offer.buyvi-shift.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://buyvi-shift.com/
Effective URL:
https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Submission: On April 15 via api (April 15th 2024, 12:59:00 pm UTC) from US — Scanned from NL

Summary HTTP 135 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 17 domains to perform 135 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is offer.buyvi-shift.com.
TLS certificate: Issued by GTS CA 1P5 on April 15th 2024. Valid for: 3 months.

This is the only time offer.buyvi-shift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 84	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	52.216.50.73 52.216.50.73	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	34.117.205.107 34.117.205.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
5	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400c:c1f::9b	15169 (GOOGLE) (GOOGLE)
1 1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2014	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.148 142.250.186.148	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
135	24

84 188.114.97.3 (Amsterdam, Netherlands) 3 redirects

ASN13335 (CLOUDFLARENET, US)

buyvi-shift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buyvi-shift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
offer.buyvi-shift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.50.73 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

holidayofferbadges.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.205.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.205.117.34.bc.googleusercontent.com

www.mxj5trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1f::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-khd4rlt-owq2o.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.148 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f20.1e100.net

gtm-khd4rlt-owq2o.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	buyvi-shift.com 3 redirects buyvi-shift.com www.buyvi-shift.com offer.buyvi-shift.com	1 MB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 maps.googleapis.com — Cisco Umbrella Rank: 361	235 KB
6	google.nl www.google.nl — Cisco Umbrella Rank: 10632	943 B
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3076	379 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 751 j.clarity.ms — Cisco Umbrella Rank: 6069 c.clarity.ms — Cisco Umbrella Rank: 1390	28 KB
5	appspot.com gtm-khd4rlt-owq2o.uc.r.appspot.com — Cisco Umbrella Rank: 469479	3 KB
5	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3278 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3969	43 KB
4	gstatic.com fonts.gstatic.com maps.gstatic.com	81 KB
4	amazonaws.com holidayofferbadges.s3.amazonaws.com — Cisco Umbrella Rank: 755165	130 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 87	497 B
3	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2849	2 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 633	17 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	194 KB
2	mxj5trk.com www.mxj5trk.com — Cisco Umbrella Rank: 473179	19 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 233	766 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3025	17 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
135	17

	Domain	Requested by
82	offer.buyvi-shift.com	1 redirects offer.buyvi-shift.com
6	www.google.nl	offer.buyvi-shift.com
6	maps.googleapis.com	offer.buyvi-shift.com maps.googleapis.com
5	region1.analytics.google.com	offer.buyvi-shift.com
5	gtm-khd4rlt-owq2o.uc.r.appspot.com	www.googletagmanager.com offer.buyvi-shift.com
4	holidayofferbadges.s3.amazonaws.com	offer.buyvi-shift.com
3	stats.g.doubleclick.net	1 redirects offer.buyvi-shift.com
3	static.klaviyo.com	offer.buyvi-shift.com static.klaviyo.com
3	dev.visualwebsiteoptimizer.com	offer.buyvi-shift.com dev.visualwebsiteoptimizer.com
2	c.clarity.ms	1 redirects
2	j.clarity.ms	www.clarity.ms
2	maps.gstatic.com	offer.buyvi-shift.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	ssl.google-analytics.com	1 redirects www.googletagmanager.com
2	www.clarity.ms	offer.buyvi-shift.com www.clarity.ms
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	offer.buyvi-shift.com www.googletagmanager.com
2	www.mxj5trk.com	offer.buyvi-shift.com www.mxj5trk.com
2	fonts.googleapis.com	offer.buyvi-shift.com
1	c.bing.com	1 redirects
1	www.google.com	1 redirects
1	stackpath.bootstrapcdn.com	offer.buyvi-shift.com
1	code.jquery.com	offer.buyvi-shift.com
1	www.buyvi-shift.com	1 redirects
1	buyvi-shift.com	1 redirects
135	25

This site contains no links.

Subject Issuer	Validity	Valid
buyvi-shift.com GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
mxj5trk.com Starfield Secure Certificate Authority - G2	`2024-03-26` - `2025-04-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
static.klaviyo.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
static-tracking.klaviyo.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Frame ID: E61C497D63FBE46BCB5CF4CD62032717
Requests: 134 HTTP requests in this frame

Frame: https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: FE4AA5A5ED254F89C536243EF88998A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buzz Repel Pro

Page URL History Show full URLs

https://buyvi-shift.com/ HTTP 301
https://www.buyvi-shift.com/ HTTP 302
https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

Page Statistics

135
Requests

98 %
HTTPS

52 %
IPv6

17
Domains

25
Subdomains

24
IPs

6
Countries

1825 kB
Transfer

4725 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://buyvi-shift.com/ HTTP 301
https://www.buyvi-shift.com/ HTTP 302
https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Request Chain 100

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=914890825&utmhn=offer.buyvi-shift.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=nl-nl&utmje=0&utmfl=-&utmdt=Buzz%20Repel%20Pro&utmhid=953196654&utmr=-&utmp=%2Foffer%2F1%2Fcheckout-now-v2.php&utmht=1713185935098&utmac=UA-156182996-152&utmgtm=45He44a0n91T2M228G4v9179684221za200&utmcc=__utma%3D139394541.1366987602.1713185935.1713185935.1713185935.1%3B%2B__utmz%3D139394541.1713185935.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=713067417&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825 HTTP 302
https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825&slf_rd=1&random=1809261248

Request Chain 130

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3E567EA905B24F9684366BE459C5D007&RedC=c.clarity.ms&MXFR=3B5C98F21E5367AE17B68C901A5369EB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3E567EA905B24F9684366BE459C5D007&MUID=33CD19D4D21468E5330E0DB6D3D469FE

135 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request checkout-now-v2.php Show response
offer.buyvi-shift.com/offer/1/
Redirect Chain

https://buyvi-shift.com/
https://www.buyvi-shift.com/
https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

187 KB
21 KB

633ms
618ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d99d0e4bf8e5ea2e896e8692f4994c519f07e35a43b534b24a583e3a8f04d75

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 874c1c053c9fb939-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Apr 2024 12:58:51 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VGuCcbP0eZoUBd0gtjP0UnnUG9bTXbJ074unnWBNNiWCa24U55XdGpasna9iO3zwFhqDNmUmkQTR64CTeqOt9MAgt2EyC0VmvJuoI8OI9b0UuMJ1H3JXSEXlbXLCe0%2Bwxg3E2WnW5g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 874c1c01cef3b939-AMS
content-type: text/html; charset=UTF-8
date: Mon, 15 Apr 2024 12:58:50 GMT
location: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHk%2F9a0CDYtq9DV8vHNY9A8kgBFiiZSc2ccgw2XjxtasfyHTSf4st%2BIM58cg2X5jBXUng0higTX1yrFwImM3jiIW1UadL11p8UlXpgjQL7Li6mizGgJrMNKZqCGFsh0gSCCELwRA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent

GET
H2 200 51174.js Show response
dev.visualwebsiteoptimizer.com/lib/ 3 KB
1 KB 209ms
66ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/lib/51174.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 8e919974cf04ccac895e49428b62312ca8d7ff8d64338a8aef7599cf2396bd27

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-computed: true
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1713176399"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache,max-age=0, public, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime: 0.0035289999996166

GET
H3 200 app2.css
offer.buyvi-shift.com/offer/1/app/desktop/css/ 11 KB
3 KB 190ms
171ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/app2.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc5b81d103945a02546d969cfc50c074d2717811f6353910c4131fa8f60124e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-2d2c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cBoh5uo7gKsZP2xkS87VHyZOfLk4%2FzdtgfbS7bb%2FfSpBMxgo3W%2B%2Fe9bqdAa%2B3rv05MMEGkv3xYk3Rz33xMvXAVf34SNZlRyvcHkUaapk56ACdqHHLVw7LCMw4h2gTFJWHDHGkv4PGVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c4911b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H/1.1 200
OK custom-extra.css
holidayofferbadges.s3.amazonaws.com/cdn/ 0
353 B 872ms
120ms Stylesheet
text/css 52.216.50.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://holidayofferbadges.s3.amazonaws.com/cdn/custom-extra.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.50.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 12:58:53 GMT
Last-Modified: Fri, 07 Jan 2022 11:05:54 GMT
Server: AmazonS3
x-amz-request-id: 3KTDKYMX31Z77945
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: Zq5EZkjmsuVu1aNDJDRdFAFraj8sSOQrG4405HY04YKQMLXRmbqnbnnhvykYkXkaoAmQbaupv5E=

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
2 KB 236ms
59ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:49:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 12:58:52 GMT

GET
H3 200 repeated-order-confirmation.min.css
offer.buyvi-shift.com/offer/1/extensions/RepeatedOrderAlert/css/ 2 KB
1 KB 735ms
714ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/RepeatedOrderAlert/css/repeated-order-confirmation.min.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b05b33504691c201633b28bb30b6b7ce47ec3c63673024ad1f15eb31ab0f1c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Nov 2023 08:06:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654c92f6-600"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6ofPLUqjcwnGVYknWWFsHtqyBGJ3sUn%2FX1A6L9cuIzf4r6c9H11Oc%2FAzAcZ1QQWhqPuIf6xUzVHiT2fxkvxAVvcsoxhiGpvRsvQmerIYPSjO%2BnLLJ6Tsop2sSvk15yLGZNNDxfur1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5934b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 repeated-order-confirmation-additional.css
offer.buyvi-shift.com/offer/1/extensions/RepeatedOrderAlert/css/ 758 B
774 B 743ms
721ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/RepeatedOrderAlert/css/repeated-order-confirmation-additional.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e74d51df9e880731f844687b2799027b532dc2db6049fdd479ec3f14a37223b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 15 Mar 2024 09:04:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f40f14-2f6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdqzg6ZfUSU5q%2F1%2B2ovCkFmBDqOQ1FcIAEBg6XD1DGuNGkPq4hJ0kODAeehGv88h0hDD8dIGVs8zaR2Miu6VvTNMx%2B64SOcIgecubRB4ojMS5DiHXjA6mWKI2go%2BjSCc0AR8IGduwcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5939b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 homeFooter.css
offer.buyvi-shift.com/offer/1/app/desktop/css/ 3 KB
1 KB 732ms
709ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/homeFooter.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62649494183f2d8235f876b9a400c80f9afb1bb8daeb9a9a87ca9fb5e7644a4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-aa0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JgNCYw%2BLUWmhIx9QUreLGJ7CI7RywG%2BuGwYJBbTIw8unEoAGAz5%2BNGkPc8x6Fw3TpbKQyk6NicspjF6v3IknC%2Biih5RvOPFfJQ17yb5GoKwr05VqgYbVv4sYyH7opGidiZACDs%2Bs%2F4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c593bb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 bootstrap.min.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 152 KB
24 KB 823ms
801ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/bootstrap.min.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4a2a9b6ae775718737c3d7efac03dcfe9333282bda446bed4542e9809fedf9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-26080"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBTGfKDq%2FELar3erE6EvcXbt9Th7b3i9mvv37Dw7PmeDqRFjzE5HJNdlhILnqHaNv6W9OHIFG4Dh4uSAKwp0am%2BZw1Go4O%2B4On5ZjsveAZfJpQQa92jG%2FhqiZmJlZVFg%2BczD2Whyt1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c593eb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 pretty-checkbox.min.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 19 KB
3 KB 732ms
710ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/pretty-checkbox.min.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e821a984aa1ef954cba20fe2ebe4c06f016de90b707c87fc186e0a3d468fd49

