 2024 14:28:25 GMT
x-request-id: 3CVRhEU2

GET
H2 200 px.js
img1.wsimg.com/parking-lander/ 0
0 159ms
159ms Fetch
application/javascript 23.48.203.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/px.js?ch=2&abp=2&gdabp=true
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.cff7ae02.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://choiceusviphoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: JX6heZYudFVdJz78gk0Q1mlS6OjQ02.M
content-encoding: gzip
date: Sun, 28 Jul 2024 14:28:25 GMT
x-amz-request-id: Z4TCRK66V4Y5KYGS
x-amz-server-side-encryption: AES256
content-length: 20
x-amz-id-2: 05TKEuUuau/MXjXjjVDdHQ0ZlkhadECXCoArL2+xBOwzNPRoAMJlO2z1px6waY+UoakRVoh6SWk=
last-modified: Mon, 20 May 2024 21:18:13 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Jul 2025 14:28:25 GMT

GET
H2

200

Primary Request / Show response
buyawebhost.com/
Redirect Chain

https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=584955&domain=choiceusviphoney.com
https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

49 KB
12 KB

753ms
459ms

Document
text/html

45.40.150.54
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.cff7ae02.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.40.150.54 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

54.150.40.45.host.secureserver.net

Software

openresty /

Resource Hash

449f2e00a998487653ce5fabe447233a068e4223be48cca8991e0243c925c8bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://choiceusviphoney.com/lander
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 28 Jul 2024 14:28:27 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: varnish_ssl
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 8.1
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 156
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Jul 2024 14:28:26 GMT
Expires: Sun, 28 Jul 2024 14:28:26 GMT
Location: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1
Pragma: no-cache
Server: envoy
Vary: Accept
X-ARC: 101
x-envoy-upstream-service-time: 872
x-powered-by: Slay

GET
H2 200 style.min.css
j0a8cd.p3cdn1.secureserver.net/wp-includes/css/dist/block-library/ 111 KB
15 KB 427ms
195ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 14991
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2024 08:20:56 GMT
x-php-version: 8.1
server: cloudflare
etag: "1bae5-61e0e12eab5d3;5e3c150aed077
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39d20acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 gutenbee.animations.css
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/gutenbee/build/ 7 KB
1 KB 357ms
126ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/gutenbee/build/gutenbee.animations.css?ver=2.18.0&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4e7fe71652e352e753e5f06d1d12de810f3a8bbfb9c819f6b565aa4fdb5865

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 1159
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 19:23:52 GMT
x-php-version: 8.1
server: cloudflare
etag: "1dd6-61e0337ea7e30-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39db0acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 dashicons.min.css
j0a8cd.p3cdn1.secureserver.net/wp-includes/css/ 58 KB
35 KB 454ms
224ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-includes/css/dashicons.min.css?ver=6.5.5&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 35730
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2024 08:20:56 GMT
x-php-version: 8.1
server: cloudflare
etag: "e688-61e0e12eb177c;5e3c150aed077
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39d80acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 store.min.css
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/css/ 4 KB
2 KB 352ms
122ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/css/store.min.css?ver=2.2.15&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c968eee1376deff74b3dc3368e24928b591cdde7d842388de77c1767d944998

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 1259
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 22:34:17 GMT
x-php-version: 8.1
server: cloudflare
etag: "f6e-61be6bb3650d1-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39d70acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 style.min.css
j0a8cd.p3cdn1.secureserver.net/wp-includes/css/dist/components/ 83 KB
12 KB 358ms
128ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-includes/css/dist/components/style.min.css?ver=6.5.5&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6b98dac1f86073fbf42b0380abd6e542cd732d79bf1c962ac3637f19cfb971

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 11952
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2024 08:20:56 GMT
x-php-version: 8.1
server: cloudflare
etag: "14b45-61e0e12eae89b;5e3c150aed077
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39d60acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 latest.css
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/ 13 KB
2 KB 533ms
304ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 1474
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jul 2024 20:09:22 GMT
x-php-version: 8.1
server: cloudflare
etag: "3256-61e2c1653963e-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39d90acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 style.css
j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/ 205 KB
26 KB 504ms
275ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/style.css?ver=1.2.4&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ddb3e3ab2731422178060948f2bf0a8ea3367f3dd58dc30b52ced96bf8c8d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 26184
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 06:49:49 GMT
x-php-version: 8.1
server: cloudflare
etag: "3337e-5e3d26ca5e2a8-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39d50acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 536ms
163ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.10

