bonplandefrance.com Open in urlscan Pro
185.246.44.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Submission Tags: 7313764
Submission: On October 07 via api (October 7th 2021, 11:32:45 am UTC) from NL — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 185.246.44.81, located in France and belongs to O2SWITCH, FR. The main domain is bonplandefrance.com.
TLS certificate: Issued by R3 on August 18th 2021. Valid for: 3 months.

This is the only time bonplandefrance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	185.246.44.81 185.246.44.81		50474 (O2SWITCH) (O2SWITCH)
1	2a00:1450:400... 2a00:1450:4001:800::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003		15169 (GOOGLE) (GOOGLE)
13	4

9 185.246.44.81 (France)

ASN50474 (O2SWITCH, FR)
PTR: 185-246-44-81.reverse.odns.fr

bonplandefrance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	bonplandefrance.com bonplandefrance.com	209 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
13	3

	Domain	Requested by
9	bonplandefrance.com	bonplandefrance.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	bonplandefrance.com
1	fonts.googleapis.com	bonplandefrance.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
bonplandefrance.com R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Frame ID: 78CBC5F9B6F2AB749FAC1EA7721DE503
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - home

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

286 kB
Transfer

558 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/ 5 KB
2 KB 171ms
62ms Document
text/html 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 / PHP/7.4.24
Resource Hash: 889dfb9140121384ff0bbd852807ccc53bbca3575a069e1a7e68d5b28aa3b0c0

Request headers

:method: GET
:authority: bonplandefrance.com
:scheme: https
:path: /wp-includes/certificates/themes/dasjhk/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 07 Oct 2021 11:32:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
server: o2switch-PowerBoost-v3
content-encoding: br

GET
H2 200 bootstrap.min.css
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/bootstrap/css/ 160 KB
25 KB 47ms
47ms Stylesheet
text/css 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: d4c75c4b4ff24e9e4dc35a21d5a1f888bc485467d67c7145ba430b2d80fb57eb

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/bootstrap/css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 62ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic

Requested by

Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 11:17:52 GMT
server: ESF
date: Thu, 07 Oct 2021 11:32:41 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 07 Oct 2021 11:32:41 GMT

GET
H2 200 font-awesome.min.css
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/ 30 KB
7 KB 77ms
76ms Stylesheet
text/css 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/font-awesome.min.css
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/fonts/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 06:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 06:37:59 GMT

GET
H2 200 logo.png
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/ 7 KB
7 KB 47ms
47ms Image
image/png 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/logo.png
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: ce24c47d31e7affb07643ff151a4ecf7772cc108dcb921f8dcd0b6160c738e71

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/img/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 7157
content-type: image/png

GET
H2 200 search.png
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/ 12 KB
13 KB 58ms
58ms Image
image/png 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/search.png
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: 1cd6f8428ed3eb70b53249eed022fa70afce44e6d7193393494705e25c94029b

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/img/search.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 12727
content-type: image/png

GET
H2 200 menu1.png
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/ 29 KB
29 KB 66ms
66ms Image
image/png 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/menu1.png
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: c03e26b3a7acb33266a9b42586a87cb5ddee988ccb4d67ab61fc6ec18d4bd8e3

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/img/menu1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 29679
content-type: image/png

GET
H2 200 footer.png
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/ 28 KB
28 KB 79ms
79ms Image
image/png 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/img/footer.png
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: d9617bea2f00cd738d1ceb867fbc028f0f3119fe9088141efa17bb3965eb92f9

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/img/footer.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 28872
content-type: image/png

GET
H2 200 bootstrap.min.js Show response
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/bootstrap/js/ 77 KB
23 KB 43ms
42ms Script
application/javascript 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: 79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/bootstrap/js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bonplandefrance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 363175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 06:39:46 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bonplandefrance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 199173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:13:08 GMT

GET
H2 200 fontawesome-webfont.woff2
bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/ 75 KB
76 KB 94ms
94ms Font
font/woff2 185.246.44.81
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: bonplandefrance.com
URL: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.246.44.81 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: 185-246-44-81.reverse.odns.fr
Software: o2switch-PowerBoost-v3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-includes/certificates/themes/dasjhk/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://bonplandefrance.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: bonplandefrance.com
referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bonplandefrance.com/wp-includes/certificates/themes/dasjhk/assets/fonts/font-awesome.min.css
Origin: https://bonplandefrance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:32:41 GMT
last-modified: Wed, 06 Oct 2021 10:16:55 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 77160
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bonplandefrance.com
fonts.googleapis.com
fonts.gstatic.com
185.246.44.81
2a00:1450:4001:800::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
1cd6f8428ed3eb70b53249eed022fa70afce44e6d7193393494705e25c94029b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
889dfb9140121384ff0bbd852807ccc53bbca3575a069e1a7e68d5b28aa3b0c0
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
c03e26b3a7acb33266a9b42586a87cb5ddee988ccb4d67ab61fc6ec18d4bd8e3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ce24c47d31e7affb07643ff151a4ecf7772cc108dcb921f8dcd0b6160c738e71
d4c75c4b4ff24e9e4dc35a21d5a1f888bc485467d67c7145ba430b2d80fb57eb
d9617bea2f00cd738d1ceb867fbc028f0f3119fe9088141efa17bb3965eb92f9