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-4b6e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4s%2B9ifm62Lqlw3MUZHff8B0H7eej7FZiMOZMdxVz39Zkh2p49cQSFzDSs3SSv8cYRswxTHcbvRV9tLOxfFy9q2A3FXNbAZisHn3oiQd4xIVPFbO0eDkdNgKB09bifxXfpRLH%2BODH%2Bk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5940b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 custom.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 4 KB
2 KB 781ms
759ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/custom.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a28af5b69a01811deb80974f23f7d6ac7e6260e9a0ec7074e24666dfa63f0a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-e6a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=du02kScA2YGW9tDdHCTfysAwe8NmWLBGhS2sLtcZd4MgWtxyj9jo7yAg7uDBc%2FKBVRRduv%2BYCRBXvEDzfmA4jaC9KvFCmPpOqu9l2RzzPKoz67FtTlyBUON9w1hSg3dvpGVvaBYAPVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5942b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 bottom-popup.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 5 KB
2 KB 677ms
655ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/bottom-popup.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca9e73a883e45ab6fac4004d79d3c6515ffddebbfd996f4db8be65660dc5903

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-15ec"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPh0ll7eT%2BFj7lzk5W3nYuv7kMaDurt1jRGfhSwxPIp3nQtPssLS95DQj7g4doMgZmwMIzdyuQhfbwArlRskjnoxmoGuGKyCRK%2BRcLhYfWCj7mZP%2Fmz2kzgXcIokhFMr3yDkvdSYKBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5943b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 black-friday.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 957 B
799 B 726ms
704ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/black-friday.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323a2cc5e93dc46485e70e83c37ef3f1d4c8ac691eb8a6a2b7a5c33c2d344e49

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-3bd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkEQqPgE0z%2BXdUAFjV%2FPWBikO6Ga6aH3%2FaQtuCmc7YYLKNpnowh7c%2FrriXCnhuJc%2F2oAfQ0VQ%2BoJGEkVmYiv%2FJAF1A30EXjhJxdz6kvU3S5Q2zrnxQD3c0d9L%2B5io8T9N4pAUBaxP18%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5945b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 click-bumb.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 11 KB
3 KB 675ms
654ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/click-bumb.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7786d36c133dcc4e0761a10d33ff9fdb165e8cc7b07749c320b640b84bbcd6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-2cf5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BN%2Ba7iplzLKcARQ7LrelHNBwIlfuWUQkLjNgkLyo%2B0QZw3j5BH94v%2BIgZHOTut9AelT3ctVRbJVk6mSIU05QqBs0GJUpw9BGr0ulhINoaSicgKlm4LagCItPncIVC4uhfQFhfT1rpSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5947b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 main.css
offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/ 303 KB
47 KB 837ms
815ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba9fd9536687f6dcd017425312149c9e29c2cb8d3d981aeeeecc85e36e0550b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1386-4bac0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBpY%2Fdq%2FUiPbgGjCzP%2BDjuEkNwheos%2FtuOIewQ0ZXgKCI9gWsG%2Fq5g3mpuAR4ZNzb2jXL09t61rJQt9fBI1BXdv6upljpWCt2%2B2akCvhaTENC3HYXHXtM1oKbSajaJUJTwBZAg8kCgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0c5948b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H2 200 everflow.js Show response
www.mxj5trk.com/scripts/sdk/ 60 KB
19 KB 261ms
121ms Script
text/javascript 34.117.205.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mxj5trk.com/scripts/sdk/everflow.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.205.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.205.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 84890dc47620c96effd9ae424a671539bc47c886e2991824edb6be8394eb65fa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: a60ab12e-a3bf-4b54-b734-f9ce55d75ea9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK Black_Friday_top.png
holidayofferbadges.s3.amazonaws.com/ 111 KB
111 KB 880ms
131ms Image
image/png 52.216.50.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holidayofferbadges.s3.amazonaws.com/Black_Friday_top.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.50.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6838044d4396017c2a529fe6a3bce0f8a70b34f6a5b5e5e7955d45302249d309

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 12:58:53 GMT
Last-Modified: Thu, 11 Apr 2024 14:40:34 GMT
Server: AmazonS3
x-amz-request-id: 3KT6A92GEZEAR806
ETag: "687a33dae7dec09069c863e4989dce99"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 113407
x-amz-id-2: yFI78SeQEo+vguzx83DriqzcSKqzEsO64i1iWqMtAr73oSB3wTEENnhYIzOgDltuSRBDY1uF0gE=

GET
H/1.1 200
OK Mobile_Reconstruction_1.png
holidayofferbadges.s3.amazonaws.com/ 17 KB
18 KB 883ms
135ms Image
image/png 52.216.50.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holidayofferbadges.s3.amazonaws.com/Mobile_Reconstruction_1.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.50.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff458c77d2072839fe7d560899726fc8377ab994f213b9b168bf003b20da5d01

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 12:58:53 GMT
Last-Modified: Thu, 11 Apr 2024 14:40:35 GMT
Server: AmazonS3
x-amz-request-id: 3KTA46RE47R3D0NW
ETag: "11bdc54a4799022b5380c5f6430cf3d9"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17732
x-amz-id-2: TzrovJIaz7LXVl1kxomxUCfZaNGfteNfFTtgheICoU1/rvzqsCBkNs4o7T5b7tF5uNdY5o3tJ+I=

GET
H3 200 logo-white.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 17 KB
17 KB 833ms
823ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/logo-white.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f0969b87c032bc6b73e0137eee5ca9fc8cf6652e6f5f06e75a0d9014bde2636

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-4386"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwZgvoUanj8CIJr1Zj3Cp9pPt%2F4u5HDLdtpIBR3A46LdNBzMzqem2Wduv4LoFM0gS52x6DEjS5vUhz5b%2FffQGkfQsV9mTGHtLLAYssv1pzMLwgevZALx8qkfwwbcYu2LAzCdQit1F18%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1a80b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17286
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 60-day.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 48 KB
49 KB 836ms
826ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/60-day.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176c05f93cde675289dedf9c784b9cb037f1840980454024667ef964b4dc9035

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-c1aa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IePCFcPglgoZKk6Qro4JKy2tou7Xtp7nNkrZybaMWSkUXCDw%2BEj9EFsUqC0hfizCCaNkzADtISy%2F0%2BH6FRM6H57jR5puuAKvOyUOP%2FaQx%2BJOD8dBZmQqWlh1FQHRulGbxURPJkEDxVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1a8ab939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 49578
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 chk.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 2 KB
2 KB 689ms
679ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/chk.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f1244ad8407cdf78f66d659fd9f0a2a266d08ef72cc04a13dbb14aefa6ff906

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-7e6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HA9713UH8Wqq8UniC4HURalQlT90WaNLyvLLQ%2FXfrR563xbTzdvIrfr8NstBwIn1F3Jt%2Bzr8aTeTqci6KIj4yEmg5fTv26sA2jmROAP1nLe2HCpfz5HdAo0c2uJoto2xjYHz89wCbPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1a8cb939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2022
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 package-1-c.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 26 KB
27 KB 1254ms
1246ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/package-1-c.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68062d0771e414c7cd9068a6dae2d79a9b1df72e06963ab0a2b9285372e2341a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-6875"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XntsDYccNSD63b8rgbW%2BS%2FB%2FkrUWOMFPjHjla7uQMPCaEraWHWCePdr5FT8jhMpocpvcZh5bX%2F7E5G4yVeug%2B41ely3sG9TKaOWuGlXReo5TvzeV20GMWoocXPmR1vi1%2FFPdXX8QSro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1aaeb939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 26741
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 package-2-c.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 29 KB
29 KB 1257ms
1250ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/package-2-c.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d214e3b676bdb8f1211fc3831f78ca92cfc5887dfa0aafaf9cb180b3acaf97

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-7254"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1NV6bp0twOibD6oYILrN7fOKZg%2F5YiqIFffhMef3G7fCE6WdLZhk0Or7NIztiqMnn8nQ%2BxDix5pYcJ6%2BfiQOG2i%2F8fDHXfzYo9en9fSkHdy9BjXmleth%2BYVivMkJnSivFGumPXjlwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab0b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 29268
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 package-3-c.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 50 KB
51 KB 1264ms
1258ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/package-3-c.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38bb9b5a0c37a13ac04942f9fca1feb9af1b7adac3a7f0dbce02ca722a91f64

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-c9fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WN3cxFklw3Hm0JzqiEQALN7MUpAuSwkc2TaHIbwAA5q0LzsFa7TacYEIk%2FABYHl1%2BRGEDD9GiLmLNefz0SA40urOH8DbWAhYqn8wg5PtRDd57X2vPENEGHhygt59bN5q4JM10kTbuj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab2b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 51709
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 package-4-c.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 57 KB
57 KB 1356ms
1349ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/package-4-c.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63ab6b70102807c70d8a3275f394605bafdcaf0abc01b2b25fd6dd66f3552cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-e30f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSNHaPtadBvBOpcuz2us%2BHBUW9%2FFGcJ6exHLCm8Ot9v%2B4OCSmiSc0FrN2%2FyPMo8jXxEFpiWvHoiuAY77Yw%2BQ%2Fe7JyW8uqzuQCbPYLhLqHJgLCxVdM%2Bd58GsLsFiwdP34ho0Lh4fdGh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab4b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 58127
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 package-5-c.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 12 KB
13 KB 1391ms
1385ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/package-5-c.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5f60ac47b74c8383eff331700df2801bb7a994d1a99cc0ad0c836c77bf7018

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-3080"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8eqhcsQKBngQBF3x%2FZzGCCR4YvfjpLL85FBu5yVQ9B%2B2TgYQ4RYiQyVwb5jbdaniBXe4H3JUqCl3vUSwLSmpJggmojsumUw%2F5OyRveI6w8DDqxdeBs37xIhpSStCFj36n8%2FQ8nV6sJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab6b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12416
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 user.jpg
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 617 B
1 KB 1392ms
1386ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/user.jpg
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8e71391f32cd69edfec8b751f9e3e282ecbf5544818cb1bb817bf4b8bd48ab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-269"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRojiIFcl%2FIlilFXZR07yIJHXtgE%2B12H7zy2QVj3kKBjfTsvTMtm9UgdBWP6oXC4C%2B%2FZqwWuBPQ6Hz667K0oHui207hx9j%2BdIpaYrFBXLos0DxpVtHpLjSsUEPnSpH%2Bc%2F9pyvhc1UHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab7b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 617
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 paypal-01.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 3 KB
3 KB 1403ms
1397ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/paypal-01.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a15253c07f1d217ece4fbe35f175cf3fa67564c963c7ba5ee8731064945caa8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1387-a2e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17%2Bm2wPFqQ701%2Btmw3qsKa3dkjipz%2FWVXxp75ejP4%2B9fUb6OhjsndWnYB%2Fz%2Bv8VZieoMdP%2BL7tIIlUpB82cuyIluaiZBVIxOfyyWT%2BqPNWIYup%2FRd1MOwqbePX0TOTWgyqjF6ccEpO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab8b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2606
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 cvv-number.jpg
offer.buyvi-shift.com/offer/1/app/desktop/images/ 47 KB
48 KB 1406ms
1400ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/cvv-number.jpg?v=2.36
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3b97b3c1e7e367a489cfda3c2c3321eb0225aad7839b1cd110f343b6992767