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jul 2024 14:16:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jul 2024 14:28:28 GMT

GET
H2 200 jquery.min.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-includes/js/jquery/ 86 KB
30 KB 609ms
380ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 30368
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2024 08:20:56 GMT
x-php-version: 8.1
server: cloudflare
etag: "15601-61e0e12f34549;5e3c150aed077
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4aaa420acd-LAS
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-includes/js/jquery/ 13 KB
5 KB 606ms
377ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 4872
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jul 2024 08:20:56 GMT
x-php-version: 8.1
server: cloudflare
etag: "3509-61e0e12f331c1;5e3c150aed077
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4aaa400acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 imtranBuyawebhost.png
j0a8cd.p3cdn1.secureserver.net/wp-content/uploads/2022/07/ 95 KB
95 KB 536ms
307ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/uploads/2022/07/imtranBuyawebhost.png

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d50af67ce2f34fb62c6d8ab1462405f2a78a694186467ebb227a4dc51f4a522

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 96797
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 10:26:36 GMT
x-php-version: 8.1
server: cloudflare
etag: "17a1d-5e3d573ee341e"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4a39dd0acd-LAS
expires: Wed, 28 Aug 2024 14:28:27 GMT

GET
H2 200 coblocks-animation.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 407 B
333 B 274ms
270ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.1.13&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 242
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jul 2024 20:09:22 GMT
x-php-version: 8.1
server: cloudflare
etag: "197-61e2c16532cc5-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4b0a7e0acd-LAS
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H2 200 tiny-swiper.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/vendors/ 10 KB
4 KB 271ms
268ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js?ver=3.1.13&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1c63396c6fb5d907ed689c0bda392011d3f177a7b599363c76bd323cd956f22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 4268
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jul 2024 20:09:22 GMT
x-php-version: 8.1
server: cloudflare
etag: "2906-61e2c165353d6-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4b0a7f0acd-LAS
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 coblocks-tinyswiper-initializer.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 14 KB
6 KB 144ms
141ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js?ver=3.1.13&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6043ee4a9960e025742c70262f22b6585271df6de2c4cc1148962fd5edc8c0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 5374
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jul 2024 20:09:22 GMT
x-php-version: 8.1
server: cloudflare
etag: "381e-61e2c1653404e-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4ccb8779a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 gutenbee.animations.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/gutenbee/build/ 5 KB
3 KB 141ms
139ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/gutenbee/build/gutenbee.animations.js?ver=2.18.0&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503c70d2cbb058a48b6f1bf4ae158083d8e8321fdbf686b6f02e2d0ecca0119c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 2212
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 19:23:52 GMT
x-php-version: 8.1
server: cloudflare
etag: "156a-61e0337ea7e30-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4ccb8879a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 js-cookie.min.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/js/ 2 KB
1 KB 159ms
156ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/js/js-cookie.min.js?ver=2.1.3&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049821444719f30cc06a6df873de1354cf4e06f3aa0117a4f630032638a5b6ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 874
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 22:34:17 GMT
x-php-version: 8.1
server: cloudflare
etag: "6a2-61be6bb366c29-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4ceba779a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 store.min.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/js/ 5 KB
2 KB 141ms
139ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/js/store.min.js?ver=2.2.15&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7cb571ed4bbc3c566540240da65627b72385ecc1795c7641ab0948813d9caf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 1677
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 22:34:17 GMT
x-php-version: 8.1
server: cloudflare
etag: "123a-61be6bb367011-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4ceba879a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 domain-search.min.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/js/ 157 KB
50 KB 199ms
197ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/plugins/reseller-store/assets/js/domain-search.min.js?ver=2.2.15&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7b38a698cd0873a344c9f8a3b635d3967e6eb5179b1caa553d54cded28a2c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 50961
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 22:34:17 GMT
x-php-version: 8.1
server: cloudflare
etag: "272ce-61be6bb366841-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4ceba979a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 navigation.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/assets/js/ 1 KB
796 B 286ms
284ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/assets/js/navigation.js?ver=1.2.4&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb38063c75f286c3c62549fff3e8d85e7d0b803a7ee6686050becb0aeec487d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 06:49:49 GMT
x-php-version: 8.1
server: cloudflare
etag: "5b3-5e3d26ca7b380-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4cebaa79a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H3 200 navigation.min.js Show response
j0a8cd.p3cdn1.secureserver.net/wp-content/themes/primer/assets/js/ 418 B
634 B 145ms
143ms Script
text/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.10&time=1722024565

Requested by

Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4694f7200bca7003f42864dc28f990e671efd1b3903fa27c41dd805865ec3314

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 265
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 06:49:51 GMT
x-php-version: 8.1
server: cloudflare
etag: "1a2-5e3d26cccf695-gzip"
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4cebab79a4-DEN
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

172ms
172ms

Script
text/javascript

23.48.203.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Server: 23.48.203.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: VDVeY4oO8ClQrknn.k4OgPWK0heF1LAr
content-encoding: gzip
date: Sun, 28 Jul 2024 14:28:28 GMT
x-amz-request-id: XWMJZA98W82YCGKS
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.4.0
content-length: 20848
x-amz-id-2: doYDnz2jkCRQdf1S4UZYEe3YMRHzV4YCHpAgP4d1nv7XUPHbl9zfpIJayOzuUALHKW8mDNYJJmqVL8fdfADmdw==
last-modified: Fri, 17 May 2024 22:31:26 GMT
etag: "ace51bdb3b35a6b66c74fa115d4caa3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 14:58:28 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin: *
date: Sun, 28 Jul 2024 14:28:28 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Mon, 28 Jul 2025 14:28:28 GMT

GET
H2

200

tti.min.js Show response
img1.wsimg.com/signals/js/clients/tti/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js

21 KB
8 KB

160ms
159ms

Script
text/javascript

23.48.203.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Requested by: Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1
Protocol: H2
Server: 23.48.203.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23

Request headers

Referer: https://buyawebhost.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 7jzjltvngWPxR10aGBgezMSyuI8q8r0u
content-encoding: gzip
date: Sun, 28 Jul 2024 14:28:28 GMT
x-amz-request-id: FT9SS7136WXZB640
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.2.1
content-length: 7570
x-amz-id-2: 3uy8ZuK5eVSQbz6l8OP32Ixr48ckVeLXGN4NCFskmzYkdUa7q2flnEPt0WR+Ao+bZl3Kk2syxEgk+zWkfCJFrA==
last-modified: Wed, 18 Oct 2023 13:46:08 GMT
etag: "1c56940a864f144fae2eb40ee952cb94"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 14:58:28 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
access-control-allow-origin: *
date: Sun, 28 Jul 2024 14:28:28 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Mon, 28 Jul 2025 14:28:28 GMT

GET
BLOB 200
OK 45aa5482-699f-4ce4-9354-2702d0c33d9a
https://buyawebhost.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buyawebhost.com/45aa5482-699f-4ce4-9354-2702d0c33d9a
Requested by: Host: buyawebhost.com
URL: https://buyawebhost.com/?isc=PLPPT02003&isRedirect=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 501ms
164ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buyawebhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:55:37 GMT
x-content-type-options: nosniff
age: 315171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 22:55:37 GMT

GET
H3 200 uxfont.woff2
j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/assets/icons/ 13 KB
13 KB 214ms
127ms Font
font/woff2 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/assets/icons/uxfont.woff2

Requested by

Host: j0a8cd.p3cdn1.secureserver.net
URL: https://j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/style.css?ver=1.2.4&time=1722024565

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed3bfbad14aa95968f7c0ab2e2ad07a7aeb6f090d9d3e71f7a71b715e7583ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://j0a8cd.p3cdn1.secureserver.net/wp-content/themes/turnkey-storefront/style.css?ver=1.2.4&time=1722024565
Origin: https://buyawebhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 14:28:28 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
cf-cache-status: MISS
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 13212
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 06:49:49 GMT
x-php-version: 8.1
server: cloudflare
etag: "339c-5e3d26ca76560"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8aa58e4dca490a03-LAS
expires: Wed, 28 Aug 2024 14:28:28 GMT

GET wp-emoji-release.min.js
j0a8cd.p3cdn1.secureserver.net/wp-includes/js/ 0
0

GET /
gui.secureserver.net/pcjson/standardheaderfooter/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: j0a8cd.p3cdn1.secureserver.net
URL: https://j0a8cd.p3cdn1.secureserver.net/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5&time=1722024565