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-bdc7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOWcuvSxJ6f4Cyv7Y3mPTQtegKt7tLt%2BgmqeJlXoVp7LbAecFNqvS3MMyKmFHmHhCRkjWa3PHPYy0NrNljQNpSLslB3SPfDmP1BEL9%2FNa7l3iXmfh4e2XBYSIm1%2FOucZwSCGYSKqZss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1abab939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 48583
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 secure-icon.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 12 KB
13 KB 1418ms
1412ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/secure-icon.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575b2b383474606bcd11802527835c93cc1de6cb326b895bfe4ce75e0d11cfb7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-3172"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PN8UrWv0v9LF3RVI0z1Pe66uE7SSiaFJkOod6BL4lrQOWm2mk60LQJ%2Bq%2BpUutnNQTQGYhQV2SJ9AebQg%2BbFyNuAqnpoHLoFi3NclGIu7rfScakzQ7NhUr8aoD3DG22DbJOI8DRmHks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1abcb939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12658
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 60-day.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 48 KB
49 KB 1452ms
1446ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/60-day.png?v=1435386283
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176c05f93cde675289dedf9c784b9cb037f1840980454024667ef964b4dc9035

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-c1aa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EREgmsBoRFbdSxepljMAH6eWZ4aXgvlADdro5is5MQQ51JM5xMwYWfz2EYqp%2Bk%2B3QILfCtrZA64S6rkHF%2FiDxagW%2F2Stnqk6Zf26sgAMW%2Bq02QdYqHX4dh9BO4wp5rhSFsy2brMoMxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1abdb939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 49578
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 lock.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 4 KB
5 KB 680ms
674ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/lock.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8853b645df6075f5e0e6bf5777a9c289512d6157f3c0aa496bc91e6e9e00063f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-11c2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZHsojsJ5LTZBFn8DOASzDfqSqA4m2ZxW2e7S66L6HlzPdyFloPjsk%2F4%2Baek4sOLP0ySfK2eSpyIWf%2FpAzNIKvYaqbAkbK%2FE1Q4K4rOR3xb5Cdh853s2YLwvkTQObd5%2FioygpXvSqPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1abeb939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4546
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 shield.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 4 KB
5 KB 1512ms
1506ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/shield.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9d11ca261fecc78ba760d242eb8eef82b42820fe8eed69a27461f9b5dc8326

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-1137"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0G5U9yhcJ1NtpvkmHJJdZYG2u01oa0gT5lWV4HWTRF8mZwK0xujzgvVpUJmXfeGfsZoqMxWPoYLnL8tRqOZQU%2FzJrp7v43rTAHZmdjJrOA7pizJ2Saglc%2Fg0W3Ln7453HxsC70OklYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1abfb939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4407
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 us-flag.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 2 KB
3 KB 1513ms
1507ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/us-flag.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb331b184d6ba98290dc7fbfa53e5ed36ca2fd7cbcbed17c1c428e060d60d4a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-86e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7ZL2CnufgSWZ%2By1bOW0nvkeJmLnb5TmL0PiXuenXOQIjtvVZl5uf7x65QlCQAtVTIDiRNNaxrLdAS5vD18E6mF1f%2BiVfCE%2BOQNr98BLCQlf1TlhhBgLvAcRj1XQdlZnfiaPRjtFSc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ac1b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2158
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 ups-nw2.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 105 KB
105 KB 1579ms
1573ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/ups-nw2.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa672a46016ee238e1ac89bed123f1ec03c3ba0746d54259ece77e3531292832

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-1a270"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEUY3OXd6vTS3D0a2sCUq9JneRjpTGvXwFmPGl9utxVAJlVFab3tRp4ih8Co10%2BBkg%2FYBO6%2FUut52yTsWy2k26UPzjrx1aSI%2BlAzogz%2B9nL4MxsjiKYlvNEl2GqLzzaZcim1Y7Z59Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ac2b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 107120
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 visa-xpress-icon.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 18 KB
18 KB 1745ms
1739ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/visa-xpress-icon.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c8e591e72a475eda9a69cd2b2bd43858c341ce1c4549cad54a09a4be6307be1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1387-47f6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwpfblhMt%2BIh18%2BG5SlZZoTQOpUujq3ITJbug8Idm2mPSMp5r%2BMYXRh%2BZ3WWfjEycl0KG3w8WjYd4x42apWdEHiX%2FArvCvaVoxzrewDDwbM%2BKa%2FZZYxttJeIghWpujLfE1jpYRK6bkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ac5b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18422
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 125ms
32ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1811361
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-ams21048-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1713185932.414000,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13911, 177489

GET
H3 200 product1a.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 115 KB
115 KB 1778ms
1773ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/product1a.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b58606318cab6f933e2f7159f495e0b6fdde1950da42d0d4b14a906f8f1dead

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1387-1ca14"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1ZLzQWzl%2FtPuiMwbmkSA83HbqxnKrFAZROSzoTS4YoGjKKrdXDLEO7GpPmgAAFrXRwo4k%2BjJi1bWnvAFMqGKzH9ZaVB65XJ4S1Vdll%2BGD%2Bx0ujJiHp%2BXNwiu%2FuhgktlgutoWFcUTlo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ac6b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 117268
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 xclose.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 2 KB
3 KB 1913ms
1908ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/xclose.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd6dfbf348462f8e35aac00960d50d182a964d6a35e6cce108530179b913bba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-9c2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjqtHj24XCFBNkzClsCoMAdHuM8Iv%2B%2FWxJKUua5UNal2hioP0C2vhI8fuDlMAeqDq4Sxwyb5kDtJXP3mLi5SZrnaaAzi5nE%2FPxCFq1egXFeWJDZQbNuege8A4kQprZVYJ3MKcejRhMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ac8b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2498
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 bf_cm.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 5 KB
5 KB 680ms
675ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/bf_cm.png?v=2.36
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2975080484cbd155df2640cf883b661d04c8d800b73d763d493445640326cb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-132f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNcWmNNDkeuK8j5pOSpEqoGGczcQYZNoWVhibAc77Io1UWY%2BmQ6h5ssMbaSU7L1yiSG%2F7iytqJF3MVDdx3e80Xs2EuwXdOEg2hQ3YmStR6VcKAOqAYienkYtDSH8WaXBd%2B2IfrVEVn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1acab939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4911
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 math.js Show response
offer.buyvi-shift.com/offer/1/app/desktop/js/ 665 KB
178 KB 740ms
730ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/js/math.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c16172312e3412bfa69f1ad4c494c46bb3074587f0488e76addbd61a8ccff78c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1387-a63b6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKlAgynEpZhS91fRNsp4rXP27mxk69Zgq87R4efReB4mu7gMj0NMR4plnIow89n1qmmajlAnvrpINLWB3p8MfymxD5NcCNSHTfzwY5TmKtPBAQVGZuhhDg5CfVXDzTVtqXy0E4t4FkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a8db939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 promise.min.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 2 KB
1 KB 723ms
713ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/promise.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6f215cb3909ac889cca094c0e80e82b50f7b9a49e8c8fad2aacee610ba8c13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-9d6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4y%2BRTt4fv4NzWbVdVBapQYYZdMu3QefKcFjajnqTF8ia7c6l%2FpQB6ZbDPgMazLztdVHT8tBoEISn4InJkB0gCSJzG%2BgTO%2BcKRRb33UFZyJfdFv413x4BakBffTF79rou8n%2BEVPEX%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a8fb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 jquery.min.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 81 KB
30 KB 886ms
876ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-1449c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjTfvk3GtgviLqUfxtmFQMO4l8Oi3Z5WwsJxtRhEHUMFgHXaKzrCNJ7kx1aalTB94Ohsx8nYyGLrg2zbzet5IKvFPWVltwom713PZ3GLs%2BD8K1uYSClDApLavOCyhVOpeaiD1OMIIAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a92b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 jquery.mask.min.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 6 KB
3 KB 724ms
715ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.mask.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b9a05b09dfdbda80e5a007582d94069a582da1ea93452f77230e85fb1197b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-1796"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxb6ep%2F9cjF7FQp1l7nFVbosNbJGNb5fXpz1zkTPtYZaRZ9n1Hd9sZWKlhBvOuUH39TobS87k742R2btizQyT0Xd47vWFdyq2rB46SSalhZE7M0Wlu8fhpQazbp5m4rvQlvx64N%2BzYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a96b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 validator.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 4 KB
2 KB 682ms
673ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/validator.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f803cb4d2766f5773004b575b909289ba6db7f35edf6edd88ce8e07daf5910b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-11b9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfc26Iumgx1BE5jJhHpfRylCT3WVERyrtmyPabajA1oldSDg2xxxuY3resJ8%2FvdR6KuLzv1hLvxcso63mmNQoOsXzTMS93s990NYKAMB4mK2A76fAcNmQS3q89sfI6dOcmVviioDptY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a98b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 codebase.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 26 KB
5 KB 355ms
346ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/codebase.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248944a75be90143537233c41b7a29cbcb88f6c0644b86e93fd222dd1f0e9e2e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-68f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEqKMBCEDRsTqDIiLM5igd%2FdUKbJknAkjvOOCfii%2BpPQ05oAsAqAEZx%2F43eVrJNQzJFt%2BO46IycxRydGvW%2BLQurg%2FLoxLoafdbcUBresY3k0pS%2F0NJ4hj%2Bjce1ehR8%2FBV0FGwVGKtac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a99b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 form_handler.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 25 KB
5 KB 726ms
717ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/form_handler.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec88175c43b57ceb57a85635e11edb8fcd0a94a20de830b7de528540aa40a84

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-65fb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeBqGcuiGlgO%2FYIVgJxFLd2Ol%2BxbhDSRUN%2F7lJ6qU5xmKE%2By%2BPVTuxsXLx22%2FsfYoCh7q6ElATWnxE%2BFzWaZQzAXsLFw%2FM88EeVLDlEH4oeh9CCl9XOz3dw1iM0Z1lDO6VpiOF3FveE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a9bb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 app.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 12 KB
4 KB 740ms
731ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/app.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f76e00aa49c85cd7f7c5259ef14d1a248f7e3e086e63b8f6efb44c635c6723

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-3114"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4ErPA7x5rDdQQ4drFJjq4sQAHaOH7p4FnY3vL3iU1mYYOzjf%2FXI6zRgooxcB8velX9SFkAqbFfUtBJO%2FUYT3zHfUSnzDUiP1TfcEaRoTEwXVTl9lu5dSNF%2Fu3GUvK82Ym0ew0RXfL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a9cb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 outro.js Show response
offer.buyvi-shift.com/offer/1/assets/js/ 4 KB
2 KB 689ms
680ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/assets/js/outro.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 717c1e30a97c59911b5c41462d952f0cc70536a09878e57cd50ea6c3dbcd4b01