Domain: gui.secureserver.net
URL: https://gui.secureserver.net/pcjson/standardheaderfooter/?plid=584955&currencyType=USD&callback=jQuery3710286378236372006_1722176908267&plid=584955&_=1722176908268

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
choiceusviphoney.com/	1970-01-20 22:24:23	Name: traffic_target Value: reseller
choiceusviphoney.com/	1970-01-20 22:24:23	Name: caf_ipaddr Value: 45.13.235.187
choiceusviphoney.com/	1970-01-20 22:24:23	Name: country Value: US
choiceusviphoney.com/	1970-01-20 22:24:23	Name: city Value: Secaucus
choiceusviphoney.com/	1970-01-20 22:24:23	Name: lander_type Value: parkweb-reseller
www.secureserver.net/	1969-12-31 23:59:59	Name: 9bcd9698ffec9a5b4659eec167633246 Value: dc8a6f2f66b0ee66236e1d580b4a1e7b
.secureserver.net/	1970-01-20 22:22:58	Name: fb_sessiontraffic Value: S_TOUCH=&pathway=c5aff80d-1161-4801-a5e9-cb115accbc47&V_DATE=&pc=0
.secureserver.net/	1970-01-20 22:22:58	Name: pathway Value: c5aff80d-1161-4801-a5e9-cb115accbc47
.secureserver.net/	1970-01-21 07:07:06	Name: visitor Value: vid=c5aff80d-1161-4801-a5e9-cb115accbc47
.secureserver.net/	1970-01-21 07:08:32	Name: _policy Value: {"restricted_market":false,"tracking_market":"none"}
.secureserver.net/	1970-01-21 07:08:32	Name: _abck Value: 99797C5CD4D50D03E204ACB08A4C2DF0~-1~YAAQTBAgFxldNeSQAQAA6CW++Qw8Z1cBHTXjEI5CoOi67f5u+WNGelMwUdm1BSHIwJ1fN9JfCTvVfZKmyOV+wtVVYcmKPEgzgtP5EmC+elBt3mGuRMtGZLUbt075HvfNo4S+J5wyF3q3Uk2hQkYtSQraajmXaXdlnAqPPQ6QxAzQxU9k5NXzuoHgiCXhZ1T1wrnEp8plrsV7U7rj8ofWwAh6+LpHwPF5WDdMwI3mgwafDv5uvOoKkVcW3fjB5aRSk+iDQC8CCgfshqZLdQ7K+weOovGvbT+Fiq2lygdYzTInhTg/ZTWO4VC2S4PhhldH3pIwx/klOYFNalBB1PKasQxb67TtG5+2NdioKdZtse+EPo61kPt2ZDjODFPgD1uHKw==~-1~-1~-1
.secureserver.net/	1970-01-20 22:23:04	Name: ak_bmsc Value: D06EBCE3D76D91BB15929B4AC53EB6B3~000000000000000000000000000000~YAAQTBAgFxpdNeSQAQAA6CW++RjK/51pUUP9CKjeRWjfEnJwKiZIG5BYHJcLnA26DyDywiUtVTUBi9f45ShTdIrbTIVwPCS1u0hDDrO77AVdJi1vmrxBFb5ILaIaivlEdK4V2bNYtwDU7ChSKFFrX7EJwrosxA+pVM77+d3/bA1mLR842JhQ/HKac/J5P+RwkPElNOkik3z6ENgVibUFmV2fnRstl2oFNYriJc0I3aDFa/anjqf2WlN1rRtky4Lt3UT7AD5nXAiFOEf32bzs0NPcnMQEsmudHd9ZbqsfEjnO1Vt2Da178YcKi4B2i0xFxTJ0vRRQaeyld20ZR797MvQSdepQU4oELRWAhiXYy0vRCUjpjNxEmPGvy2+mWp6k4KgDVsGC
.secureserver.net/	1970-01-20 22:23:11	Name: bm_sz Value: 8667D7021F2CCEBA9B7C6AA523D2D63F~YAAQTBAgFxtdNeSQAQAA6CW++RhsuI0iTtZryUMKZcRXop/sRI8L99SFCIu7UTq0rOhXMzJeglNoyrlq5GNPuKHQfD5Jn9aUuH3qxEFE1olaIQ5SttUuSY4LIqW9v34+Rp+9LawDyYmp4StgJz1c4KVGwjHlKLthb58tD8vcWDixLzq0DJmoEqVHLLUC0q7eU3PjGZS/OdBACZfPMEptpiDLPJUyNGZXVNodFUOVq/07yxGjFMjjCfpcQeSuYZJBBPjkgH4C+RJMjAA89TsbvvTvO9gUWgndMhTobCmycu+XzoDchpSlvLWDYvsq1FW8ldTJ7ZPdiOzN63jFlAbsZw/yaIQ2kRieeNJ7ZYYGja57kxyngEhAkKZSCc4JQQ6MWZidwnCzKW6bJBU=~3354933~3622213
.buyawebhost.com/	1970-01-21 07:08:32	Name: _tccl_visitor Value: 232e2cd8-5d46-4ab6-aefa-787068ced890
.buyawebhost.com/	1970-01-20 22:22:58	Name: _tccl_visit Value: 232e2cd8-5d46-4ab6-aefa-787068ced890
.buyawebhost.com/	1970-01-20 22:22:58	Name: _scc_session Value: pc=1&C_TOUCH=2024-07-28T14:28:29.102Z