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf138-115a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJaIp5jucnaaePSPzbgpEV4nhpc3hjzo8WSWn6lzvfTPecI1BOE5pw0JpL4yIBIJMimcnWZJWvm9Sb1avyWC9JGbBzurPWBrEvavqzJFmfT18SEl70hHxpOl8ksD5bGfHgktQeTHh0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a9db939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 cb-util-pkg.js Show response
offer.buyvi-shift.com/offer/1/extensions/CbUtilityPackage/js/ 402 B
679 B 1192ms
1184ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/CbUtilityPackage/js/cb-util-pkg.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bdbc24a32f7d11b673e014b46efef065e5fbc7d3c83ba8a75386fa71c3fdbd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:47:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf7a9-192"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67aoHJdXS86nILF9XWKI59iKb1Y5wScblR75gTPtTxFsd2EuaO9VtL%2B5jC8l52O%2Bt3rx0W5q33pftLdz6UBqxoLxVNNUOpIgMz9Prig6ioQWvB85mARcOQ8wkZ6xIa8xcU4belH2Evo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1a9eb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 validator.js Show response
offer.buyvi-shift.com/offer/1/extensions/Validator/js/ 3 KB
1 KB 1196ms
1187ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/Validator/js/validator.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc369260aab7bbd9b429f0dce3d6a9a9f2d5a37fb91efdcc233e1635f5867b56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:47:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf7a4-ad2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3bG9P2Jum01QAfU3Yf3ueOSwO%2BiakXUK9zlBrUZ4Zo4tYdUmc%2FJ3bHITgD2FkL45XhuW89e7RhZa%2BbKh3LKpZoMPkDtGHQa%2FGGYe3kPjdPD3xgSyojbzqmGWdcrudwWLtIITpCaSjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aa1b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 jquery.inputmask.bundle.min.js Show response
offer.buyvi-shift.com/offer/1/extensions/InputMask/js/ 70 KB
23 KB 1200ms
1191ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/InputMask/js/jquery.inputmask.bundle.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec1368e32055a867668be19462010bd22d3630abb70ef9405c3d56d116d3bd0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:20:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf14d-118cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUs%2F12d8qXYhfg9foOe36lqS4R61eflzp7GHp9Rcp5JlEskauh8ojgsCHjpsiG943eHDNV2J10Lcw8urnEd0rr4uyF1gUJrhwlYc3REB4ylCFLdCqEb7MdkPEniUr1n2wENDt0Ms35U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aa2b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 input-mask.js Show response
offer.buyvi-shift.com/offer/1/extensions/InputMask/js/ 6 KB
2 KB 1241ms
1232ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/InputMask/js/input-mask.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5181e2c420fc86d195e5cb169bef7f067114ad97de24432198875fb48cd26b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 09:20:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf14c-18c4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52i0cUUYHaXSYvcaoUC2nh%2FP9UUbB0BWJyBfuYw2pjMG%2BP05wOJYERdJaPOjshzmwmR8OiBpZM9qPwwPw7KhTYsmGyJIlQjgH0oz0eP4tXnzmXZEM8Oh3cVD8D712AcIFeV%2BQCP5RKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aa3b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 sticky-prospect-script.min.js Show response
offer.buyvi-shift.com/offer/1/extensions/stickyProspect/js/ 1 KB
821 B 1243ms
1234ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/stickyProspect/js/sticky-prospect-script.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d83d3eb01df31974d0df0e8cff11f50e2f8ee91f2fc9c5f656d283ddf123ed42

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 02 Oct 2023 00:24:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651a0dca-572"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImS4lvZpQgWBJT%2F0WKtrsLYtb8P7p0jeiH8VFq6nznEFC44wEF%2BN2BJclTzQOeJ7K0Qigd%2Fzy6ZsUI5M3CNJkcS8FC0HibVY0wM%2Bmato7UA4W0RdwTMrqaFBSjoT%2FKplLyyu37htKqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aa6b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H/1.1 200
OK custom-extra.js Show response
holidayofferbadges.s3.amazonaws.com/cdn/ 924 B
1 KB 747ms
121ms Script
application/javascript 52.216.50.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://holidayofferbadges.s3.amazonaws.com/cdn/custom-extra.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.50.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8ef95a4f3669c8d75c88a9ccc6fce6ae63e80e3a643fc76ca3ed7b8c594e39c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 12:58:53 GMT
Last-Modified: Mon, 02 Oct 2023 06:16:26 GMT
Server: AmazonS3
x-amz-request-id: 3KT69TDK1E7Y67BF
ETag: "1ab4fcd0eed14de844f9b5ddf15215d5"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 924
x-amz-id-2: z9j9DFgeh4UnwedkbIO2kWB4nTX7ItqDsWl3YBuEdP0IMxevZOoNUldIWYbB6DwY4zAUrN67V48=

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 235 KB
77 KB 819ms
0ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0193c254609fe51904688e0fda17aee88e6b3fd74fe7b0f889dd8b76ca2d3550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78259
x-xss-protection: 0

GET
H3 200 address-auto-complete.min.js Show response
offer.buyvi-shift.com/offer/1/extensions/NLMGoogleAutoComplete/js/ 6 KB
2 KB 1243ms
1235ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/extensions/NLMGoogleAutoComplete/js/address-auto-complete.min.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dc8199107c2e70bba0e30bedae80dc070a70ce52f9d94070d96c5a52a0762c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 02 Oct 2023 00:22:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651a0d5c-175c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRbX9Ygoshijg082MJLdrTE5AtihkGb%2Br3UuPmq%2BPL0Wh7F%2B7MARiGziV4QOOtAtez2Cphm7cbP%2B3kyUYiZ0J3tTMV58f%2FC8dYkWVFWHI9obAT7du75grODU1Nzp5245SB%2Brhzv7FCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aa7b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
891 B 115ms
64ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,700|Montserrat:400,600|Marck+Script

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d19b9d2b3703c852a555c7a647d341132874bdd69c3364d4f6fd87d4610cd183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 12:58:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 12:58:52 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
17 KB 164ms
87ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1078
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 03/18/2024 12:53:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: cde9fc4e8c34965a3480a70543985024
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 874c1c0d8aaba005-AMS
cdn-requestpullsuccess: True

GET
H3 200 param.js Show response
offer.buyvi-shift.com/offer/1/app/desktop/js/ 791 B
727 B 1249ms
1241ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/js/param.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5cb19b6f35feef30d8d83360f46d4d57ad64a635d941c53e934b749a295cb9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1387-317"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOlyVEzYFX6T1AJssUqFeCDlZPgIwOSnOVOuAcTu19bf9Vs1KeWdi7BtIE0sjpvqMGvwK4luw3Zy3DGDZLPRGEycJwKa9%2Bggzvq98Rr1rheg0vHkcqFzXShrrpaA3ZM6%2FYlLWIaKNEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aa9b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 popup.js Show response
offer.buyvi-shift.com/offer/1/app/desktop/js/ 3 KB
1 KB 1250ms
1242ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/js/popup.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87e83aaaf7cff2f976e88f64a75275ba4e7ccf4d3bbb249f1749e4fdff7bd01d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1387-aaa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04pPjtSmi7CmRSHdmpbzla5Vz%2FrxLJhA%2B06wgdyWSKHDIV0brrPsiNCVcmuEKyo7yoqqF7Sl6BgDoa5sPB6qZE%2Ff1GheGclqxj%2Fy5OunvpC40MOCC3fQ2VRZQBnrUMVb9z0pb4T8HWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aaab939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 checkout.js Show response
offer.buyvi-shift.com/offer/1/app/desktop/js/ 29 KB
7 KB 1250ms
1242ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/js/checkout.js
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9d5685830ce546418924c415688d4cccff059e86d82072a905553938625cb1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661d1387-7358"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0%2BQ6Btj9%2Fw94JlZdFev5XQd1lSdRmKbVU5HOFsoV1NUXThvrD2UaWuJ%2BSVZI69zb5HPHCNiwq4ED0N33cVjCLrL2UFH0kFRC1FGq%2F6BexrL4A12K1QQPC8e3KPuGmLz10jlVbxrHvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-ray: 874c1c0d1aabb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H2 200 gv.gif Show response
dev.visualwebsiteoptimizer.com/ 768 B
584 B 32ms
32ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/gv.gif?a=51174&u=https%3A%2F%2Foffer.buyvi-shift.com%2Foffer%2F1%2Fcheckout-now-v2.php
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/51174.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 094b0f51df4796748847898acf142a8d96122059e557931405f5126f0bf4e6a0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:52 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=UTF-8

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
51 B 425ms
306ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=51174&d=offer.buyvi-shift.com&u=D2E4C7BB510BCD2F4DEBAB23199363085&h=eef7438349eb4f7c3761f1a7ffa2bd5a

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:52 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 bg.jpg
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 2 KB
3 KB 1008ms
1005ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/bg.jpg
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7e0f8b3567392e3f64bba6e073627c5a5ba978f4d98cec629fd32df4b5d6c97

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-91f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lq5F99BJjuPYOOln88SDvdUjZqIIMMtRolveKkLj4VdwmzdcE0%2BcEyaqNtUNcubFGfcki0Z0mITzBaTntVYkWrwfoBGlI1bIZfBPWPvDu%2BsasrgCvxkdmzIiVK4j2s5F1wL%2BfvG0%2FDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c12cc99b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2335
expires: Wed, 15 May 2024 12:58:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
86 KB 1033ms
54ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2M228G4

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22a6fa93e0a77d3bff93d1af736f537826f043ce0826956e5b3a28e270d3cd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87628
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 12:58:54 GMT

GET
H3 200 package-3-c.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 50 KB
0 337ms
337ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/package-3-c.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38bb9b5a0c37a13ac04942f9fca1feb9af1b7adac3a7f0dbce02ca722a91f64

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-c9fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WN3cxFklw3Hm0JzqiEQALN7MUpAuSwkc2TaHIbwAA5q0LzsFa7TacYEIk%2FABYHl1%2BRGEDD9GiLmLNefz0SA40urOH8DbWAhYqn8wg5PtRDd57X2vPENEGHhygt59bN5q4JM10kTbuj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab2b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 51709
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 user.jpg
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 617 B
0 477ms
477ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/user.jpg
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8e71391f32cd69edfec8b751f9e3e282ecbf5544818cb1bb817bf4b8bd48ab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-269"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRojiIFcl%2FIlilFXZR07yIJHXtgE%2B12H7zy2QVj3kKBjfTsvTMtm9UgdBWP6oXC4C%2B%2FZqwWuBPQ6Hz667K0oHui207hx9j%2BdIpaYrFBXLos0DxpVtHpLjSsUEPnSpH%2Bc%2F9pyvhc1UHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ab7b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 617
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 200 logo-white.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 17 KB
0 22ms
22ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/logo-white.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f0969b87c032bc6b73e0137eee5ca9fc8cf6652e6f5f06e75a0d9014bde2636

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-4386"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwZgvoUanj8CIJr1Zj3Cp9pPt%2F4u5HDLdtpIBR3A46LdNBzMzqem2Wduv4LoFM0gS52x6DEjS5vUhz5b%2FffQGkfQsV9mTGHtLLAYssv1pzMLwgevZALx8qkfwwbcYu2LAzCdQit1F18%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1a80b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17286
expires: Wed, 15 May 2024 12:58:52 GMT