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://j0a8cd.p3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1&time=1722024565(Line 1) Message: Listener added for a 'DOMSubtreeModified' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.aws.parking.godaddy.com
api.btloader.com
btloader.com
buyawebhost.com
choiceusviphoney.com
fonts.googleapis.com
fonts.gstatic.com
gui.secureserver.net
img1.wsimg.com
j0a8cd.p3cdn1.secureserver.net
www.google.com
www.secureserver.net
gui.secureserver.net
j0a8cd.p3cdn1.secureserver.net
104.26.2.70
13.248.213.45
130.211.23.194
162.159.136.45
172.253.63.95
172.67.41.60
173.194.175.149
173.194.204.105
173.194.204.94
23.218.116.163
23.48.203.11
23.48.203.15
45.40.150.54
54.221.247.211
049821444719f30cc06a6df873de1354cf4e06f3aa0117a4f630032638a5b6ce
1c968eee1376deff74b3dc3368e24928b591cdde7d842388de77c1767d944998
1e4e7fe71652e352e753e5f06d1d12de810f3a8bbfb9c819f6b565aa4fdb5865
2ed3bfbad14aa95968f7c0ab2e2ad07a7aeb6f090d9d3e71f7a71b715e7583ff
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4323a992992f0bec34e1f892f5f8ee0491db264957a1cb4161d39b577f3c45b8
449f2e00a998487653ce5fabe447233a068e4223be48cca8991e0243c925c8bc
4694f7200bca7003f42864dc28f990e671efd1b3903fa27c41dd805865ec3314
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
4d50af67ce2f34fb62c6d8ab1462405f2a78a694186467ebb227a4dc51f4a522
503c70d2cbb058a48b6f1bf4ae158083d8e8321fdbf686b6f02e2d0ecca0119c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023
7640d1724316aa0ecab04ee8623136e70c4f25506d279be7e98e7a43e6b83e80
79e52f3c6d9065d472ea257f5aac45b0ab006a4ee482623f7d2fda986fab7baf
8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f
91b8e0f7554c6f705cf552cbbc09d96b25d913349fb27906e22f7c6c4130bafa
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
b6043ee4a9960e025742c70262f22b6585271df6de2c4cc1148962fd5edc8c0b
ba9b2793fa4e5459f81d86bdca0326897dcf68198758b5ac8acfd436b799bea7
beb38063c75f286c3c62549fff3e8d85e7d0b803a7ee6686050becb0aeec487d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c63396c6fb5d907ed689c0bda392011d3f177a7b599363c76bd323cd956f22
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da7cb571ed4bbc3c566540240da65627b72385ecc1795c7641ab0948813d9caf
df7b38a698cd0873a344c9f8a3b635d3967e6eb5179b1caa553d54cded28a2c5
e1ddb3e3ab2731422178060948f2bf0a8ea3367f3dd58dc30b52ced96bf8c8d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6b98dac1f86073fbf42b0380abd6e542cd732d79bf1c962ac3637f19cfb971

buyawebhost.com Open in urlscan Pro 45.40.150.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

88 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

14 IPs

2 Countries

666 kBTransfer

2067 kBSize

16 Cookies

20 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buyawebhost.com Open in urlscan Pro
45.40.150.54 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

88 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

666 kB
Transfer

2067 kB
Size

16
Cookies

43 HTTP transactions
0 data transactions