GET
DATA 200
OK truncated
/ 181 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34ed2e2f3b2f4d741cf4e5ed2da19a51293f6a7f5fecc8574822f1d635faa198

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 404 fa-duotone-900.woff2
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 341ms
229ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-duotone-900.woff2
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTt%2BKnGVaOiRc546Uko5Fmi0PzSz%2BB7wnGaD1RvCVYJ3g5gekx1RC2Ns8qDUoDuYR%2FacDWDxvRsecIuO6SnNrmDCw0sA09cQ2jiTXsqDaBzMwVR0IfpTQayX7HzPM6MLWp267Jh4%2BqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c179c16b939-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 fa-solid-900.woff2
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 341ms
230ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-solid-900.woff2
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ri4Z5y15rsw7kNLkBcUwNbAeog3D%2BrO%2B8oCBORV9Sa0VHoVBuxiC6SYtQrZlLUVqmyOXFNM2voPPt58Som2NzwNLB0cNrVjbIrl02JpVdiKhs4dkDz%2FI%2BhLueGaUEn469lyf%2B3mYp%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c179c1ab939-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 371ms
25ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 223978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Apr 2025 22:45:56 GMT

GET
H3 200 xclose.png
offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/ 2 KB
0 339ms
339ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/checkout-now-v2/xclose.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd6dfbf348462f8e35aac00960d50d182a964d6a35e6cce108530179b913bba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:52 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1386-9c2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjqtHj24XCFBNkzClsCoMAdHuM8Iv%2B%2FWxJKUua5UNal2hioP0C2vhI8fuDlMAeqDq4Sxwyb5kDtJXP3mLi5SZrnaaAzi5nE%2FPxCFq1egXFeWJDZQbNuege8A4kQprZVYJ3MKcejRhMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c0d1ac8b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2498
expires: Wed, 15 May 2024 12:58:52 GMT

GET
H3 404 fa-duotone-900.woff
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 177ms
174ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-duotone-900.woff
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5dBSx8pEt668Fr9tj4uzgJoNVs1ae56fkjfFWNXyQzQYs6WNkzrtjvKBK9AaRzQB425nWVaWOwXjcg%2BknWvbj1HjBNfmtaK0QhC%2FLTXQBxWWSKiLwWjD8CFqizlbw%2BO1TugaGxCeFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c1b5a3fb939-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 fa-solid-900.woff
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 175ms
172ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-solid-900.woff
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAcKet5b73wnfBN2TGS7%2BUjvBxktvztig1nuDALf8e9fGdSGipvuuWzMoqpLZz%2BGhw57cziw%2F0IKAG0q3zJhqTSYqKO7UYGGoZ6oH5CCUgyn0oR%2BNnAkVRZ9SxWjo23uCF3yJB2gm%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c1b5a42b939-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,500,700|Montserrat:400,600|Marck+Script

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 06:43:36 GMT
x-content-type-options: nosniff
age: 540918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Apr 2025 06:43:36 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 106ms
46ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://offer.buyvi-shift.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/ 256 KB
56 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c52bcf6c2dfbcaee25d0a18eb5f5a97c0bf949b95183c03942a46c49dab502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57413
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:06 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/ 182 KB
56 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f83a5c0cbf1941ff26a6ca8b39f94cdc56a14fc0b64b1fa56c0f5317b7811582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57142
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:06 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/ 94 KB
25 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c24cc8f4ccdd217d64848d0078fd4a5826121a628b60f935eb9640b00073796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25137
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:06 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/ 57 KB
18 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/nl_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBRrpNuCqkeH1NqSBP14wd0vPx7k6HL6t4&libraries=places&callback=attachListener

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca44bf68e4ada9e0c5915c8f5bc53d95f5d4d76173dafd8a2f878a8581f87433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18288
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:06 GMT

GET
H3

200

main.js Show response
offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame FE4A
Redirect Chain

https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

24ms
24ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ab5788a52c215b0220c89717c11a34f5666d013418e375a6de9ece7b456ab3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WlhlCrR6n8tFzhQNF3VMK7T4YNIJ%2Bi%2BOT5eIyazITJgJpKCFYRr6EfKIU8gYIyyKHFy0vIk33uc4lI0KBxIcAGzryLGQCqUrq1NksmpKXog%2Bx3hRhJsRC%2Bd7yRUciL2ca0U6qkDRcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 874c1c1e1ea1b939-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 15 Apr 2024 12:58:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESO7OZiGvuE1jV3TzK4FmkEz%2Fjk37yZX2JvZ8ROMiKMnkW1ETSBpAsiQwTmlqjsO2R2AHTw2ombhSJ7vyPir5Wd%2BYG%2BrJtybsMqoD4MaMA9mTOrul%2F4xH%2BBBsQRh%2Fr1Ccg5%2B24hN%2B4w%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 874c1c1c2b99b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 get-refresh-token Show response
offer.buyvi-shift.com/offer/1/ajax.php/ 64 B
556 B 196ms
196ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/get-refresh-token
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0832bb9c5b4b28a4480ec6364378128559528b20d6d36326472d487f8d7d79

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFQk739uMpJZe9aLTmLFhvB7H2CNzqcfF6R6DVqb5abwslDSttG%2FmHgXm389OM%2BpaidTtmpqf%2BVkYiYCyMne8yjoDuKelapGlVrxO%2FkLnfSPXPlFbeXdQh%2BzB%2FoOzl4hZ2wgbWGLPvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1c2b9db939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 initialize Show response
offer.buyvi-shift.com/offer/1/ajax.php/extensions/checktrafficnew/ 16 B
525 B 513ms
509ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/extensions/checktrafficnew/initialize
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcFIdBR%2BWaJk5LOCyhuPJoFKEcsWRSEXVjlW97vPtVJR0fhNCsQislQVd35WOKcYizx3lqLyF%2BA00B%2F590l83jvvFbSMEvRnA0d%2FNadzDxw7C7Hgrkhe7ELHHWZxAaL3%2BRLDhq9Kn7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1c3bb1b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 tick-input.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 538 B
1 KB 182ms
182ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/tick-input.png
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/app2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8806fd0b2e8a7d0421894ef684a2f9b629024c6cf29990097bdc040a113c40c8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/app2.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:54 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1387-21a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=736FH681B77RoIx6ueoNni%2FZ5xlFFF8YtV2BIbEvlQf7fW6%2F8nm4NnEBtcXKbSJJw4%2FOjQWxBEVlHAtoeD60wf8JeZLOQ%2FS2sK9%2F%2FoZ5P0sghqWHdxesFQkXspbEqF7PL0pecv6drLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c1c4bc2b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 538
expires: Wed, 15 May 2024 12:58:54 GMT

POST
H3 200 validate-coupon Show response
offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/ 44 B
556 B 201ms
201ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/validate-coupon
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861c0728af5858402432d2ab442aec334ca07d55ce03a8f3d78288f4c42e9d2b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGWTd%2BOLa7%2FN2DjwUPwpXL181%2Bv1SyDelbZG8fSBeQHj9l6xSqJCyK7ZCvtnXGlGvyblJ43iegaxWXmcFS7GjNa8ExITjh%2FgXadrTCP2cPOT5RnNxXweIS7WwgFWHuqLTM2TrvjmfZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1c4bc8b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 update-data.php Show response
offer.buyvi-shift.com/offer/1/ 53 KB
2 KB 187ms
187ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/update-data.php?act=data-layer-update-config
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876a182122fde61f9e50d9a0b1f220cfaabf62d4c577c27944b5a46320ce7d30

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FSBAZWQY4z%2BFQ7AEjx91PowLY2McLOV0cCHJ%2BVPEzTO6P9bGsm2y6wIm2drkOE13Ho2bPooqz4tgAA4Cfc7DP735U%2BCUFWUygX9tU3yEQkQhb1iU0F0Ezo%2B8C7mPhvbSF0v1AF49%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1c4bcbb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 validate-coupon Show response
offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/ 44 B
557 B 532ms
532ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/validate-coupon
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861c0728af5858402432d2ab442aec334ca07d55ce03a8f3d78288f4c42e9d2b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NCKbkL44hCTjPjY3J0QajWLD%2FvmkDGKvOpk7CDSy4T8ZhSaY80nR5QUWamj3W3nDivdln6bRGgC2%2BS8zT4%2Fm%2BGBSCT6S3%2Bas8tB0VScltxBlVpQvgipB2KnRQBHGPrM8QHOkNn%2BVDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1c4bd1b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 update-data.php Show response
offer.buyvi-shift.com/offer/1/ 53 KB
2 KB 205ms
205ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/update-data.php?act=data-layer-update-config
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876a182122fde61f9e50d9a0b1f220cfaabf62d4c577c27944b5a46320ce7d30

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tfY%2F1z%2FhR4ajbYjI5B7Y0qm%2Fiyj%2F939FnXqTRQS1jDkY7%2FNVnt5A0Ijk1rhFGBU0W9X87NY8isUZRPMKrtPT3e3mXEozkLLn1Qa2lzNaankmOJtRxH%2Fo%2BP3R1%2FTGK8xkWMQN09L8cBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1c4bd2b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
2 KB 253ms
19ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

446c8d51c05ddebabe23051dbab2aa2e2d33c9d638a7d0baccdfe1db247f18ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Mon, 15 Apr 2024 12:58:55 GMT
age: 222448
x-cache: HIT, HIT
content-length: 923
x-served-by: cache-lga21929-LGA, cache-ams21051-AMS
server: nginx
x-timer: S1713185935.007580,VS0,VE1
etag: "6e16149d71d1897797408d2b42586ec3"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 57, 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 335 KB
108 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BFXEWPXKBT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M228G4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8aa6de5ebb341a26e46128bbc80bd7118174a8f3d74cb7c36acc9910de150752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Apr 2024 12:58:54 GMT

GET
H2 200 6gzzp74dle Show response
www.clarity.ms/tag/ 667 B
1 KB 560ms
324ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6gzzp74dle
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8484fc00338ac357241a13b1638a5084d4bcbc4354979d9e5cfae91c32ad4b8d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 15 Apr 2024 12:58:55 GMT
x-azure-ref: 20240415T125855Z-17d488f697ffbjlvgcc83zfsv800000003g0000000028rc8
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 667
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 255ms
21ms Script
text/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M228G4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Apr 2024 11:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3838
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 15 Apr 2024 13:54:57 GMT

GET
H3 404 fa-solid-900.ttf
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 173ms
173ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-solid-900.ttf
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHF28mpCsv7RkzpIEZmIxc%2Bu9Ed24vIDNoTmCJXZzgTZxxCeTe1RJHRr2OCYUNnILbIUv%2BCr4dLqPqBjmkQkVh%2BfJzAEqokFGq4KwVGIRuUOHjFdqo9XhAuL%2B4DuyLzV99T505MV3%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c1c9c1eb939-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 fa-duotone-900.ttf
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 175ms
174ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-duotone-900.ttf
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BEAJyv2hubkS%2B5Jo%2F3xrel1pZIuLYIcexoa1sPMEsnxUmv3wn4OdOtr8GE%2FBTo6VJNex5fuoOyFvZ86sR13z4uOEvpGFOepfCpiw3fZOQSbxdKEwPFUDz42b%2BwzDntB755iJ6tqdTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c1c9c21b939-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 fa-brands-400.woff2
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 176ms
174ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-brands-400.woff2
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUFwhjL2%2Fvy01Uo6HrYHP%2Bbnkx5TBgAdRIT1m7RCyoXHc1XtaltBaXUsD7cQsNychOo9PGOoBBPscpWLRYoOczUHS1gSi%2FA28EVY8y4SMaVBjBnQVoHG2fG3uLYL%2BEUtUrP7ay8YWbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c1e1e9fb939-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
13 KB 78ms
19ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Mon, 15 Apr 2024 12:58:55 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 222449
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-ams21050-AMS
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 9, 199528

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 79ms
21ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Mon, 15 Apr 2024 12:58:55 GMT
x-amz-request-id: ENY9D5YSSWTZMA0V
age: 222449
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1029
x-amz-id-2: 7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by: cache-lga21976-LGA, cache-ams21050-AMS
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 182878, 194788

GET
H2 200 runtime.c7512673339d90d039c9.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 72ms
21ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.c7512673339d90d039c9.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e00405228d32a6313f875d22f53fc45f0a4d334b550cdb1e311f4c5ea51b161

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GkOtr2ddjn_R3yJS983dja_.OGWbv5MA
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Mon, 15 Apr 2024 12:58:55 GMT
x-amz-request-id: 8PZZX4HW7W1X6HD8
age: 222449
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8207
x-amz-id-2: JiMl6BJgbTEwho0dgfSav//Z4b3mwhi2ai2XeNHEtvRgFlkgZkm6Kz24iCU30CeEZWVQCxAvISbojjXd+SDrgRZNrz99H8EcV3KrBoyVVFc=
x-served-by: cache-lga21963-LGA, cache-ams21057-AMS
last-modified: Fri, 12 Apr 2024 20:04:19 GMT
server: AmazonS3
etag: "4d6bb987a429dbd7632467dab730ee3b"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: af58ae95e66fb66d3e228300cb50f14f38233295
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 40, 219157

GET
H2 200 sharedUtils.616df14b2a706a7b4c44.js Show response
static.klaviyo.com/onsite/js/ 48 KB
19 KB 67ms
17ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.616df14b2a706a7b4c44.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VLDxrn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09048b15fbd7d6f712c4c85a7ddc7319a73dde5b7691da9effab476ee1aa2965

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rGLAaboyf2SI0GZbqgcaBQR3V9GErVvR
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Mon, 15 Apr 2024 12:58:55 GMT
x-amz-request-id: 41Y8ZYBMV2DRPKWG
age: 222449
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 19177
x-amz-id-2: A2gdlJTMw9Ju1eZt0IuiLcJVt/dzA2sVXWKi12ClWLPxibsltu/kB8nrCa7ab/NZ4BtkC4SAtWCtL3FKxRnqfg==
x-served-by: cache-lga21977-LGA, cache-ams21057-AMS
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "3eba7f4ef27fe40851e8b2762258e839"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 3, 213194

GET
H2

200

ga-audiences
www.google.nl/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=914890825&utmhn=offer.buyvi-shift.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=nl-nl&utmje=0&utmfl=-&utmdt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825
https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825&slf_rd=1&random=1809261248

42 B
107 B

268ms
81ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825&slf_rd=1&random=1809261248

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://offer.buyvi-shift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156182996-152&cid=1366987602.1713185935&jid=713067417&_v=5.7.2&z=914890825&slf_rd=1&random=1809261248
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 137ms
71ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Mon, 15 Apr 2024 12:58:55 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 121ms
55ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Mon, 15 Apr 2024 12:58:55 GMT

GET
H2 200 collect Show response
gtm-khd4rlt-owq2o.uc.r.appspot.com/g/ 2 KB
1 KB 450ms
327ms XHR
text/plain 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-khd4rlt-owq2o.uc.r.appspot.com/g/collect?v=2&tid=G-BFXEWPXKBT&gtm=45je44a0v881947278z89179684221za200&_p=1713185933247&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=839351515.1713185935&ecid=1533439769&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-ZH&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Ag&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713185933247&sst.ude=0&_s=1&sid=1713185935&sct=1&seg=0&dl=https%3A%2F%2Foffer.buyvi-shift.com%2Foffer%2F1%2Fcheckout-now-v2.php&dt=Buzz%20Repel%20Pro&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=Checkout%20Page&ep.offer=Vi-Shift&ep.gtm_version=GTM-T2M228G4%3B%204%3B%20&tfd=6013&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFXEWPXKBT&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

fb4fccd3d6b9acc5c8e6903915f1b53d1c0abe6218adcb3add52d7b044ef7b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://offer.buyvi-shift.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 collect Show response
gtm-khd4rlt-owq2o.uc.r.appspot.com/g/ 1 KB
967 B 597ms
526ms XHR
text/plain 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-khd4rlt-owq2o.uc.r.appspot.com/g/collect?v=2&tid=G-BFXEWPXKBT&gtm=45je44a0v881947278z89179684221za200&_p=1713185933247&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=839351515.1713185935&ecid=1533439769&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-ZH&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713185933247&sst.ude=0&_s=2&sid=1713185935&sct=1&seg=0&dl=https%3A%2F%2Foffer.buyvi-shift.com%2Foffer%2F1%2Fcheckout-now-v2.php&dt=Buzz%20Repel%20Pro&en=screen_view&ep.page_type=Checkout%20Page&ep.offer=Vi-Shift&ep.gtm_version=GTM-T2M228G4%3B%204%3B%20&ep.gtm_event=pageView&ep.page_isReload=false&ep.page_isExclude=false&ep.gtm_uniqueId=1713185931679.1&ep.gtm_template_v=28&ep.gtm_tag_name=GA4%20Event%20-%20screen_view&_et=39&tfd=6065&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFXEWPXKBT&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

133cfc7312f40732b78ac43805d9008cd74914d9ddee58491dbe713c8ff576f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://offer.buyvi-shift.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 collect Show response
gtm-khd4rlt-owq2o.uc.r.appspot.com/g/ 486 B
548 B 509ms
438ms XHR
text/plain 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-khd4rlt-owq2o.uc.r.appspot.com/g/collect?v=2&tid=G-BFXEWPXKBT&gtm=45je44a0v881947278za200&_p=1713185933247&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=839351515.1713185935&ecid=1533439769&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-ZH&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAg&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713185933247&sst.syn=1&sst.ude=0&_s=3&sid=1713185935&sct=1&seg=0&dl=https%3A%2F%2Foffer.buyvi-shift.com%2Foffer%2F1%2Fcheckout-now-v2.php&dt=Buzz%20Repel%20Pro&en=ads_conversion_Checkout_1&_c=1&ep.page_type=Checkout%20Page&ep.offer=Vi-Shift&ep.gtm_version=GTM-T2M228G4%3B%204%3B%20&_et=2&tfd=6065&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFXEWPXKBT&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e11e98806bd576e375389611aba1dc7eb97762444ecb541897ad30bd8f8fffb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://offer.buyvi-shift.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 874c1c053c9fb939 Show response
offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FE4A 0
602 B 59ms
59ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/h/b/jsd/r/874c1c053c9fb939
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rm07ODHyiv0jGFUmzCvKd%2BCL%2Bt3YDWIzu7hFo9Negk%2FNsdv7fQPrjbA5CwVKY5KTYcxstlUdQMiQfTdrJourgM4OBhiPDiRbpyLgKQptO2bARdNEC%2Fc%2F3UIMIYFV6wTxMM%2BB9%2FtYLP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 874c1c1f892eb939-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 fa-brands-400.woff
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 197ms
196ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-brands-400.woff
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zo94o%2FL5kffqvq0T8zZhS%2Bwgs%2FR%2BH7p4JvfnT3pt0cc2Y8OK4TAW%2F4N7IvM6GSB7mKsrOvl8ChT25NHfYo50pJ1CI5IN0Mnbn3uWFP4jiOQD2JPnluZ1tC%2BfzvkbDnlidGEpNryGdSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c1fe9bab939-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 place Show response
offer.buyvi-shift.com/offer/1/ajax.php/extensions/checktrafficnew/ 0
497 B 187ms
184ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/extensions/checktrafficnew/place
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcXwsaKAa1lVOoRPRV%2FVWdsywSq084ZSH4aGtvf5%2FsDPsHrB0TXmtCoRawVucKRhf9u470qFzIg%2BCfU2YwUQi3jC%2BH5npEPsC0dI7dlvO6akfRGbH%2BHG7sC96J3jhJN0Er1udd9rFvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c1fe9a2b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.27/ 60 KB
25 KB 295ms
294ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.27/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6gzzp74dle
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:38:07 GMT
etag: W/"0x8DC536DF2EAB768"
vary: Accept-Encoding
x-azure-ref: 20240415T125855Z-17d488f697ffbjlvgcc83zfsv800000003g0000000028ref
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c278336b-a01e-003d-4958-8d58c0000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 404 fa-brands-400.ttf
offer.buyvi-shift.com/offer/1/app/desktop/fonts/ 0
0 175ms
175ms Font
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-brands-400.ttf
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/app/desktop/css/checkout-now-v2/main.css
Origin: https://offer.buyvi-shift.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEqX8N4ezFyp90d3foh9So%2F6dMdrDVIJi4uywxv%2Ft8UUnwUkWtuBj1aGbbfIPpicxuCm909dz16Ds%2FqOomGdhgN04H2dgG2TwPp8taumljNAslMh6YupkvskknwfrpMQMpQG%2F1g4ql0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 874c1c212bdeb939-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
201 B 146ms
27ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4440v881947278z89179684221z9858053261za200&_gsid=BFXEWPXKBT4v7G5WpEFhq0mBzACrBQdA
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 validate-coupon Show response
offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/ 44 B
555 B 185ms
184ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/validate-coupon
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861c0728af5858402432d2ab442aec334ca07d55ce03a8f3d78288f4c42e9d2b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6K6a42Em8Hfw1ohPOCK81%2Foizn9qJM2HIlfSxTA0ChMDnZjz51QOEfPs3wu%2FhV%2Bmmq8aJce%2F7%2FGlj22nZeArqBdHqLrrWxXas2PksIkbHjtQuS5Pdrv8sH17lKN4HCXdYoWx6yz%2BTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c21ac8fb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 update-data.php Show response
offer.buyvi-shift.com/offer/1/ 53 KB
2 KB 197ms
197ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/update-data.php?act=data-layer-update-config
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876a182122fde61f9e50d9a0b1f220cfaabf62d4c577c27944b5a46320ce7d30

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grItVWbqW%2BETeIKKVnbNdmKRxqmHbnI5mTmQp6zTHcKDZCtDu%2Bqh%2FI6gL2RQa0pa3RaOxl%2Fv9ZfVQC4GAdkIPq5ORIMHopKnMbn28x3Cv4JlRBvvY8MS%2FCcI7%2Fxs6MllHDCUh3EKIXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c21ac95b939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 validate-coupon Show response
offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/ 44 B
549 B 199ms
198ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/ajax.php/extensions/coupons/validate-coupon
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861c0728af5858402432d2ab442aec334ca07d55ce03a8f3d78288f4c42e9d2b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hCnv67GPbbTUBh4xxt62FmkXuI5KyFf5oDfkiDjUVMGJd4k9oadhii80x2Qn9%2FcuARJC9RxGWbCNredmi7mA40o8f5%2BcXdCd7TH8vRQgFUiRE1f0DeUnKFIOsKjlauYM75ZoRztrRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c21bc9cb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 update-data.php Show response
offer.buyvi-shift.com/offer/1/ 53 KB
2 KB 197ms
196ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/update-data.php?act=data-layer-update-config
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876a182122fde61f9e50d9a0b1f220cfaabf62d4c577c27944b5a46320ce7d30

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ez4jxuf%2BriPVjlKXsc%2FlJowKXzyKqVAq%2FuqwNtKJ2tl8rMYJhdfuqh0JYX37ZnZFgoYQRoIve4GN63SeS11JSstcMVkW%2FeQvBfNiip2fxWa0EdQtiMQ%2Fx%2FF8hmmaMwWHjQ94z8l%2FHJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c21bc9eb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 151ms
79ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-BFXEWPXKBT&cid=839351515.1713185935&gtm=45j91e4440v881947278z89179684221z9858053261za200&aip=1&z=785922253

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
63 B 25ms
24ms Image
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-BFXEWPXKBT&cid=839351515.1713185935&gtm=45j91e4440v881947278z89179684221z9858053261za200&aip=1
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _set_cookie
gtm-khd4rlt-owq2o.uc.r.appspot.com/ 48 B
48 B 416ms
415ms Image
image/gif 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm-khd4rlt-owq2o.uc.r.appspot.com/_set_cookie?val=6GGYfwR5akKJh2wnPCXUHVO%2F0eyjxrPEMtjCIwD5VZm58fz%2BmCs5GX3UcSKZs8my%2Fc3Du9i12CuyfWmMAdt8fhLT4S5O8r9lhyn3D13aDTOlUFK%2FGUKerpyGtepWi%2BJ0GcPm%2BM4P8ETuwvCjrssvs6KnrD3uMTXcUognzgKqU%2F42h0t9jtaz5wne%2BRwiL7lf7TbkzNK2cACo2xnIfBQEelRxIWhW42pp%2Bk26f8rCQoszA8fe%2FNk0MHusliwpfUKfHhn8NAbsJuR7yD%2BaVH9oL8IH937x83M%3D
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
53 B 108ms
36ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4440v881947278z89179684221z9858053261za200&_gsid=854HXQ4G4SNM6YMbeysoN05FtSLvA9CA
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 150ms
78ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-854HXQ4G4S&cid=839351515.1713185935&gtm=45j91e4440v881947278z89179684221z9858053261za200&aip=1&z=65103709

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
53 B 25ms
25ms Image
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-854HXQ4G4S&cid=839351515.1713185935&gtm=45j91e4440v881947278z89179684221z9858053261za200&aip=1
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
44 B 46ms
37ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4440h2v881947278z9858053261za200&_gsid=BFXEWPXKBTHh-eWLrkbsQbvJS6cLEQ7Q
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 89ms
81ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-BFXEWPXKBT&cid=839351515.1713185935&gtm=45j91e4440h2v881947278z9858053261za200&aip=1&z=1342958262

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK collect Show response
j.clarity.ms/ 34 B
407 B 433ms
216ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43378b030a7ae4837077c15e4ffef90699bc25b1d125935c8fa9c5dfb735c5a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 12:58:56 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://offer.buyvi-shift.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
44 B 27ms
26ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4440h2v881947278z89179684221z9858053261za200&_gsid=BFXEWPXKBTU5YwAY_iCrE76c81N-jnQw
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 75ms
74ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-BFXEWPXKBT&cid=839351515.1713185935&gtm=45j91e4440h2v881947278z89179684221z9858053261za200&aip=1&z=853746284

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _set_cookie
gtm-khd4rlt-owq2o.uc.r.appspot.com/ 48 B
48 B 187ms
186ms Image
image/gif 142.250.186.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm-khd4rlt-owq2o.uc.r.appspot.com/_set_cookie?val=DPTQ4A97eCtIX6LogncbyVirbHlw9hZArGFEsV%2BTDSjYZ0Mzpm3FUVrTCv5w2%2Fg44BwmOu8aZjj%2F9SxzP8myLHr%2FYPQKjSnOKHsTmF2RtDCdYLoxQs%2FqcGg9qOYs2vNpFg8yAJ56gkhnVBR0OGoF5OM3BL2p9qfO3V79pR1%2BKtQRcomkpwW3Aee9CA4q7km1ASjG7XsZXYoaFjM%2BVUZCFWEfreb7hI%2FKZhJUAoo7OatTwCopvv%2BxYbWUY20gXY9W881uw%2FIOS2%2FCOBmaRT8y6hzqnsir6lc%3D
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f20.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 collect
region1.analytics.google.com/g/s/ 0
16 B 22ms
22ms Image
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4440h2v881947278z89179684221z9858053261za200&_gsid=854HXQ4G4S2H6fqqiCsIpsYd9L2-vWyg
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 74ms
74ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-854HXQ4G4S&cid=839351515.1713185935&gtm=45j91e4440h2v881947278z89179684221z9858053261za200&aip=1&z=340799170

Requested by

Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3E567EA905B24F9684366BE459C5D007&RedC=c.clarity.ms&MXFR=3B5C98F21E5367AE17B68C901A5369EB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3E567EA905B24F9684366BE459C5D007&MUID=33CD19D4D21468E5330E0DB6D3D469FE

42 B
442 B

31ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3E567EA905B24F9684366BE459C5D007&MUID=33CD19D4D21468E5330E0DB6D3D469FE
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://offer.buyvi-shift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9352FC67453049BC96C83B2C5B375997 Ref B: DUS30EDGE0309 Ref C: 2024-04-15T12:58:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3E567EA905B24F9684366BE459C5D007&MUID=33CD19D4D21468E5330E0DB6D3D469FE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 204 conversion
www.mxj5trk.com/sdk/ 0
0 137ms
137ms Fetch 34.117.205.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mxj5trk.com/sdk/conversion?effp=943a010e45644fb67be96ead688e94bf&sec_ch_ua_platform=Win32&sec_ch_ua_platform_version=10.0.0&sec_ch_ua_model=&transaction_id=&aid=503&adv_event_id=1&event_source_url=offer.buyvi-shift.com
Requested by: Host: www.mxj5trk.com
URL: https://www.mxj5trk.com/scripts/sdk/everflow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.205.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.205.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 12:58:56 GMT
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
access-control-allow-origin: https://offer.buyvi-shift.com
access-control-allow-credentials: true
x-eflow-request-id: bf6e59b8-1c95-41ed-b7ce-bd479b7fbc21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 favicon.png
offer.buyvi-shift.com/offer/1/app/desktop/images/ 3 KB
4 KB 184ms
184ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/app/desktop/images/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ca7a5ce7ef193335b81ed0a28de7d7c1ec86e5837eb81042904ca199f1c21b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 15 Apr 2024 12:58:56 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Apr 2024 11:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661d1387-d37"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0oUluYQvcy%2BH%2BgA53YC6oXmWJb81IFdGX2Pq%2BbiG18BtNrrHwHVdB0iptSftdpiuwk5W8NZwMjb3GmWmLWAXyXzQLCCX2oPtAHBB1RtT2KcDlhRmAfADs4wDdRmbNjiHWuIiayddMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 874c1c246916b939-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3383
expires: Wed, 15 May 2024 12:58:56 GMT

POST
H3 200 update-data.php Show response
offer.buyvi-shift.com/offer/1/ 53 KB
2 KB 189ms
189ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.buyvi-shift.com/offer/1/update-data.php?act=everflow-update-config
Requested by: Host: offer.buyvi-shift.com
URL: https://offer.buyvi-shift.com/offer/1/assets/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c12be8beb70ae238d2855cbe10e39a78a5d5bae922aa5a55ac445a0cd5b556

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 12:58:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xi0vvcximEYLeTQglOYJ3qE2R9%2F2l1r23eZIH0EZtYpAYFt1WmPbKmwSLMY5TDXb%2BI9wlvIaIhl5wruXYGwLLXgBBFRy%2FicFnO3aBjIRKBaEUS5SAT6wpHn5G6WfZnjTDwPmDZ8tRZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 874c1c254a6eb939-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
301 B 103ms
103ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://offer.buyvi-shift.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://offer.buyvi-shift.com
Date: Mon, 15 Apr 2024 12:58:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offer.buyvi-shift.com/offer/1/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9c9e32d8ab565e2d8fbf953f40868966
.offer.buyvi-shift.com/	1970-01-21 04:40:08	Name: _vwo_uuid_v2 Value: D2E4C7BB510BCD2F4DEBAB23199363085\|eef7438349eb4f7c3761f1a7ffa2bd5a
.offer.buyvi-shift.com/	1970-01-21 05:29:05	Name: __utma Value: 139394541.1366987602.1713185935.1713185935.1713185935.1
.offer.buyvi-shift.com/	1969-12-31 23:59:59	Name: __utmc Value: 139394541
.offer.buyvi-shift.com/	1970-01-21 00:15:53	Name: __utmz Value: 139394541.1713185935.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.offer.buyvi-shift.com/	1970-01-20 19:53:06	Name: __utmt_UA-156182996-152 Value: 1
.offer.buyvi-shift.com/	1970-01-20 19:53:07	Name: __utmb Value: 139394541.1.10.1713185935
.buyvi-shift.com/	1970-01-21 05:29:05	Name: _ga Value: GA1.1.839351515.1713185935
.buyvi-shift.com/	1970-01-20 22:02:41	Name: _gcl_au Value: 1.1.1298166087.1713185935
www.clarity.ms/	1970-01-21 04:38:41	Name: CLID Value: 591e476de5f14f4e852054e5af556fce.20240415.20250415
.buyvi-shift.com/	1970-01-21 04:38:41	Name: cf_clearance Value: PfiJ3wWN1FzUTX5YnISDmw0sbmxtGuXq5_36wKD5q.M-1713185935-1.0.1.1-ylNxJm6NTzLxLkaK1jJ4kib17qAP8ytQQH9a4ASBG4kcVk3UjCezWwT_k0W9VRp8gBVnkK3OPtjKRcCMpjznIg
offer.buyvi-shift.com/	1970-01-21 05:29:05	Name: __kla_id Value: eyJjaWQiOiJOR1psT0RWa01URXRZbUUxTmkwME1ERmpMV0ptTnpRdFlqWmtZMkZsWVRsaU5tVTMiLCIkcmVmZXJyZXIiOnsidHMiOjE3MTMxODU5MzUsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vb2ZmZXIuYnV5dmktc2hpZnQuY29tL29mZmVyLzEvY2hlY2tvdXQtbm93LXYyLnBocCJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcxMzE4NTkzNSwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9vZmZlci5idXl2aS1zaGlmdC5jb20vb2ZmZXIvMS9jaGVja291dC1ub3ctdjIucGhwIn19
.buyvi-shift.com/	1970-01-21 05:29:05	Name: _ga_BFXEWPXKBT Value: GS1.1.1713185935.1.0.1713185935.0.0.1533439769
.buyvi-shift.com/	1970-01-21 04:38:41	Name: _clck Value: 15lp6os%7C2%7Cfky%7C0%7C1566
.buyvi-shift.com/	1970-01-20 19:54:32	Name: _clsk Value: gj2oc9%7C1713185936193%7C1%7C1%7Cj.clarity.ms%2Fcollect
.bing.com/	1970-01-21 05:14:41	Name: MUID Value: 33CD19D4D21468E5330E0DB6D3D469FE
.c.bing.com/	1970-01-20 20:03:10	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:14:41	Name: SRM_B Value: 33CD19D4D21468E5330E0DB6D3D469FE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:14:41	Name: MUID Value: 33CD19D4D21468E5330E0DB6D3D469FE
.c.clarity.ms/	1970-01-20 20:03:10	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:53:06	Name: ANONCHK Value: 0

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-duotone-900.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-solid-900.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-solid-900.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-duotone-900.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-solid-900.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-duotone-900.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-brands-400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-brands-400.woff Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://offer.buyvi-shift.com/offer/1/app/desktop/fonts/fa-brands-400.ttf Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.buyvi-shift.com/offer/1/checkout-now-v2.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buyvi-shift.com
c.bing.com
c.clarity.ms
code.jquery.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
gtm-khd4rlt-owq2o.uc.r.appspot.com
holidayofferbadges.s3.amazonaws.com
j.clarity.ms
maps.googleapis.com
maps.gstatic.com
offer.buyvi-shift.com
region1.analytics.google.com
ssl.google-analytics.com
stackpath.bootstrapcdn.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
www.buyvi-shift.com
www.clarity.ms
www.google.com
www.google.nl
www.googletagmanager.com
www.mxj5trk.com
104.18.11.207
142.250.184.228
142.250.186.148
151.101.130.133
172.217.18.10
188.114.97.3
20.85.30.134
2001:4860:4802:32::36
216.239.32.36
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::2014
2a00:1450:400c:c1f::9b
2a04:4e42:400::649
34.117.205.107
34.96.102.137
52.216.50.73
68.219.88.97
0193c254609fe51904688e0fda17aee88e6b3fd74fe7b0f889dd8b76ca2d3550
05b05b33504691c201633b28bb30b6b7ce47ec3c63673024ad1f15eb31ab0f1c
06d214e3b676bdb8f1211fc3831f78ca92cfc5887dfa0aafaf9cb180b3acaf97
09048b15fbd7d6f712c4c85a7ddc7319a73dde5b7691da9effab476ee1aa2965
094b0f51df4796748847898acf142a8d96122059e557931405f5126f0bf4e6a0
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a5f60ac47b74c8383eff331700df2801bb7a994d1a99cc0ad0c836c77bf7018
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
133cfc7312f40732b78ac43805d9008cd74914d9ddee58491dbe713c8ff576f0
176c05f93cde675289dedf9c784b9cb037f1840980454024667ef964b4dc9035
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c4a2a9b6ae775718737c3d7efac03dcfe9333282bda446bed4542e9809fedf9
1d99d0e4bf8e5ea2e896e8692f4994c519f07e35a43b534b24a583e3a8f04d75
1e821a984aa1ef954cba20fe2ebe4c06f016de90b707c87fc186e0a3d468fd49
22a6fa93e0a77d3bff93d1af736f537826f043ce0826956e5b3a28e270d3cd5e
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
248944a75be90143537233c41b7a29cbcb88f6c0644b86e93fd222dd1f0e9e2e
2bb331b184d6ba98290dc7fbfa53e5ed36ca2fd7cbcbed17c1c428e060d60d4a
323a2cc5e93dc46485e70e83c37ef3f1d4c8ac691eb8a6a2b7a5c33c2d344e49
34bdbc24a32f7d11b673e014b46efef065e5fbc7d3c83ba8a75386fa71c3fdbd
34ed2e2f3b2f4d741cf4e5ed2da19a51293f6a7f5fecc8574822f1d635faa198
3a28af5b69a01811deb80974f23f7d6ac7e6260e9a0ec7074e24666dfa63f0a6
3ab5788a52c215b0220c89717c11a34f5666d013418e375a6de9ece7b456ab3b
3ba9fd9536687f6dcd017425312149c9e29c2cb8d3d981aeeeecc85e36e0550b
3c24cc8f4ccdd217d64848d0078fd4a5826121a628b60f935eb9640b00073796
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
43378b030a7ae4837077c15e4ffef90699bc25b1d125935c8fa9c5dfb735c5a6
446c8d51c05ddebabe23051dbab2aa2e2d33c9d638a7d0baccdfe1db247f18ba
482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee
4ca9e73a883e45ab6fac4004d79d3c6515ffddebbfd996f4db8be65660dc5903
4e74d51df9e880731f844687b2799027b532dc2db6049fdd479ec3f14a37223b
5181e2c420fc86d195e5cb169bef7f067114ad97de24432198875fb48cd26b34
575b2b383474606bcd11802527835c93cc1de6cb326b895bfe4ce75e0d11cfb7
5e00405228d32a6313f875d22f53fc45f0a4d334b550cdb1e311f4c5ea51b161
5e2975080484cbd155df2640cf883b661d04c8d800b73d763d493445640326cb
5f0969b87c032bc6b73e0137eee5ca9fc8cf6652e6f5f06e75a0d9014bde2636
5f1244ad8407cdf78f66d659fd9f0a2a266d08ef72cc04a13dbb14aefa6ff906
5f803cb4d2766f5773004b575b909289ba6db7f35edf6edd88ce8e07daf5910b
62649494183f2d8235f876b9a400c80f9afb1bb8daeb9a9a87ca9fb5e7644a4b
68062d0771e414c7cd9068a6dae2d79a9b1df72e06963ab0a2b9285372e2341a
6838044d4396017c2a529fe6a3bce0f8a70b34f6a5b5e5e7955d45302249d309
6c8e591e72a475eda9a69cd2b2bd43858c341ce1c4549cad54a09a4be6307be1
717c1e30a97c59911b5c41462d952f0cc70536a09878e57cd50ea6c3dbcd4b01
7e7786d36c133dcc4e0761a10d33ff9fdb165e8cc7b07749c320b640b84bbcd6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8484fc00338ac357241a13b1638a5084d4bcbc4354979d9e5cfae91c32ad4b8d
84890dc47620c96effd9ae424a671539bc47c886e2991824edb6be8394eb65fa
861c0728af5858402432d2ab442aec334ca07d55ce03a8f3d78288f4c42e9d2b
876a182122fde61f9e50d9a0b1f220cfaabf62d4c577c27944b5a46320ce7d30
87e83aaaf7cff2f976e88f64a75275ba4e7ccf4d3bbb249f1749e4fdff7bd01d
8806fd0b2e8a7d0421894ef684a2f9b629024c6cf29990097bdc040a113c40c8
8853b645df6075f5e0e6bf5777a9c289512d6157f3c0aa496bc91e6e9e00063f
8a15253c07f1d217ece4fbe35f175cf3fa67564c963c7ba5ee8731064945caa8
8aa6de5ebb341a26e46128bbc80bd7118174a8f3d74cb7c36acc9910de150752
8b58606318cab6f933e2f7159f495e0b6fdde1950da42d0d4b14a906f8f1dead
8e919974cf04ccac895e49428b62312ca8d7ff8d64338a8aef7599cf2396bd27
8e9d5685830ce546418924c415688d4cccff059e86d82072a905553938625cb1
8ef95a4f3669c8d75c88a9ccc6fce6ae63e80e3a643fc76ca3ed7b8c594e39c0
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
93dc8199107c2e70bba0e30bedae80dc070a70ce52f9d94070d96c5a52a0762c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9d11ca261fecc78ba760d242eb8eef82b42820fe8eed69a27461f9b5dc8326
9c0832bb9c5b4b28a4480ec6364378128559528b20d6d36326472d487f8d7d79
a63ab6b70102807c70d8a3275f394605bafdcaf0abc01b2b25fd6dd66f3552cf
adc5b81d103945a02546d969cfc50c074d2717811f6353910c4131fa8f60124e
b38bb9b5a0c37a13ac04942f9fca1feb9af1b7adac3a7f0dbce02ca722a91f64
b5cb19b6f35feef30d8d83360f46d4d57ad64a635d941c53e934b749a295cb9c
c16172312e3412bfa69f1ad4c494c46bb3074587f0488e76addbd61a8ccff78c
c1b9a05b09dfdbda80e5a007582d94069a582da1ea93452f77230e85fb1197b5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca44bf68e4ada9e0c5915c8f5bc53d95f5d4d76173dafd8a2f878a8581f87433
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cd8e71391f32cd69edfec8b751f9e3e282ecbf5544818cb1bb817bf4b8bd48ab
cec1368e32055a867668be19462010bd22d3630abb70ef9405c3d56d116d3bd0
d19b9d2b3703c852a555c7a647d341132874bdd69c3364d4f6fd87d4610cd183
d1c12be8beb70ae238d2855cbe10e39a78a5d5bae922aa5a55ac445a0cd5b556
d2ca7a5ce7ef193335b81ed0a28de7d7c1ec86e5837eb81042904ca199f1c21b
d83d3eb01df31974d0df0e8cff11f50e2f8ee91f2fc9c5f656d283ddf123ed42
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dc369260aab7bbd9b429f0dce3d6a9a9f2d5a37fb91efdcc233e1635f5867b56
dfd6dfbf348462f8e35aac00960d50d182a964d6a35e6cce108530179b913bba
e11e98806bd576e375389611aba1dc7eb97762444ecb541897ad30bd8f8fffb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c52bcf6c2dfbcaee25d0a18eb5f5a97c0bf949b95183c03942a46c49dab502
f5f76e00aa49c85cd7f7c5259ef14d1a248f7e3e086e63b8f6efb44c635c6723
f7e0f8b3567392e3f64bba6e073627c5a5ba978f4d98cec629fd32df4b5d6c97
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83a5c0cbf1941ff26a6ca8b39f94cdc56a14fc0b64b1fa56c0f5317b7811582
fa672a46016ee238e1ac89bed123f1ec03c3ba0746d54259ece77e3531292832
fb4fccd3d6b9acc5c8e6903915f1b53d1c0abe6218adcb3add52d7b044ef7b58
fd6f215cb3909ac889cca094c0e80e82b50f7b9a49e8c8fad2aacee610ba8c13
fe3b97b3c1e7e367a489cfda3c2c3321eb0225aad7839b1cd110f343b6992767
fec88175c43b57ceb57a85635e11edb8fcd0a94a20de830b7de528540aa40a84
ff458c77d2072839fe7d560899726fc8377ab994f213b9b168bf003b20da5d01

offer.buyvi-shift.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

98 %HTTPS

52 %IPv6

17 Domains

25 Subdomains

24 IPs

6 Countries

1825 kBTransfer

4725 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offer.buyvi-shift.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

98 %
HTTPS

52 %
IPv6

17
Domains

25
Subdomains

24
IPs

6
Countries

1825 kB
Transfer

4725 kB
Size

22
Cookies

135 HTTP transactions
1 data transactions